Got an idea for how to improve Secfix?

Share it with us, and upvote other users' ideas.

MCP server for the Secfix platform

We would like to connect an AI assistant to the platform and programmatically pull compliance data. Problem / use case: The customer is preparing for ISO certification. They want to pull platform data — policies, controls, and related artifacts — into their AI workflow, then auto-generate a detailed requirements-and-preparation plan for the cert. They also want to push the output into Jira (e.g., create a ticket documenting the requirements and prep plan). Today this is manual. Proposed capability: An MCP server that exposes Secfix data (policies, controls, frameworks, evidence) as queryable resources/tools for MCP-compatible AI clients. Read access at minimum; optionally write/action support for downstream integrations (e.g., creating Jira tickets from generated plans).

Srinivas Sambari about 1 month ago

1
💡

Feature Request

Feature Request: Include Vendor Address Information in Vendor Export

Proposed Solution Add vendor address information (or at minimum vendor location/country) to the Vendor Export. Problem We frequently use the Vendor Export as part of security questionnaires, customer onboarding processes, and audit preparations. While the current export provides a list of vendors, it does not include vendor address/location information. Many customer due diligence and security review questionnaires require not only the vendor name but also information about where the vendor is located. As a result, we currently have to manually open each vendor record and copy the address information into the exported vendor list.

Oliver Broszat 21 days ago

💡

Feature Request

Wiz Integration | CNAPP (Cloud-Native Application Protection Platform)

We use Wiz as our cloud security platform and would like to see a native integration with Secfix. Wiz already contains relevant cloud security posture, monitoring, and control evidence, so being able to sync this information automatically into Secfix would reduce manual evidence collection and make audit preparation more efficient. This would also help us demonstrate our cloud security controls more clearly during ISO 27001 audits. We’ve also noticed that similar compliance automation platforms already support Wiz integrations, so having this available in Secfix would provide significant additional value for teams using modern cloud security tooling.

Matt Sleeman 2 months ago

💡

Feature Request