// PRICING

Pay for scans, not seats you don't need.

Every plan includes unlimited seats and unlimited private repos. You pay for the scans you actually run — not the size of your team, not the length of your security reviewer list.

// SOLO & OPEN SOURCE

Starter

No card required

INCLUDED USAGE

500 scans / mo

No overage · hard cap

For indie developers, students, and maintainers of public .NET repos. Free, forever. No card.

Start free

// INCLUDED

✓Unlimited seats
✓Public repos only
✓500 scans / month (hard cap)
✓Vulnerability + license scanning
✓SBOM export (CycloneDX, SPDX)
✓Embeddable README badges
✓Community support

POPULAR

// GROWING .NET TEAMS

Team

$79/ month

Billed annually · $948/yr

INCLUDED USAGE

10,000 scans / mo

$0.012 per additional scan

Private repos, the full scanner, policy controls, CI integration. Priced on scans — seats are always free.

Start 14-day trial

// INCLUDED

✓Unlimited seats · unlimited private repos
✓10,000 scans / month included
✓Overage at $0.012 per scan (or set a cap)
✓Typosquat + dependency-confusion detection
✓License policy enforcement
✓GitHub Action + CLI + webhooks
✓Dependency graph with vuln-path tracing
✓Rorix Registry — hardened packages, 7-day CVE patch SLA
✓Email support (24h SLA)

// SECURITY-DRIVEN ORGS

Scale

$199/ month

Billed annually · $2,388/yr

INCLUDED USAGE

50,000 scans / mo

$0.008 per additional scan

When Team's 10k scans isn't enough. Bigger volume, SSO, and the compliance evidence your security team will ask for. Pentesting and Registry stay separate products.

Start 14-day trial

// INCLUDED

✓Everything in Team
✓50,000 scans / month included
✓Overage at $0.008 per scan
✓Rorix Registry — 72-hour CVE patch SLA
✓SSO (SAML / OIDC)
✓Advanced policy: allowlists, blocklists, overrides
✓Executive reports (SOC 2, ISO 27001, PCI DSS, FedRAMP)
✓Audit trail + SIEM webhook delivery
✓Priority support (4h SLA)

// 500+ ENGINEERS · REGULATED INDUSTRIES

Enterprise

Custom

Annual commit · quoted per scope

INCLUDED USAGE

Committed annual volume

Volume discounts on commit

Self-hosted or private tenant. Committed annual scan volume with volume discounts, plus custom SLAs, MSA, and named CSM.

Talk to sales

// INCLUDED

✓Everything in Scale
✓Committed annual scan volume + overage caps
✓Self-hosted or single-tenant cloud
✓Custom data residency (EU / US / APAC)
✓Rorix Registry — 24-hour CVE SLA + private rebuilds
✓Dedicated customer success manager
✓99.95% SLA with credits
✓Custom MSA + DPA
✓On-prem air-gapped advisory sync
✓Named security engineer on-call

◎

Unlimited seats on every plan. Invite every engineer, security reviewer, auditor, and exec — read-only viewers, commenters, and dashboard users never cost anything. You only pay when a project is resolved.

// COMPARE

Feature-by-feature comparison

FeatureStarterTeamScaleEnterprise

// Pricing model

SeatsUnlimitedUnlimitedUnlimitedUnlimited

Scans / month included50010,00050,000Committed

Overage rate—$0.012 / scan$0.008 / scanVolume pricing

Monthly scan cap (optional)●●●●

// Scanning

Public repos●●●●

Private repos—●●●

.NET formats (.csproj, .sln, …)●●●●

Direct + transitive coverage●●●●

EPSS exploitability scores—●●●

// Supply chain

Typosquat detection—●●●

Dependency confusion signals—●●●

License policy enforcement—●●●

Provenance + Sigstore checks——●●

// Workflows

GitHub Action + CLI●●●●

PR annotations (inline)—●●●

Webhooks + SIEM delivery——●●

// Rorix Registry (rebuilt-from-source NuGet)

Pull from public catalog—●●●

Request new packages on demand—●●●

CVE patch SLA—7 business days72 hours24 hours / custom

Sigstore signature + SLSA attestation—●●●

Private (internal) rebuilds———●

// Reports & compliance

SBOM export (CycloneDX, SPDX)●●●●

Embeddable README badges●●●●

Executive templates (SOC 2, ISO)——●●

Audit trail retention30 days90 days1 yearCustom

// Security & scale

SSO (SAML / OIDC)——●●

Data residencyEUEUEU + USCustom

Self-hosted option———●

Uptime SLA—99.9%99.9%99.95%

// Support

Community●●●●

Email (24h)—●●●

Priority (4h)——●●

Named CSM + on-call engineer———●

// QUESTIONS

Answers before you ask accounting.

Still have questions about scan metering, overage, procurement, or data residency? Sales replies within 4 business hours.

Talk to sales →

Seat pricing punishes you for growing the team or inviting security reviewers, auditors, and execs to look at results. Scan pricing scales with the work actually done. Add as many engineers as you want — they never cost anything.