PRICING  ·  two products · public prices · no contract

Two products. Public prices. No sales calls.

Start with a single vendor assessment when you need one. Move up to the full vendor management system when your portfolio (or your auditor) demands it.

01 Vendor Assessments — from $0 02 Vendor Management System — from $199/mo

01 / VENDOR ASSESSMENTS

"Should we sign with this vendor?"

AI-generated 11-section security assessment per vendor. From URL to finished report in under 30 minutes. Buy one when you need one, or subscribe for monthly volume.

Plan Price Scope Includes

Free

$0

forever

1 seat

Solo analyst or IT admin
  • 1 review / month
  • Standard report template
  • Vendor index access
  • Company profile
  • PDF export
  • Markdown export
  • 30-day review history
  • Customizable template
  • Policy change monitoring
  • CVE / breach alerts
Get started →

Pro

MOST POPULAR

$49.99

per month

Up to 5 seats

Small IT teams
  • 5 reviews / month
  • Standard report template
  • Vendor index access
  • Customizable template
  • Company profile
  • PDF export
  • Markdown export
  • Confluence & Notion export
  • 1-year review history
  • Policy change monitoring
  • CVE & breach alerts
  • AI sub-processor flagging
  • Slack notifications
Start free trial →

Team

$99.99

per month

6-25 seats

Security teams
  • 11 reviews / month
  • Standard report template
  • Vendor index access
  • Customizable template
  • Company profile
  • PDF export
  • Markdown export
  • Confluence / Notion export
  • Unlimited review history
  • Policy change monitoring
  • CVE / breach alerts
  • AI sub-processor flagging
  • Shared vendor library
  • Analyst review gate
  • Risk register dashboard
  • Slack, Jira & Teams
  • SIG Lite / CAIQ export
  • Branded PDF reports
Start free trial →

Enterprise

$499.99

per month

25+ seats

MSPs & vCISOs
  • 75 reviews / month
  • Standard report template
  • Vendor index access
  • Customizable template
  • Company profile
  • PDF export
  • Markdown export
  • Confluence / Notion export
  • Unlimited
  • Policy change monitoring
  • CVE / breach alerts
  • AI sub-processor flagging
  • Shared vendor library
  • Analyst review gate
  • Risk register dashboard
  • Slack / Jira / Teams
  • SIG Lite / CAIQ export
  • Branded PDF reports
  • White-label reports
  • Full REST API
  • SSO / SCIM
  • Dedicated CSM
Start free trial →

Pay-as-you-go

NO SUBSCRIPTION

$12.99

/ assessment

1 assessment credit

Packs from $24.99 (2) → $99.99 (12)

 Run the engine on a single vendor. No subscription. Credits never expire. Buy 1 assessment →

All Assessments plans: 11 sections · contextualized to your IdP, MDM, compliance · PDF/Markdown export · monthly billing only

02 / VMS — VENDOR MANAGEMENT SYSTEM

"We have an auditor in 6 months."

The whole portfolio: vendors, lifecycle, sub-processor concentration, HIPAA BAA tracking, PCI AoC expiry, evidence packs, board reports. Assessments included. Mapped to HIPAA · PCI DSS 4.0 · SOC 2 · ISO 27001 · NIS2 · DORA.

BILLING:

Starter

SMB · single regime

$199

/ month

25 vendors

20 assessments / mo

5 seats

  • Everything in Assessments · all 11 sections, all exports
  • Portfolio with tier auto-scoring + lifecycle
  • HIPAA BAA tracker · PCI AoC expiry · SOC 2 mapping
  • Sub-processor extraction + concentration view
  • Continuous monitoring (CVE · breach · policy diff)
  • 12-section audit evidence pack · SHA-256 sealed
  • NIS2 24h/72h/30d incident tracker + 27-state CSIRT directory
  • Quarterly board / management report
Start 14-day trial →
Most popular

Growth

Growing · multi-regime

$499

/ month

100 vendors

50 assessments / mo

unlimited seats

  • Everything in Starter
  • Unlimited seats · role-based access · audit log
  • Custom reassessment cadence per tier
  • Vendor-facing questionnaire portal (magic-link, no account required)
  • AI questionnaire prefill from latest assessment
  • Confluence · Notion · Jira export
  • Branded PDF reports
Start 14-day trial →

Scale

Regulated · 100+ vendors

$1,499

/ month

unlimited vendors

200 assessments / mo

unlimited seats

  • Everything in Growth
  • SSO / SAML · SCIM provisioning
  • Audit-log API (push to your SIEM)
  • Custom CSIRT routing rules
  • REST API for vendor + risk data
  • Multiple frameworks active simultaneously (HIPAA + PCI + SOC 2 + NIS2 + ISO 27001)
Start 14-day trial →

Enterprise

Procurement-driven

Custom

annual contract

negotiated

all caps removed

PO / wire payment

  • Everything in Scale
  • DPA negotiation · SLA · dedicated CSM
  • Custom framework mapping (CMMC · HITRUST · FedRAMP · NIST 800-53)
  • On-prem deployment option
  • Payment via PO / wire
Talk to sales →

14-DAY TRIAL

Full Starter / Growth access. No credit card. Auto-converts to paid at day 14 unless you cancel.

VENDOR OVERAGE

Over plan cap: $5/vendor/mo. Removed vendors stop billing immediately.

ASSESSMENT OVERAGE

Over plan allowance: $8/assessment (vs $12.99 PAYG).

03 / WHICH ONE?

Which product do I need?

If you… Assessments VMS
Evaluate 1–4 vendors per month before signing contracts
Need a defensible written security assessment you can attach to a contract
Track all your vendors in one portfolio with tier + lifecycle
Have HIPAA, PCI DSS, SOC 2, or NIS2 obligations
Need a quarterly board report on vendor risk
Need a hash-sealed audit evidence pack for the auditor
Need to file NIS2 24h/72h/30d incident reports
Track HIPAA BAAs and PCI AoCs by expiry date
Send vendor-facing questionnaires (CSA CAIQ v4.1 · NIS2)
Multiple security/compliance team members need access limited
Have OneTrust or Vanta quoted to you

04 / Frequently asked

Do I have to start with Assessments and upgrade to VMS?

No. If you already know you need vendor management — portfolio, evidence pack, board reports — start the 14-day VMS trial directly. Assessments is for people who only need to evaluate one-off vendors.

Does VMS include the AI assessment feature?

Yes — every VMS plan includes Assessments with a generous monthly allowance (20 / 50 / 200). You only pay for Assessments as a separate product if you do not need the portfolio side.

What happens at the end of the 14-day VMS trial?

The trial converts to the paid Starter plan automatically unless you cancel. We email you on day 10 with a reminder. If you cancel, you lose VMS features but keep any vendor assessments you generated.

What counts as a "vendor" in my VMS plan cap?

Any Vendor record in your portfolio with lifecycle status other than "offboarded". Removing a vendor (or marking it offboarded) stops it counting toward your cap immediately.

Can I cancel at any time?

Monthly Assessments plans cancel at any time, no fee. VMS annual contracts can be cancelled mid-term with a 30-day notice; you keep service through the end of the prepaid period and we refund any unused full months on Growth+.

Is the assessment output ever wrong?

AI-generated assessments can miss information or misinterpret sources. We recommend treating CRITICAL findings as requiring human verification. Each finding is tagged with confidence (verified · inferred · unconfirmed) and links to the underlying source.

Do you have a HIPAA BAA?

Yes — included on every VMS plan and on the Assessments Team plan. Available on request at lower Assessments tiers if your use case warrants it.

Do you support multiple organizations under one account?

Yes — Growth+ VMS plans and the Assessments Team plan both support multi-org. Each organization has isolated data, vendor portfolio, and assessment history.

Start free. Pay when you need more.

Assessments: free 1/mo · VMS: 14-day trial · no credit card on either

Start free → Open the demo