Pricing
Custom enterprise contracts
TrustFix is invitation-only while we onboard our first enterprise customers. Tell us about your team — cloud(s) in scope, security review timeline, expected user count — and we'll respond within two business days with terms scoped to your environment.
What's in every engagement
Detect across 5 platforms
451 detector implementations spanning AWS, GCP, Azure, GitHub, GitLab, and Bitbucket — across IAM trust policies, RBAC bindings, custom roles, CI/CD pipelines, and Workload Identity Federation.
Validate with formal verification
Every fix passes through 8 sequential validation stages, including Z3 SMT-LIB proofs of narrowing-direction invariants over a cross-cloud canonical IAM model.
Ship as pull requests
Native PR delivery to GitHub, GitLab, or Bitbucket. 18 cloud × host × fixKind combinations operational. 450 pre-validated templates.
Encrypt every credential
AES-256-GCM with per-tenant data-encryption keys. organizationId is bound into the encryption context so a database breach cannot decrypt cross-tenant ciphertext.
Audit-grade compliance
6-section SOC2 evidence export with HMAC-signed download URL. SAML 2.0 + OIDC SSO via Clerk. Per-customer entitlements. Customer audit log with configurable retention.
Talk to us
Two business-day response. No sales playbook — the founder reviews every submission personally.