Plans for every security team
Exploitable vulnerability detection and exposure management for the modern web.
Free
Experience the accuracy of Nuclei with the power of cloud
$0
requires business email
- Free monthly discovery and vulnerability scans on sign-up email domain
- Monthly security report
- Invite up to 3 team members
Growth
Continuous external vulnerability scanning for smaller security teams
$3,500
per year
100
assets included
- Daily vulnerability scans
- Integrate cloud accounts (AWS, GCP, Azure)
- Advanced asset discovery
- Real time emerging threats autoscan
- Reporting (PDF, JSON, CSV)
- Invite up to 10 team members
Enterprise
Comprehensive vulnerability management at enterprise scale
Custom
- Retest and regression automations
- Custom scan limits and frequency controls
- Internal network agent
- 2-way ticketing
- Vulnerability regression
- PCI, SOC 2, ISO27001, HIPAA compliance
- SSO, Role-based access control, audit logs
What counts as an asset?
Assets are Fully Qualified Domain Names (FQDNs) or IP addresses without ports. For example, api.acme.com or 192.89.29.19 count as single assets, regardless of how many ports are open on them. We provide free asset discovery and cloud integrations to help you calculate your total assets before selecting a plan, with Growth tier supporting up to 100 assets and larger environments requiring Enterprise.
Trusted by 100k+ security professionals
- Stars on GitHub
- 100k+
- Nuclei contributors
- 900+
- Templates created
- 10k+
- New templates per month
- 250
FAQs
Everything you need to know about pricing. Can't find the answer you're looking for? Please contact support to get help.
How many assets can I monitor on the Growth plan?
What is a scan and what happens if I reach my limit?
How do I subscribe?
How do I manage my subscription?
How do I cancel my subscription? Can I get a refund?
What form of payment do you accept?
What counts as an asset?