FireMon is really giving away basic, enterprise-scale Cloud Security Posture Management (CSPM) for free, no strings attached. Because we can, and because we should.
Remember when you had to buy antivirus for your shiny new computer before you dared use it? Remember how that felt? There’s a reason Microsoft and Apple started including built-in antimalware into their operating systems. No one likes having to spend more money just for basic safety.
A few weeks ago we launched FireMon Cloud Defense Free-Tier. Our announcement post not only covered the how, but the why. Yes, it’s really free, it’s really enterprise scale, and there are really no strings (or spam) attached. We think it’s just as important to share our motivations as it is to describe what the platform does.
When we started building a cloud security product 5 years ago, we recognized the importance of identifying security misconfigurations, but we also saw that as something we assumed would be built into all the cloud platforms and vulnerability scanners, just as antimalware is now built into operating systems. To us, the real meat of cloud security was going to be in the harder problems, like remediation, intelligent prioritization, and change management. Finding basic misconfigurations is table stakes for cloud security and so fundamental and straightforward that it really isn’t differentiated.
Flash forward and CSPM still absorbs the majority of cloud security budgets, even when you only want the basics, and companies struggle to find cost effective options. The cloud providers still charge for their own CSPM. There are Open Source tools, but those take a lot of effort and knowledge to scale when you have to manage more than a cloud account or two. And if you want multi-cloud support, you have to start calling commercial vendors.
This is why we are giving our basic CSPM away for free. There’s no meaningful differentiation in basic misconfiguration scans, and thanks to our architecture, we can run them at very low internal costs. There is no reason people and organizations should have to pay for basic safety, no matter how many deployments they manage.
So what’s our motivation?
We know some percentage of Free users will move onto our paid plans. We think we have some awesome and highly differentiated capabilities, like a change-tracked inventory and real-time assessments. The more people see those the better, but adding arbitrary time or account limits won’t be what makes you move to a paid plan.
And lastly, we actually care about contributing to the community. Our team has a long history of security community involvement and releasing free resources and tools where we can, both before and during our time at FireMon. We think enterprise scale CSPM for free can help a heck of a lot of people.
Why not Open Source? Because our platform is kinda complex on the back end. We aren’t looking for free labor to write our code for us, and you can set up Cloud Defense Free-Tier within a few minutes and not worry about maintaining Lambda concurrency or DynamoDB capacity. We can afford to do this, at scale, so there’s no reason to make you do the work.
Check it out and sign up here. Send us your feedback, good or bad, because that’s what we get in return. Tell your friends.
We can’t eliminate every security tax, but we just killed off this one.