Pricing
One price. Every feature.
No surprises.
Billed per server. Not per GB, not per alert, not per team seat. Unlimited incidents on every node.
Everything you need, billed per server. Add or remove nodes any time and billing adjusts automatically.
Volume pricing, dedicated support, extended retention, SSO, and SLA. Same features, more support.
Compare Plans
Feature breakdown
| Feature | Per Node | Enterprise |
|---|---|---|
| PPS sampling interval | 1 second | 1 second |
| PCAP pre-attack buffer | 500 packets | 500 packets |
| PCAP capture cap | 10,000 packets | 10,000 packets |
| PCAP retention | 7 days | 365 days |
| Attack families classified | 8 | 8 + custom |
| IOC patterns | 8 built-in | Custom library |
| Threat intelligence feeds | ✓ | ✓ |
| Real-time analytics | ✓ | ✓ |
| Alert channels | All 7+ | All 7+ |
| Auto-mitigation rules | 22 action types | 22 action types |
| Cloudflare / AbuseIPDB integrations | ✓ | ✓ |
| Generic webhook integrations | ✓ | ✓ |
| Public status pages | ✓ | ✓ |
| Escalation policies | ✓ | ✓ |
| Maintenance windows | ✓ | ✓ |
| Audit log retention | 90 days | 1 year |
| Team seats | Unlimited | Unlimited |
| PCAP download | ✓ | ✓ |
| API access | ✓ | ✓ |
| SSO / SAML | - | ✓ |
| Support | Dedicated Slack + SLA | |
| SLA | - | 99.9% uptime |
| Volume pricing | - | Yes, let's talk! |
FAQ
Common questions
How does per-node billing work?
Each monitored server is one node. Add a node to your workspace, install the agent, and your Stripe subscription quantity increases by one automatically. Remove a node and it decreases. You are only ever billed for active nodes.
What counts as an "attack"?
An attack is when PPS exceeds 3x your node's p99 baseline. Incidents are free and unlimited. You are never charged per detection or per alert.
Can I add nodes mid-billing cycle?
Yes. Stripe prorates the charge for the remaining days in the cycle. You only pay for what you use.
What happens after the 7-day trial?
You'll be prompted to add a payment method. If you don't, monitoring stops but your account and data are preserved for 30 days.
Is there a minimum contract?
No. Month-to-month by default. Annual plans get 20% off and can be cancelled with a 30-day notice.
Do you offer discounts for open source or non-profits?
Yes. Email [email protected] with your project details. We offer 50% discounts for qualifying open source infrastructure projects.
What is the difference between Per Node and Enterprise?
Both plans include every feature. Enterprise adds volume pricing, extended PCAP and audit log retention (365 days), dedicated Slack support, SSO/SAML, a 99.9% uptime SLA, and quarterly business reviews.
Does the annual plan include a free trial?
Yes. Every plan starts with a 7-day free trial. If you choose annual billing, your first payment is not charged until the trial ends.