Can automated actions make changes to our production environment without approval?

That depends on your configuration. By default, actions that modify state require human approval. You can selectively enable automatic execution for validated playbooks, approved action types, and defined targets. Nothing runs outside your configured allowlists.

What happens if an automated remediation fails?

The platform escalates to a human operator with full context: what was attempted, what the result was, and what the current state is. Failed remediation attempts are never silently swallowed.

How does Martin handle permissions?

Martin operates under the caller’s actual RBAC role. If the caller cannot perform the action in the web interface, Martin cannot do it on their behalf. Medium-risk actions require a second approver, and high-risk or out-of-scope actions are blocked entirely.

Can we disable specific types of automated remediation?

Yes. Every consequence type, playbook, escalation path, and just-in-time response is independently configurable. You can run in monitor-only mode and enable enforcement incrementally as you build confidence.

Does this work with our existing tooling?

Yes. Fig governs and orchestrates your existing tooling rather than replacing it. Playbooks can call RMM, PSA, identity, cloud, backup, and security tooling via integration or webhook, then capture the full outcome in the same audit trail.

Agentic Remediation

The Challenge

Does this sound familiar?

A control fails on Tuesday. An alert lands in an inbox. By Thursday, someone creates a ticket. The following week, an engineer investigates. Three weeks later, the fix is applied, but nobody updates the compliance register and the auditor finds the gap six months on.

How Fig Helps

Agentic Remediation with Fig

The workflow starts with your policy variables and ends with an auditable corrective action. Fig turns policy intent into enforceable logic, watches for matching events, executes the approved remediation path, and records the evidence automatically.

01

Policy Set

Framework and policy variables define what should happen when the control fails.

02

Integration Event

A live signal from cloud, identity, endpoint, or security tooling breaches that rule.

03

Automated Fix

Fig runs the allowed remediation path directly or routes it for approval.

04

Evidence Logged

Trigger, action, approvals, timestamps, and outcome are written to the audit trail.

Closed-Loop Remediation

When a control fails, Fig does not raise an alert and wait. It determines the appropriate response, creates the remediation artefacts, assigns the work, and where your policies permit, executes the fix directly.

Voice-Driven Remediation with Martin

Martin, Fig’s voice-enabled AI agent, gives authorised teams conversational access to remediation workflows. Read-only queries execute immediately, reversible actions require confirmation, and medium-risk changes require independent approval before execution.

Fig workflow from policy generation to automated remediation and evidence logging

Core Capability

Fig has a voice-enabled AI agent that filters out small and low-risk client requests when they call or raise a ticket, so routine remediation and service actions can be handled immediately without pulling engineers into every interaction.

Zero-Touch Playbooks

For MSP and security operations teams, playbooks can create incidents, notify owners, call RMM tooling via webhook, execute remediation scripts, verify the result, and escalate automatically if the fix fails.

Tamper-Evident Audit Trail

Every automated action captures the trigger, policy authority, target, approvals, timestamps, and outcome. When an auditor asks who changed what and why, the answer is already there.

Built For You

Who uses this?

MSPs & MSSPs

Zero-touch playbooks handle routine remediation across every client, with escalations only when the automation cannot safely close the loop. Your team spends less time chasing tickets and more time on exceptions that actually require judgement.

Learn more

Security & Risk Teams

Compliance posture does not decay between audits. Failures create tracked remediation immediately, hard controls can block unsafe operations, and validated playbooks can execute containment or corrective action under policy.

Learn more

Compliance & Audit

Every remediation step is linked to the triggering control, the governing policy, the approval path, and the final outcome. That gives auditors a complete evidence chain from failure through correction and verification.

Learn more

Respond

Common questions

See Agentic Remediation in action

Book a walkthrough tailored to your frameworks and tooling.

Request a Demo

Agentic Remediation

Does this sound familiar?

Agentic Remediation with Fig

Policy Set

Integration Event

Automated Fix

Evidence Logged

Closed-Loop Remediation

Voice-Driven Remediation with Martin

Zero-Touch Playbooks

Tamper-Evident Audit Trail

Who uses this?

MSPs & MSSPs

Security & Risk Teams

Compliance & Audit

Related solutions

Incident Management

Vulnerability Disclosure

Common questions

See Agentic Remediation in action