Community
Weekly deep scans
€0/mo
3 assets included
- 3 assets monitored
- Weekly deep scans
- Docker, NPM, PyPI, live surface
- Slack and Discord
00 // PRICING
Five tiers. Predictable cost. Real free tier.
From solo founders to autonomous enterprise AI. Transparent pricing, predictable margins, zero hidden fees.
MonthlyAnnuallySave 20%
Pulse
Daily scans + CI/CD Pipeline Shield
€79/mo
25 assets included
- 25 assets monitored
- Daily scans
- CI/CD Shield
- GitHub native + PR comments
Most popular
Shield
Hourly scans + Zero False Positive guarantee
€199/mo
150 assets included
- 150 assets monitored
- Hourly scans
- AgentGuard and WSCS
- Zero FP guarantee
Fortress
Sub-hourly scans + SOC2/PCI compliance mapping
€639/mo
500 assets included
- 500 assets monitored
- SaintScan active validation
- SOC2 / PCI / DORA / NIS2 mapping
- Dedicated account manager
Sentinel
Talk to salesSentinel is an autonomous external surface agent operated as a managed engagement, not another self-serve seat. BleedWatch scopes the authorized surface with your team, tunes validation boundaries, reviews the operating plan, and runs the agent against your approved environments with incident-response expectations. It is designed for organizations that need continuous external reconnaissance, autonomous triage, and direct BleedWatch involvement when the signal crosses into material risk.
Unlimited base assets
Autonomous external surface agent
24x7 incident response
On-prem deployment by quote
Managed engagement
By engagement only.
Autonomous external surface agent. Available by engagement only — talk to sales for scoping.
Talk to sales — by engagement01 // MATRIX
Full feature comparison.
| Feature | Community | Pulse | Shield | Fortress | Sentinel |
|---|---|---|---|---|---|
| Core EASM | |||||
| Assets monitored | 3 | 25 | 150 | 500 | Unlimited base |
| Deep scan frequency | Weekly | Daily | Hourly | Sub-hourly (bridled) | Sub-hourly (autonomous) |
| Docker layer deep-scan | ✓ | ✓ | ✓ | ✓ | ✓ |
| NPM / PyPI dependency crawl | ✓ | ✓ | ✓ | ✓ | ✓ |
| GitHub / GitLab audit | — | ✓ | ✓ | ✓ | ✓ |
| Live external surface (DNS, services, certs) | yes basic | ✓ | ✓ | ✓ | ✓ |
| Dark-web credential matching | — | ✓ | ✓ | ✓ | ✓ |
| Asset Intelligence panel | ✓ | ✓ | ✓ | ✓ | ✓ |
| Attack graph | — | ✓ | ✓ | ✓ | ✓ |
| Subdomain Diff (historical) | — | — | ✓ | ✓ | ✓ |
| AI features | |||||
| Basic Arbiter LLM logic | ✓ | ✓ | ✓ | ✓ | ✓ |
| AI Executive Brief | — | — | ✓ | ✓ | ✓ |
| Copilot Nexus AI assistant | — | — | ✓ | ✓ | ✓ |
| AI-generated remediation | — | — | ✓ | ✓ | ✓ |
| Multi-LLM cross-validation | — | — | ✓ | ✓ | ✓ |
| Autonomous Sentinel agent | — | — | — | — | ✓ |
| Modules | |||||
| BleedWatch Shield (CI/CD) | — | ✓ | ✓ | ✓ | ✓ |
| AgentGuard (AI/MCP security) | — | — | ✓ | ✓ | ✓ |
| WSCS (Web compliance) | — | — | ✓ | ✓ | ✓ |
| SaintScan (active validation) | — | — | — | ✓ | ✓ |
| Integrations | |||||
| Slack | ✓ | ✓ | ✓ | ✓ | ✓ |
| Discord | ✓ | ✓ | ✓ | ✓ | ✓ |
| MS Teams | — | ✓ | ✓ | ✓ | ✓ |
| Jira | — | — | ✓ | ✓ | ✓ |
| Linear | — | — | ✓ | ✓ | ✓ |
| ServiceNow | — | — | — | ✓ | ✓ |
| GitHub native + PR comments | — | ✓ | ✓ | ✓ | ✓ |
| GitLab | — | ✓ | ✓ | ✓ | ✓ |
| Cloud Provider integrations | — | — | ✓ | ✓ | ✓ |
| SARIF import | — | ✓ | ✓ | ✓ | ✓ |
| SIEM / Webhook | — | — | ✓ | ✓ | ✓ |
| Custom Threat Intel hooks | — | — | — | ✓ | ✓ |
| Compliance & reporting | |||||
| PDF reports | — | ✓ | ✓ | ✓ | ✓ |
| CSV / JSON export | ✓ | ✓ | ✓ | ✓ | ✓ |
| SBOM Export v2 | — | — | ✓ | ✓ | ✓ |
| Saved Views (multi-device) | ✓ | ✓ | ✓ | ✓ | ✓ |
| Activity log / audit trail | — | ✓ | ✓ | ✓ | ✓ |
| SOC2 controls mapping | — | — | — | ✓ | ✓ |
| PCI-DSS controls mapping | — | — | — | ✓ | ✓ |
| DORA / NIS2 evidence chain | — | — | — | ✓ | ✓ |
| Honeytokens module | — | — | — | ✓ | ✓ |
| Auth & enterprise | |||||
| White Knight eligibility | ✓ | ✓ | ✓ | ✓ | ✓ |
| SSO (SAML) | — | — | ✓ | ✓ | ✓ |
| SCIM provisioning | — | — | — | ✓ | ✓ |
| Custom retention | — | — | — | ✓ | ✓ |
| On-prem deployment | — | — | — | — | yes (by quote) |
| Support & SLA | |||||
| Community support | ✓ | ✓ | ✓ | ✓ | ✓ |
| Email support (business hours) | — | ✓ | ✓ | ✓ | ✓ |
| Slack Connect channel | — | — | ✓ | ✓ | ✓ |
| Dedicated account manager | — | — | — | ✓ | ✓ |
| 24x7 incident response | — | — | — | — | ✓ |
| Uptime SLA | best-effort | best-effort | 99.9% | 99.95% | 99.99% |
| Zero FP guarantee (EUR5/finding credit) | — | — | ✓ | ✓ | ✓ |
02 // FAQ
Payment, trials, and guarantees.
A unique scanned target: a domain (and its subdomains as one asset), a GitHub org, a GitLab namespace, a Docker namespace, an NPM scope, an IP range. We do not double-charge for sub-resources.
Yes. Pro-rated to the day. Annual plans pro-rated against the remaining year.
If you flag a finding as a false positive in your dashboard, we credit you EUR5 against your next invoice. Per finding, no cap.
Yes, 14 days on Pulse / Shield / Fortress. No credit card required for Pulse / Shield. Card required for Fortress.
Account auto-downgrades to Community. Your data is retained for 90 days, then archived. No credit-card surprise charge.
Sentinel runs an autonomous external surface agent against your authorized scope. It models threats, configures validation vectors within agreed boundaries, triages findings, and posts to your team. Setup starts with a 30-minute scoping call. The engagement model is closer to managed service than software you install.
Yes, above 500 assets, contact sales. We do annual contracts above about EUR20k ARR.
Yes, 50% off Pulse for verified non-profits, OSS maintainers, and academic researchers. Email [email protected] with verification.
What if we find nothing?
Community stays free. Paid trials auto-downgrade if you do not continue. If Shield or above returns no actionable signal during the trial, keep the account as Community and retain the scan history for 90 days.
Payment terms.
Stripe-hosted checkout handles cards and invoices off-site. Monthly plans renew monthly; annual plans are billed upfront with the advertised 20% discount. Enterprise contracts use annual MSA, DPA, and purchase-order terms.
Pick a tier. Start in 30 seconds.
Community starts without a card. Fortress and Sentinel buyers can route straight to sales.