Launch Pricing
Pay for what you use. Nothing else.
$12 per active developer per month, plus pay-as-you-go AI tokens at provider rates with a small platform fee. See per-model & voice rates → No minimum, no annual commitment. If your team didn't ship code that month, you don't pay for SAST that month.
Launch Pricing
SAST
$12
/active dev/mo
No minimum. Pay only for developers who actually used SAST that month, plus metered AI tokens for the PR reviews you run.
AI-powered SAST + PR Review. CWE-mapped remediation. Built for teams that want code security without a procurement cycle.
Get Started- AI-powered SAST analysis on every PR
- Inline PR comments with CWE-mapped fixes
- Bring your own GitHub / Bitbucket / Azure DevOps
- Usage-based AI tokens (provider rates + a small platform fee)
- No minimum monthly charge
- No commitment — pay what you use
- Upgrade to SDLC / Governance / Sec-Ops anytime
Custom
Let's talk
Volume pricing for SDLC suite, Governance / GRC, Sec-Ops, TPRM, IAM, dedicated support.
Only SAST is self-serve today. The other bundles below are sold direct — talk to us and we'll set you up.
- SDLC Suite — full ODE: SAST + PULSE + Coaching + Threat Modeling + Code Context
- Governance — GRC orchestration, gap analysis, policies, risk, frameworks
- Sec-Ops — SIEM + Vuln + IR + Endpoint + AWS scanning + War Room
- TPRM, IAM — standalone modules
- Dedicated CSM + custom integrations + framework consulting
- MSA / SLA / FedRAMP-ready posture (when applicable)
Estimate your monthly cost
Active developers per month
10
02550100+
$120/mo · billed at $12/active-dev only for developers who triggered ≥1 PR Review that month
Scan depth
$0.05–$0.20 per review · single fast pass — the default. What each depth does is in the FAQ below.
PR reviews per month
50
0100250500+
$2.50–$10/mo · AI usage for 50 light reviews, metered at provider rates with a small platform fee. Actual cost depends on PR size.
Estimated monthly
$123 – $130/mo
$120 seats + $2.50–$10 AI (light scans)
All charges are metered monthly arrears — a zero-use month is a $0 invoice. No commitment.
Sales tax / VAT calculated at checkout based on your location.
Frequently asked
How does the $12/active-dev meter actually work?
Every month we count how many distinct developers triggered at least one PR Review across your repos. That number × $12 is the SAST line on your invoice. A developer who didn't push that month doesn't count. A month with zero pushes = $0 SAST charge.
What about the AI tokens?
AI tokens are metered separately at provider rates with a small platform fee, billed in monthly arrears. Your total depends on which models you run and how much you use. See per-model & voice rates →
What are the scan depths (Light, Normal, Heavy)?
You choose how deep each PR review goes:
Light — a single fast AI pass over your changes for the most common vulnerability classes. Lowest cost; the default, and a good fit for high-cadence teams that want quick feedback on every PR.
Normal — a deeper review with additional analysis and a verification step to cut false positives. A balanced choice when you want more thoroughness than Light.
Heavy — the most rigorous review, with stricter verification for high-stakes code. Highest cost; reserve it for your critical paths. You can set the depth per repo.
Light — a single fast AI pass over your changes for the most common vulnerability classes. Lowest cost; the default, and a good fit for high-cadence teams that want quick feedback on every PR.
Normal — a deeper review with additional analysis and a verification step to cut false positives. A balanced choice when you want more thoroughness than Light.
Heavy — the most rigorous review, with stricter verification for high-stakes code. Highest cost; reserve it for your critical paths. You can set the depth per repo.
Is there really no commitment?
Correct. Sign up, connect your repo, hit cancel any time. There's no minimum, no annual contract on SAST, no per-seat license you have to true-up at quarter-end. We invoice monthly arrears for what you actually used.
When do I get SDLC / Governance / Sec-Ops?
Those modules ship to customers on Custom plans today and are coming to self-serve as they cross the polish bar. Hit "Talk to us" on the Custom card if you want them now — we'll set you up.
What payment methods do you accept?
All major credit cards and US ACH via Stripe Checkout. Invoicing (NET-30/60) and procurement-friendly billing are available on Custom plans — talk to sales.
Where does my data live?
AWS us-east-1 by default. Custom regions, single-tenant, or FedRAMP-aligned posture available on Custom plans. See our subprocessor list for the full picture.
Create your account
Start SAST self-serve — enter your details and you'll set a password by email after checkout.
Already have an account? Log in