How Can We Help?

When you first sign up at imaraforge.com/register, you create both your personal admin account and your organization. Here's how:

1. Enter your name, work email, and a strong password (min 12 characters).
2. Choose your organization name — this is what your team sees when they log in.
3. Select your subscription tier (Starter, Growth, or Enterprise). You can upgrade anytime.
4. Verify your email address via the confirmation link.
5. You'll land on your Security Dashboard, ready to deploy your first agent.

Your account is protected with bcrypt-hashed passwords and JWT-authenticated sessions.

The ImaraForge agent runs on your endpoints to collect security telemetry and apply patches. Visit the Downloads page for installers.

1. Generate an enrollment key from Devices → Enrollment Keys in your dashboard.
2. Download the agent for your OS (Windows .msi, macOS .pkg, or mobile apps).
3. Run the installer — on Windows: msiexec /i ImaraForge-Agent.msi ENROLLMENT_KEY=your-key
4. The agent registers automatically and appears in your Devices panel within 60 seconds.

System requirements: Windows 10+, macOS 12+, 512 MB RAM, 100 MB disk, outbound HTTPS (port 443).

Once an agent is installed and enrolled, your first scan starts automatically. You can also trigger a manual scan:

1. Go to Devices in the sidebar and select a device.
2. Click "Run Scan" in the device detail panel.
3. The agent performs a full system audit: OS patches, installed software, open ports, configuration weaknesses.
4. Results appear in the Vulnerabilities tab within 2–5 minutes depending on device complexity.

Scans run on a configurable schedule (default: daily at 2 AM local time). You can adjust this from Settings → Scan Schedule.

Add colleagues to your ImaraForge organization so they can view alerts, manage devices, and respond to incidents.

1. Navigate to Settings → Team Members.
2. Click "Invite Member" and enter their email address.
3. Assign a role: Admin (full access), Analyst (view + respond), or Viewer (read-only).
4. They'll receive an invitation email with a secure sign-up link.

Team members are covered by your organization's subscription. The Starter plan includes up to 5 users; Growth and Enterprise plans have higher or unlimited limits.

ImaraForge uses Stripe for secure payment processing. Your card details are never stored on our servers.

1. Go to Settings → Billing (or navigate to the Billing page).
2. Click "Update Payment Method" to open the secure Stripe checkout.
3. Enter your new card details and confirm.
4. Your next invoice will be charged to the updated card.

You can also download past invoices from the billing page. Enterprise customers may pay by invoice — contact sales to arrange.

You can upgrade or downgrade at any time from your billing settings.

1. Visit Settings → Billing → Change Plan.
2. Select your new tier (Starter $15/user/mo, Growth $25/user/mo, Enterprise $35/user/mo).
3. Upgrades take effect immediately — you'll be charged the prorated difference.
4. Downgrades take effect at the end of your current billing cycle.

When downgrading, features exclusive to higher tiers become read-only. Your data is preserved for 90 days in case you upgrade again.

ImaraForge uses role-based access control (RBAC) to manage permissions across your team.

• Owner: Full access including billing, team management, and data deletion.
• Admin: Can manage devices, policies, and team members (but not billing).
• Analyst: Can view alerts, run scans, and investigate incidents.
• Viewer: Read-only access to dashboards and reports.

To change a user's role: Settings → Team Members → Edit. Changes take effect on their next login.

If you've forgotten your password or need to change it:

1. From the login page: Click "Forgot Password?" and enter your email. You'll receive a secure reset link valid for 15 minutes.
2. From the dashboard: Go to Settings → Security → Change Password. You'll need to enter your current password first.

Passwords must be at least 12 characters and include uppercase, lowercase, and numbers. We use bcrypt hashing — your password is never stored in plaintext.

ImaraForge automates the vulnerability lifecycle from discovery to remediation:

1. Discover: Agents scan endpoints for missing patches, misconfigurations, and known CVEs.
2. Prioritize: Vulnerabilities are scored by CVSS severity, asset criticality, and exploit availability.
3. Remediate: Apply patches directly from the platform, or create tickets for your team.
4. Verify: Post-remediation scans confirm the vulnerability is resolved.

The Vulnerabilities dashboard shows your open findings with filtering by severity (Critical, High, Medium, Low), age, and affected device group.

ImaraForge supports automated and manual patching for Windows and macOS endpoints.

1. Navigate to a vulnerability and click "Deploy Patch".
2. Select target devices (individual, group, or all affected).
3. Choose deployment timing: Immediate, Maintenance Window, or Scheduled.
4. The agent downloads and installs the patch, then reports success or failure.

Configure default maintenance windows at Settings → Patch Management. Critical patches can bypass maintenance windows with admin approval.

ImaraForge maps your security posture against common compliance frameworks:

• CIS Benchmarks — Center for Internet Security configuration standards.
• NIST CSF — National Institute of Standards and Technology Cybersecurity Framework.
• SOC 2 — Service Organization Control requirements.
• HIPAA — Healthcare data protection standards (Enterprise tier).

Generate PDF compliance reports from Compliance → Export Report. Reports include evidence of controls, gaps, and recommended remediation steps — ideal for auditor review.

The Devices panel gives you visibility into every enrolled endpoint.

• Groups: Organize devices by department, location, or function (e.g., "Engineering Laptops", "Sales Workstations").
• Health Status: Each device shows online/offline, last scan time, and security score.
• Policies: Assign scan schedules, patch windows, and compliance frameworks per group.
• Bulk Actions: Run scans, deploy patches, or remove agents across multiple devices at once.

Devices that haven't checked in for 30+ days are automatically flagged for review.

If an agent appears offline in your dashboard, try these steps:

1. Check network: Ensure the device can reach api.imaraforge.com on port 443 (HTTPS).
2. Restart the agent service: Windows: net stop ImaraForgeAgent && net start ImaraForgeAgent. macOS: sudo launchctl kickstart -k system/com.imaraforge.agent
3. Check the enrollment key: An expired or revoked key prevents re-registration. Generate a new one from Devices → Enrollment Keys.
4. Verify firewall rules: Whitelist *.imaraforge.com and *.blob.core.windows.net if proxy/firewall filtering is active.

If the issue persists, check the agent log at C:\\ProgramData\\ImaraForge\\logs\\agent.log (Windows) or /var/log/imaraforge/agent.log (macOS).

Scans can fail for several reasons:

• Timeout (>10 min): Large number of installed applications. Try setting scan.timeout=900 in agent config.
• Permission denied: The agent service needs local admin or root privileges to inspect system-level configurations.
• Disk full: Scans need ~50 MB temporary space. Free up disk if below threshold.
• Antivirus interference: Some AV products flag the scanner binary. Add ImaraForgeAgent.exe to your AV exclusion list.

After resolving the issue, trigger a manual re-scan from the device detail page.

Common login issues and how to resolve them:

• "Invalid credentials": Double-check your email and password. Passwords are case-sensitive.
• "Account locked": After 5 failed attempts, your account is locked for 15 minutes. Wait and retry, or use Forgot Password.
• "Session expired": For security, sessions expire after 24 hours of inactivity. Log in again.
• "Organization suspended": This occurs when payment has failed. Update your billing information to restore access.

If you're locked out and can't reset your password, contact support with your registered email for manual verification.

Common API error codes and their meaning:

• 400 Bad Request — Missing or invalid parameters. Check the request body against the API docs.
• 401 Unauthorized — Invalid or expired API key. Regenerate from Settings → API Keys.
• 403 Forbidden — Your API key doesn't have permission for this endpoint. Check role and tier.
• 404 Not Found — The resource doesn't exist. Verify the device/vulnerability ID.
• 429 Too Many Requests — Rate limit exceeded. Default: 100 requests/minute. Back off and retry with exponential backoff.
• 500 Internal Server Error — Server-side issue. Retry after 30 seconds. If persistent, check System Status.

ImaraForge agents are available for:

• Windows: Windows 10 and later (x64). Server editions: 2016, 2019, 2022.
• macOS: macOS 12 Monterey and later (Intel and Apple Silicon).
• Android: Android 10+ via Google Play Store (MDM-lite agent).
• iOS: iOS 15+ via Apple App Store (security posture reporting).

Linux agent support is on our roadmap for Q3 2026. Visit the Downloads page for the latest installers.

Security is at the core of everything we build:

• Encryption in transit: All communications use TLS 1.3. No exceptions.
• Encryption at rest: Data stored in Azure SQL with AES-256 transparent data encryption.
• Tenant isolation: Each organization's data is logically isolated with row-level security.
• Secret management: All credentials stored in Azure Key Vault — never in code or config files.
• SOC 2 compliant: Our infrastructure and processes meet SOC 2 Type II requirements.

Read our full Privacy Policy and Security page for details.

ImaraForge offers three tiers:

• Starter ($15/user/mo): Up to 25 devices, vulnerability scanning, basic compliance, 5 team members, email support.
• Growth ($25/user/mo): Up to 100 devices, automated patching, advanced compliance (CIS, NIST), API access, 25 team members, priority support.
• Enterprise ($35/user/mo): Unlimited devices, HIPAA/SOC 2 compliance, SIEM integrations, SSO, dedicated CSM, SLA-backed support.

All plans include a 14-day free trial. See the full comparison on our Pricing page.

You can cancel at any time without penalty:

1. Go to Settings → Billing → Cancel Subscription.
2. Confirm the cancellation. Your access continues through the end of the current billing period.
3. After cancellation, your data is retained for 90 days. You can reactivate at any time during this period.
4. After 90 days, all organization data is permanently deleted per our data retention policy.

If you need an export of your data before cancellation, use Settings → Data Export to download a JSON archive.

All API requests require an API key passed in the Authorization header:

Authorization: Bearer your-api-key-here

1. Generate an API key from Settings → API Keys.
2. Keys are scoped to your organization and inherit the creator's role permissions.
3. Keys can be rotated or revoked at any time without affecting other keys.

API base URL: https://api.imaraforge.com/v1/. All requests must use HTTPS. See the full API Reference.

ImaraForge can send real-time webhook notifications to your endpoint. Configure webhooks at Settings → Integrations → Webhooks.

Available event types:

• scan.completed — Fired when a vulnerability scan finishes on a device.
• alert.created — A new critical or high-severity alert is generated.
• device.enrolled — A new agent registers with your organization.
• device.offline — A device hasn't checked in for the configured threshold.
• compliance.changed — Compliance score crosses a threshold.
• patch.deployed — A patch deployment completes (success or failure).

All webhook payloads include a X-ImaraForge-Signature header for HMAC verification. Always verify signatures before processing.

Official SDKs make it easy to integrate ImaraForge into your workflows:

• Python: pip install imaraforge — Supports Python 3.9+.
• Node.js: npm install @imaraforge/sdk — Supports Node.js 18+.

Quick example (Python):

from imaraforge import Client
client = Client(api_key="your-key")
devices = client.devices.list()
for d in devices:
  print(d.name, d.health_score)

SDKs handle authentication, retries, and pagination automatically. Full SDK docs are on our API Reference page.

API rate limits protect platform stability:

• Starter: 60 requests/minute, 1,000 requests/day.
• Growth: 300 requests/minute, 10,000 requests/day.
• Enterprise: 1,000 requests/minute, unlimited daily limits.

Rate limit headers are included in every response:

• X-RateLimit-Limit — Your tier's request limit.
• X-RateLimit-Remaining — Requests remaining in the current window.
• X-RateLimit-Reset — Unix timestamp when the window resets.

If you exceed the limit, you'll receive a 429 Too Many Requests response. Use exponential backoff to retry.