Experience client-centric excellence at FormOptix, where your needs always come first and our support is ready to serve!
Embark on this journey with us and witness the transformative impact of FormOptix AI on revolutionizing code security and product management.
Welcome to FormOptix, where we spearhead a groundbreaking transformation in code security and software product management with our state-of-the-art SaaS platform seamlessly integrating AI technology. Our comprehensive suite of tools optimizes the entire CI/CD, software, and product development lifecycle, encompassing roadmap planning, code management, quality assurance, testing, and automated remediation of SAST, SCA, and DAST vulnerabilities.
Documentations
We’ve assembled a set of questions and corresponding answers to address the needs of our entire customer base.
FormOptix QuickStart
Registering with FormOptix is a straightforward process and you’ll find a comprehensive step-by-step guide in this article.
To bolster the security of your account, we’ve incorporated the NIST CSF framework. We kindly ask for additional information to reinforce security measures. Rest assured, the safety of your data is our foremost concern and we are dedicated to maintaining a secure environment for your peace of mind.
Fill out the registration form with the required information, such as:
- First Name, Last Name
- Organisation Name,
- Title
- Email Address,
- Username
- Desired password
Review the terms of service and privacy policy, if provided, and agree to them.
Click on the “Submit” button.
Once your account is successfully created, you will navigate to login page and as you login with the registered Username and Password, you will be asked to verify the provided email address
Account Verification over Email
Verify the FormOptix verification email with the follow steps:
- Click on Login button
- Fill up registered Username and password
- As soon as you click on ‘Login’ , it will ask you to verify your email Address
Once you click on “Very Email” url link, you will get a message similar to the below:
YOUR REGISTRATION HAS BEEN CONFIRMED!
MFA is a hard requirement to use FormOptix
Multi-Factor Authentication (MFA) is mandatory for all users to access their FormOptix accounts. Afterward, kindly click the Submit button, and it will prompt you for the MFA Code. To generate Multi-Factor-Authentication code, you will need:
Multi-Factor-Authentication Application
- To set up your Multi-Factor Authentication (MFA) account, you can use your favorite MFA mobile app or choose between Duo and Google Authenticator. Both options has been extensively tested and validated.
- To install Duo or Google Authenticator, follow the instructions to download and set up the app on your mobile device.
- After finishing the download, open the application on your mobile phone and scan the QR code with your authentication app to set up a FormOptix MFA profile.
Login and start to create your projects
To create a Project, please enter the following details:
- Project Name
- Project Description
- Cloud Service provider (to choose a service such as AWS, Azure, or GCP).
Upon selecting the Cloud Service Provider, the system presents Source Version Control Systems options, encompassing:
- AWS CodeCommit
- Github
- Bitbucket
- Gitlab
As an illustration, suppose the user intends to establish a Project with Github as the chosen Source Version Control system. In such a case, they must opt for the ‘Github’ choice from the list view.
In this situation, we provide the opportunity to input the “Repository Owner” for an individual or a Private repository. Conversely, if the repository is linked to an Organization, the user should activate the option requesting the “Organization Name.” This ensures that the relevant authentication details align with the project’s configuration.
GitHub Connection
After configuring the project, you can commence the task of creating issues and allocating them to either your team members or the StormAI, your AI assistant. This approach aids in optimizing your workflow and fostering effective collaboration among team members.
- To create a Project, provide a Project Name, a very detailed Project Description and select your Cloud Service Provider such as AWS, Azure, or GCP.
- Next, select your Source Version Control System and enter an Org Name
At FormOptix, we support known repositories such as Github, AWS CodeCommit, Gitlab and Bitbucket
Enter your GitHub Access Key
Do you require assistance in obtaining your GitHub Access Token Key?
A GitHub personal access token operates similarly to an OAuth access token, serving to authenticate access to the GitHub API. Please follow the instructions below to generate your personal access token on GitHub.
Additional Instructions:
- Log into the Github
- Under your GitHub user profile (not the repository profile), click the “Settings” link.
- Scroll down and click the “Developer Settings” link.
- Click the GitHub “Personal access tokens” link.
- Click the “Generate new token” link and provide your password again if required.
- Provide a name for the GitHub personal access token in the “Note” field.
- Set the access token’s expiration timeout to “No expiration.”
- Click the checkbox for every permission scope to give your GitHub token full repository access.
- Click “Generate token”
- Copy the GitHub Personal Access Token and use this in the Github Access key as the password while creating a Project
AWS CodeCommit Connection
Pre-requisites:
You need to possess AWS console access with the capability to create a user and grant permissions. If this is not within your realm of expertise or role, please collaborate with your Cloud/DevOps team within your organization.
To learn more about AWS IAM Access keys, please go to https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control.html
- Login to your AWS console
- Navigate to “IAM” from the top bar
- After clicking on the IAM tool to get to the IAM Dashboard, click on “Users” under the “Access Management” menu on the left
- Add user and specify a user name, typically including “FormOptix_” in the name to make it easier to track integration keys
- When setting permissions for the new FormOptix user, ensure that the user has “AWSCodeCommitFullAccess” permission
- Confirm the user details and finish creating new user
- In the Access Management User list, click on the new user you created and click on the “Security credentials” tab
- Scroll down to the Access keys section and click “Create access key”
- Select “Other” under use case then add a Description tag value and click Create Access Key
- Copy your Access key and Secret access key
Navigate back to your project settings in FormOptix and select your AWS region and then you’re all set for adding repositories and running StormAI.
GitLab Connection
After configuring the project, you can commence the task of creating issues and allocating them to either your team members or StormAI, your AI Assistant. This approach aids in optimizing your workflow and fostering effective collaboration within your team.
- To create a Project, provide a Project Name, a detailed Project Description and select your Cloud Service Provider such as AWS, Azure, or GCP.
- Next, select your Source Version Control System and enter an Org Name
At FormOptix, we support known repositories such as Github, AWS CodeCommit, Gitlab and Bitbucket
Enter your GitLab Access Key.
Do you require assistance in obtaining your GitLab Access Token Key?
Project access tokens share similarities with passwords, albeit with the added capability of restricting access to resources, choosing a specific role, and setting an expiry date. Employ a project access token for authentication purposes, especially with the GitLab API.
- Open your web browser and navigate to the GitLab website (https://gitlab.com/ or your instance’s URL).
- Log in to your GitLab account using your credentials.
- Click on your profile picture or avatar in the top right corner of the GitLab interface.
- Select “Settings” from the dropdown menu.
- In the left-hand navigation menu, find and click on “Access Tokens.”
- On the “Access Tokens” page, you’ll find a section to create a new personal access token.
- Provide a name for the token (to help you identify its purpose).
- Select the desired expiration date for the token (or choose “Never” for no expiration).
- Choose the specific scopes (permissions) that the token should have. Scopes define what actions the token can perform, such as read/write access to repositories, API access, etc.
- Once you’ve selected the desired settings, click the “Create personal access token” button.
- GitLab will generate the access token for you. Copy this token to a secure location as you won’t be able to view it again
- Paste the generated token to your project settings in FormOptix, and then you’re all set for adding repositories and running StormAI.
For more context, please go to Gitlab documentations: https://docs.gitlab.com/ee/security/token_overview.html
BitBucket Connection
After configuring the project, you can commence the task of creating issues and allocating them to either your team members or StormAI, your AI Assistant. This approach aids in optimizing your workflow and fostering effective collaboration within your team.
- To create a Project, provide a Project Name, a detailed Project Description and select your Cloud Service Provider such as AWS, Azure, or GCP.
- Next, select your Source Version Control System and enter an Org Name
At FormOptix, we support known repositories such as Github, AWS CodeCommit, Gitlab and Bitbucket
Enter your BitBucket Access Key.
Do you require assistance in obtaining your BitBucket Access Key?
Utilizing access keys eliminates the necessity of storing user credentials on an external system, and it ensures that the other system isn’t required to utilize a dedicated user account in Bitbucket.
For more information and context, please go to: https://confluence.atlassian.com/bitbucketserver/http-access-tokens-939515499.html
- At bitbucket.org, navigate to the target repository for the Access Token. This repository is the only one that the Repository Access Token can access.
- On the sidebar, select Repository Settings.
- On the sidebar, under Security, select Access tokens.
- Select Create Repository Access Token.
- Give the Repository Access Token a name, usually related to the app or task that will use the token.
- Select the permissions the Repository Access Token needs. For detailed descriptions of each permission, see Repository Access Token permissions.
- Select the Create button. The page will display the Repository Access Token created dialog.
- Copy the generated token to your project settings in FormOptix, and then you’re all set for adding repositories and running StormAI
Artificial Intelligence – Prompt Engineering and How To’s
Information, prerequisites, and precise methodologies for providing AI commands to optimize its integration within your software development workflow.
AI Prompt Engineering is a critical aspect of shaping the behavior and performance of AI models. It directly influences the quality of generated outputs, the adaptability of models to diverse tasks, and the overall user experience, while also addressing ethical considerations and minimizing biases.
In tasking StormAI, our AI coding assistant, it’s crucial to furnish explicit instructions. StormAI requires a comprehensive grasp of your configuration file, the ability to interpret your directives, and the capacity to expand upon them for successful task execution.
Before entrusting a task to the StormAI, we recommend taking a few moments to thoughtfully define your intended outcome. Clearly articulated instructions empower StormAI to execute the task with precision and efficiency.
Invest a brief period in reviewing the following suggestions and crafting succinct, clear outcomes you aim to achieve.
When issuing AI directives for software development, clarity, precision, and adherence to best practices are paramount. Here are some guidelines for delivering impactful AI instructions in the realm of software development.
Remember that AI models may have limitations, and they perform better with clear and well-structured instructions. By following these guidelines, you can effectively utilize AI in your software development process and leverage its capabilities to enhance productivity and efficiency.
How to read reports and understand your usages
Explore a wealth of project details on our Insights page, featuring distinct panels with graphical charts that deliver valuable information. Directly access project-specific details and usages by selecting a project from the list view at the top left. The panels dynamically updates to display information tailored to your chosen project, allowing for seamless acquisition of project-specific insights to usages, billing and project related information.
Project Tracker
Once a project is selected, the Issue Progress Bar becomes visible, providing a snapshot of the project’s progress.
User Assignments
These charts serve as informative visualizations, providing a detailed understanding of key metrics within your system. Specifically, they shed light on crucial aspects such as ‘Issues Reported per User,’ which highlights the contribution of each user in reporting issues. The ‘Issues Assigned per User’ metric illustrates the distribution of assigned tasks among team members, giving insights into workload allocation. Additionally, the ‘Token per User’ metric showcases the utilization of access tokens by individual users.
To explore and delve into these insightful metrics, simply navigate to the ‘Charts’ icon in the left panel and gain a comprehensive overview of user-specific contributions, task assignments, and token usage within your project or system. This feature allows for a data-driven approach, enabling effective decision-making and optimization based on the visual representation of these significant metrics.
Timeline
The Timeline chart functions as a dynamic visual representation that illustrates the cumulative number of issues logged over different time intervals, organized chronologically by date. This graphical representation allows users to observe trends, patterns, and fluctuations in issue logging over the specified timeline. By providing a comprehensive view of how the number of issues has evolved over time, the Timeline chart aids in identifying periods of increased or decreased activity, facilitating a deeper understanding of the project’s historical issue tracking dynamics. This feature proves valuable for project managers, team members, and stakeholders in assessing historical performance, planning future strategies, and making data-driven decisions based on the temporal distribution of logged issues.
User Information
The Users Panel serves as a comprehensive repository, presenting an exhaustive list of all added users within the system. This list includes essential details such as the user’s Name, Email, Total Tokens Used, and the Creation Date of each user account. By providing this detailed information in a structured format, the Users Panel offers a holistic view of the user landscape, facilitating efficient user management and oversight. Project administrators and managers can leverage this panel to track user activity, token utilization, and user account creation dates, aiding in effective user administration and ensuring transparency in user-related data.
StormAI Utilization
StormAI chart serves as an informational hub, showcasing the aggregate number of StormAI runs within a specific project. This chart provides a quick and straightforward overview of the overall activity and execution frequency of the StormAI, the AI assistant or automation tool, within the selected project.
By presenting the total count of StormAI runs, this panel aids project managers, developers, or stakeholders in assessing the frequency and scale of automated processes carried out by the StormAI. This insight is particularly valuable for monitoring project automation efficiency, identifying patterns in task execution, and ensuring that StormAI is actively contributing to the intended workflows within the project. The data presented in this panel allows for informed decision-making regarding the utilization and optimization of StormAI’s capabilities in alignment with project goals.
Repository Configurations and Details
The Repositories Panel provides a detailed compilation of all added repositories, presenting essential information such as the Owner, Name, URL, and Version Control System associated with each repository. This comprehensive list serves as a convenient and centralized resource for managing and tracking repositories within the system.
By offering a structured overview of repository details, the panel facilitates efficient repository administration. Project managers, developers, and stakeholders can easily navigate and assess the vital information pertaining to each repository, streamlining tasks related to version control, collaboration, and project organization. This centralized repository management ensures that relevant details are readily available, contributing to enhanced visibility, coordination, and effective decision-making in the context of repository-related activities within the project.
Understand Billings and Reportings
General Billing information
Please take a moment to review our general billing information. This includes a breakdown of yearly and monthly invoicing, as well as an explanation of how tokens are billed.
If you are a paying customer account on Standard or Enterprise, you will get a general idea of prorated costs are calculated. Additionally, you can find detailed information on how the number of seats impacts your pricing.
- The price of your subscription is directly tied to the size of your team, specifically the number of seats or licenses in your plan. Whenever you increase or decrease the number of seats, the subscription price is automatically recalculated.
- If you add extra seats beyond the allocated ones in your plan, you will incur an additional prorated charge for those seats.
- If you notice unexpected charges, please check if you accidentally added extra seats to your plan.
- When you reduce the size of your team by removing seats, any unused time for those seats will be credited back to your next bill. To learn more about removing users and licenses, please refer to the relevant documentation. Your credit card will be charged automatically at the end of each subscription period, whether it’s monthly or yearly, unless you decide to cancel your subscription.
- In case there is an issue with your card payment, we will make additional attempts after 7 and 14 days. If we are unable to process the charge by day 14, your subscription will expire. This means your plan will be switched to view-only mode until you choose to extend your subscription or select a new plan. Feel free to explore our plan pricing options
- For more information about billing documentation, you can refer to our invoices and receipts documentation.
Monthly Billing
If you are on a monthly subscription plan, you will be billed on a monthly basis for your chosen plan. Additionally, any additional seats (licenses) that you have added will also be included in your monthly bill.
The specific billing date will correspond to the day of the month when you initially subscribed to FormOptix. For example, if you subscribed on January 5th, 2023, your payment date will always be the 5th of each subsequent month.
Please keep this billing cycle in mind when managing your subscription and payment schedule.
When you add new members (seats) to your team above the allocated size of your plan, your next monthly invoice will include two components:
- The renewal payment for your current plan, which covers the existing seats in your subscription.
- The prorated amount for the additional seats that you have added.
Here’s an example to illustrate the calculation:
Let’s say you purchased a Standard plan with a monthly subscription on April 1st, and your next renewal date is May 1st. On April 15, you invited a new teammate to join your subscription. The price for an extra seat on your plan is $10.
To determine the prorated amount for the new seat, we calculate it based on the remaining days in the billing cycle:
$10 per seat / 30 days x 16 remaining days = $5.33
Therefore, on May 1, your invoice will reflect the $5.33 prorated charge for the additional seat, in addition to the renewal payment for your existing plan. Please note that this is a hypothetical example, and the actual amounts may vary based on your specific subscription details.
When you remove a member (seat) from your subscription, you will only be charged for the duration during which you used the additional seat.
Here’s an example to illustrate the calculation:
Let’s consider that the renewal date of your monthly subscription is May 1st. On April 15th, you added a seat to your plan. However, on April 20th, you removed a teammate along with the associated seat. The price for an extra seat on your plan is $10.
To determine the prorated charge for the extra seat, we calculate it based on the number of days the seat was utilized:
$10 per seat / 30 days x 5 days = $1.67
Therefore, when your May 1st invoice is generated, you will see a prorated charge of $1.67 for the additional seat, considering that it was used for only 5 days.
Please note that this is a fictional example, and the actual amounts may differ based on your specific subscription details.
Annual Billing
If you are subscribed to a yearly plan, your billing operates on an annual basis. Any prorated charges for additional seats you add will be reflected in the next month’s billing cycle.
To provide an example, let’s say you purchased a yearly Starter plan on April 17th, 2023. On May 2nd, you invited an additional person to join your team. The price for an extra seat on your yearly plan is $96. On April 17th, you will be charged a prorated amount for the additional member for the remaining duration of the billing period, which runs from May 2, 2022 to April 17, 2023.
The calculation for the prorated charge for the extra seat is as follows:
$96 per seat / 365 days x 349 days = $91.79
Please note that this amount reflects the portion of the year that remains from May 2nd, 2022 to April 17th, 2023.
Adding or removing extra seats does not change your subscription renewal date. If you remove the additional seat before the charge date, you will only be charged for the days during which the extra seat was utilized. In the event of canceling your subscription, the prorated amount for the additional seats will be charged at the time of cancellation.
Kindly note that this is an illustrative example, and the actual amounts may vary based on your specific subscription details.
Payment Options
Monthly or Annual
We offer two payment options for your convenience: monthly payments or annual payments. You can choose between automated credit card payments or self-serve invoicing, depending on your preference.
Automated Credit Card Payments:
With automated credit card payments, your subscription fee will be automatically charged to your credit card on a monthly or annual basis, depending on your chosen billing cycle. This option ensures a seamless and hassle-free payment experience, as the charges will be processed automatically without requiring manual intervention.
Self-Serve Invoicing:
If you prefer an annual payment and would like to receive an invoice for each billing cycle, you can opt for self-serve invoicing. With this option, you will receive an invoice at the beginning of each billing period, and you can make the payment manually through the provided payment methods.
Difference between Automated Payments and Self-Serve Invoicing:
The main distinction between automated payments and self-serve invoicing lies in the payment process. Automated payments involve the automatic charging of your credit card without the need for manual payments or invoicing. On the other hand, self-serve invoicing requires you to initiate the payment manually by reviewing the invoice and submitting the payment using the provided payment methods.
Please select the payment option that best suits your needs and preferences.
Automated Payments | Self Service Invoice | |
---|---|---|
Plans | Standard, Enterprise | Standard Enterprise |
Payment Method | Credit Card | Credit Card |
Payment Type | Automated | Self Service |
Payment Frequency | Monthly | Annually |
User Licenses | Minimum Requirement: 5 | Minimum Requirement: 5 |
Monthly Billing
Modifications to Billing When Switching to Self-Serve Invoicing
When you transition from automated payments to self-serve invoicing while on an annual subscription, certain changes apply to your billing. However, if you switch from automated payments to self-serve invoicing on a monthly subscription, additional adjustments will be made. Let’s examine these scenarios:
Switching from Automated Payments to Self-Serve Invoicing on an Annual Subscription:
- Billing Period and Renewal Date: Your billing period and renewal date remain unchanged.
- Team Size Increase: If you expand your team size while switching to self-serve invoicing, a true-up invoice for the additional seats (licenses) will be issued at the end of the billing quarter.
Switching from Automated Payments to Self-Serve Invoicing on a Monthly Subscription:
- Renewal Date: Your renewal date will be modified, and you will receive an invoice for the additional time on the new annual subscription.
- Proration for Additional Seats: If you increase your team size when switching to self-serve invoicing, the prorated amount for the extra seats will be included in the invoice.
- Outstanding Payments: Any pending payments, such as upcoming invoices for newly added seats, will be collected from your current payment method (credit card) before the invoice is generated. If the charge is unsuccessful, the outstanding payments will be incorporated into the new invoice.
Upgrading from Starter to Business Plan:
- Billing Period and Renewal Date: Upgrading to a Business plan results in a change to your billing period and renewal date.
- Prorated Credit: The prorated amount for the unused time on the Starter plan will be credited to your new invoice.
Unpaid Invoice for Extra Added Seats:
- During the upgrade process, we will attempt to charge your card for any outstanding invoices related to extra added seats (licenses). If the charge is unsuccessful, the prorated amount will be included in your new self-serve invoice.
Please note that these adjustments are provided as general information and may vary based on your specific subscription details.
What are tokens
In natural language processing (NLP), tokens are the basic units into which text is divided. In the context of FormOptix, tokens are chunks of text that the model reads and processes. Each token can be as short as a single character or as long as a word, depending on the language and the specific implementation.
Tokens are important because they determine the granularity at which the model understands and generates text.
For example, the sentence “FormOptix is great!” can be divided into five tokens: [“Form”, “Opt”, “ix”, ” is”, ” great!”]. In this case, the word “FormOptix” has been split into three tokens: “Form”, “Opt”, and “ix”.
It’s important to note that tokens are not the same as words. In some cases, a token may correspond to a single character or a subword unit created during tokenization, such as splitting a word into smaller units based on a language-specific rule or using a technique like Byte-Pair Encoding (BPE).
The number of tokens in a text is relevant because it affects the computational resources required to process it. FormOptix and many other language models, has a maximum token limit for each input, which is typically around 4096 tokens. If the text exceeds this limit, it needs to be truncated or processed in smaller parts to fit within the model’s constraints.
FormOptix Tokens Costs
FormOptix is free to use with some free tokens for smaller teams.
Free includes StormPM, StormAI, StormDoc and Insights on FormOptix Standard GPT
- Less than 5 users
- 25,000 free tokens
- .10 per 1k additional tokens
Standard Includes StormPM, StormAI, StormDoc and Insights on FormOptix Standard GPT
- 6 users +
- 250,000 free tokens
- .10 per 1k additional tokens
Enterprise includes StormPM, StormAI, StormDoc and Insights on FormOptix Enhanced GPT
- 6 users +
- 500,000 free tokens
- .05 per 1k additional tokens
Please go to our products page for more details and benefits of each plan.
View and understand the Billings settings
Login to your portal by going to https://app.formoptix.com and click on your profile icon on the top right corner > Accounts > Billing
- Plan: The plan you selected during the signup phase.
- Billing Cycle: The monthly billing cycle
- Token Usage: In this section, you have the ability to define your monthly budget and track your monthly usage.