Remediation Feature

Select Fire™: Remediation on Your Terms

Three remediation modes: Safe, Semi-Auto, and Full-Auto. Switchable per-finding based on operational confidence.

Fix it manually and the backlog never shrinks. Automate everything and something breaks at 2 AM. We built Select Fire because the answer isn't either-or.

The real world doesn't work in absolutes. Some findings are safe to auto-fix right now. Others need a human eye, and some need a full war-room review before anyone touches them. So why do most tools force you to pick one approach for everything?

Safe Mode remediation output showing risk analysis and generated rollback script
Safe Mode: full risk analysis, remediation script, and rollback instructions. You read every line before anything runs.

How It Works

Three modes. You pick per finding.

Safe generates the remediation script with full context and rollback instructions. You read every line. Nothing runs until you say go. This is what you use for anything touching Domain Admins, Tier-0 assets, or that one service account everyone is afraid of.

Semi-Auto stages the fix and waits for one-click approval. The script is ready. The rollback is ready. You glance, you click, it's done. Good for the mid-tier stuff where you trust the logic but want a human in the loop.

Full-Auto handles the obvious wins. A user account that hasn't logged in for 400 days? Disable it. An expired group membership still hanging around? Clean it up. These are well-understood actions with clear guardrails. Let the machine handle them while your team focuses on the hard problems.

The point is you don't have to pick one mode for your whole environment. Use Full-Auto to drain the backlog of stale accounts. Use Safe for anything that makes you nervous. Graduate findings from Safe to Semi-Auto as you build confidence. That's how real teams actually work.

What This Gets You

  • Your backlog actually shrinks. Full-Auto handles the easy stuff while you focus on the hard stuff.
  • Nobody gets woken up at 2 AM because a bot went too far. Guardrails are per-mode, per-finding.
  • Every generated script includes the rollback. Every one. Non-negotiable.
  • You build trust in the automation gradually instead of flipping a switch and hoping.
  • Backlog burn-down becomes a reportable metric. Show the board remediation velocity, not just findings count.

See how it works in the AI Remediation guide.

Request Early Access