Get started
Three on-ramps. Same scanner.
Individual developers can self-serve the free tier in about two minutes. Teams that need full taint, heuristic flow, AI context, and cross-file analysis go through Pro. Organizations with SSO, custom rules, and audit controls go through Enterprise.
Individual
Free tier, self-serve
$0 · sign in with work SSO
23 OWASP Top 10 pattern checks for single-file scanning, plus the CRED-URL heuristic. Inline diagnostics, per-line ignores, and fix guidance. No data-flow analysis at this tier.
- Sign in with Okta, Microsoft Entra ID, or Google Workspace.
- Free license key auto-issues on first login.
- Copy the key from Settings → Subscription, install the VS Code / Cursor extension.
Team, most teams start here
Pro, per-seat
Contact for per-seat pricing
Two-pass interprocedural taint, 31 heuristic flow checks, AI-context scanning, cross-file detection, the full 1,998-rule library, GitHub Action with SARIF, policy evaluation with CI exit codes, team dashboard and analytics.
- Tell us your stack, team size, and CI environment.
- We provision per-seat Pro keys and walk through extension + GitHub Action setup.
- First Pro scan inside the same day.
Enterprise
Enterprise, annual
Annual contract
Everything in Pro plus SSO administration (Okta, Microsoft Entra ID, Google Workspace), custom pattern rules with per-org overrides, audit logging, dedicated support, and SLAs. Standards mapping to SOC 2 (CC7.1, CC8.1) and ISO 27001 (A.8.28, A.8.29) is published.
- Share your IdP (SAML/OIDC), compliance scope, and any custom-rule requirements.
- Procurement, security review, and contract.
- Onboarding with audit-log delivery and standards-mapping artifacts.
Not sure which tier? Walk the scanner first to see what each engine does, then come back here.