Pricing

Custom enterprise contracts

TrustFix is invitation-only while we onboard our first enterprise customers. Tell us about your team — cloud(s) in scope, security review timeline, expected user count — and we'll respond within two business days with terms scoped to your environment.

What's in every engagement

  • Detect across 5 platforms

    451 detector implementations spanning AWS, GCP, Azure, GitHub, GitLab, and Bitbucket — across IAM trust policies, RBAC bindings, custom roles, CI/CD pipelines, and Workload Identity Federation.

  • Validate with formal verification

    Every fix passes through 8 sequential validation stages, including Z3 SMT-LIB proofs of narrowing-direction invariants over a cross-cloud canonical IAM model.

  • Ship as pull requests

    Native PR delivery to GitHub, GitLab, or Bitbucket. 18 cloud × host × fixKind combinations operational. 450 pre-validated templates.

  • Encrypt every credential

    AES-256-GCM with per-tenant data-encryption keys. organizationId is bound into the encryption context so a database breach cannot decrypt cross-tenant ciphertext.

  • Audit-grade compliance

    6-section SOC2 evidence export with HMAC-signed download URL. SAML 2.0 + OIDC SSO via Clerk. Per-customer entitlements. Customer audit log with configurable retention.

Talk to us

Two business-day response. No sales playbook — the founder reviews every submission personally.

By requesting access you agree to TrustFix's Privacy Policy and Terms.