Security posture. No guesswork.
Upload a firewall config, get actionable findings with vendor-specific CLI remediation. Start free — no credit card required.
Trial
No credit card required
Get started with 2 free scans. No credit card required.
2 scans total · 2 firewalls
- 2 free scans (ever)
- Basic findings (limited)
- Critical finding details
- AI summaries
- Attack path map
- Evidence package
- Threat simulation
Starter
Full findings and attack path analysis for growing teams.
10 scans/month · 3 firewalls
- 10 scans per month
- Full findings
- 5 AI summaries/month
- Attack path map
- 3 firewalls
- Evidence package
- Threat simulation
Pro
Unlimited scans, evidence packages, and threat simulation.
Unlimited scans · 10 firewalls
- Unlimited scans
- Full findings
- Unlimited AI summaries
- Attack path map
- 10 firewalls
- Evidence package
- Threat simulation
Enterprise
Unlimited firewalls, custom integrations, and dedicated support.
Unlimited firewalls · Custom SLA
- Unlimited scans
- Full findings
- Unlimited AI summaries
- Attack path map
- Unlimited firewalls
- Evidence package
- Threat simulation
Your config never touches our storage. Raw config files are parsed in memory and immediately discarded. We store only normalized findings — no raw configs, no IP addresses, no credentials. How it works →
Everything in the box
Full feature breakdown across all plans
| Feature | Trial | Starter | Pro | Enterprise |
|---|---|---|---|---|
| Scans per month | 2 total | 10 | Unlimited | Unlimited |
| Firewalls | 2 | 3 | 10 | Unlimited |
| Full findings detail | Partial | ✓ | ✓ | ✓ |
| Critical finding details | — | ✓ | ✓ | ✓ |
| AI executive summaries | — | 5/month | Unlimited | Unlimited |
| Attack path map | — | ✓ | ✓ | ✓ |
| Evidence package | — | — | ✓ | ✓ |
| Threat simulation | — | — | ✓ | ✓ |
| Scheduled re-scans | — | — | ✓ | ✓ |
| Backup targets | 3 | 10 | Unlimited | Unlimited |
| Bulk firewall import | — | — | ✓ | ✓ |
| Custom integrations | — | — | — | ✓ |
| Dedicated support / SLA | — | — | — | ✓ |
Frequently asked questions
- What counts as a scan?
- Each config file you upload and analyze is one scan. Re-scanning the same firewall after a config change is a new scan. Scans that fail due to a parse error do not count against your limit.
- What vendors are supported?
- Fortinet FortiGate, Palo Alto Networks, Sophos (XML and PostgreSQL dump), Check Point R80+, Check Point Gaia, and Cisco ASA. More vendors ship regularly.
- Does CRWLR store my firewall config?
- No. Your raw config file is parsed in memory and immediately discarded. We store only normalized analysis results — policy structure and finding details. No raw configs, no IP addresses, no credentials ever touch our database.
- Can I upgrade or downgrade at any time?
- Yes. Upgrades take effect immediately. Downgrades take effect at the next billing cycle. No lock-in.
- What is the Evidence Package?
- A signed export bundle (PDF report + CSV findings + SHA-256 hash manifest) suitable for compliance audits, insurance reviews, and pen test remediation tracking. Available on Pro and Enterprise.
- What is Threat Simulation?
- Run simulated attacker scenarios against your firewall posture — 10 built-in threat profiles (ransomware, lateral movement, data exfiltration, etc.) plus custom profiles. See exactly which policies a specific threat class would exploit. Pro and Enterprise only.
- Do you offer volume discounts for MSPs?
- Yes. If you manage multiple customer firewalls, contact us at contact@crwlr.io — we offer per-tenant pricing and white-label report options for managed security providers.
- Is there a free trial of Pro?
- The Trial plan gives you 2 full scans at no cost — enough to see the platform in action on real configs. For extended Pro evaluation, contact us.
Ready to audit your firewall?
2 free scans, no credit card. Takes about 60 seconds.