Fixinator and Foundeo Security Bundle

May 14, 2019
coldfusion

I'm pleased to announce that Fixinator and the Foundeo CFML Continuous Security Bundle are both avaliable to purchase.

What is Fixinator?

Fixinator is a CFML security code scanner that can not only find security issues in your code it can also help you fix them (hence the name). Take a look at the screenshot below to see how it works:

fixinator demo

Fixinator is looking for all sorts of CFML specific security vulnerabilities in the code. Working as a ColdFusion security consultant over the past 10 or so years, I have conducted dozens of reviews of real world CFML code and systems. Fixinator attempts to bottle up as much of that experience as possible and bring it to your fingertips.

Not only does Fixinator look for security vulnerabilities in your own code, it can also detect security vulnerabilities in third party CFML code (for example if you are using an old FCKeditor with a file upload vulnerability, etc). JavaScript libraries and jar files in your codebase are also checked for known third party vulnerabilities.

What is this Continuous Security you speak of?

Continuous security is a method of adding automatic security checks. Security experts find that when you bring security tools closer to the developer less security vulnerabilities exist in the code.

Fixinator fits well into this model, you can easily set it up to scan your code every time you commit to version control. It doesn't matter if you are using GitHub, GitLab, Bitbucket, any other git provider or even a subversion repository it is pretty easy to setup (and Foundeo is happy to help you set it up). Here's a few examples of setting up Fixinator in a continuous integration pipeline using a few different providers:

Here's an example of setting up an Azure DevOps pipeline that runs Fixinator:

Azure DevOps Pipeline Fixinator

What is the Foundeo CFML Continuous Security Bundle?

With the addition of Fixinator, Foundeo now has 3 CFML security products: FuseGuard, HackMyCF, and Fixinator. There are already several companies that have purchased all three tools, so it only made sense to offer a bundle where you can get all three tools at a discounted price. Pricing for the bundle starts at $96/month.



Related Entries

This entry was:

Post a Comment




  




Recent Entries



foundeo


did you hack my cf?