SiteShadow

Get started

Three on-ramps. Same scanner.

Individual developers can self-serve the free tier in about two minutes. Teams that need full taint, heuristic flow, AI context, and cross-file analysis go through Pro. Organizations with SSO, custom rules, and audit controls go through Enterprise.

Individual

Free tier, self-serve

$0 · sign in with work SSO

23 OWASP Top 10 pattern checks for single-file scanning, plus the CRED-URL heuristic. Inline diagnostics, per-line ignores, and fix guidance. No data-flow analysis at this tier.

  1. Sign in with Okta, Microsoft Entra ID, or Google Workspace.
  2. Free license key auto-issues on first login.
  3. Copy the key from Settings → Subscription, install the VS Code / Cursor extension.
Start free

Team, most teams start here

Pro, per-seat

Contact for per-seat pricing

Two-pass interprocedural taint, 31 heuristic flow checks, AI-context scanning, cross-file detection, the full 1,998-rule library, GitHub Action with SARIF, policy evaluation with CI exit codes, team dashboard and analytics.

  1. Tell us your stack, team size, and CI environment.
  2. We provision per-seat Pro keys and walk through extension + GitHub Action setup.
  3. First Pro scan inside the same day.
Talk to us about Pro

Enterprise

Enterprise, annual

Annual contract

Everything in Pro plus SSO administration (Okta, Microsoft Entra ID, Google Workspace), custom pattern rules with per-org overrides, audit logging, dedicated support, and SLAs. Standards mapping to SOC 2 (CC7.1, CC8.1) and ISO 27001 (A.8.28, A.8.29) is published.

  1. Share your IdP (SAML/OIDC), compliance scope, and any custom-rule requirements.
  2. Procurement, security review, and contract.
  3. Onboarding with audit-log delivery and standards-mapping artifacts.
Contact sales

Not sure which tier? Walk the scanner first to see what each engine does, then come back here.