Simple, Transparent Pricing

Fixed per-component pricing. No retainers, no subscriptions required.

Standard

$499

per component

Best for general-purpose utilities, UI frameworks, data libraries

  • Component identity & metadata
  • Ecosystem health & maintainer profile
  • CVE analysis & reachability assessment
  • OpenSSF Scorecard evaluation
  • License risk analysis
  • Static analysis (SAST)
  • Credential & secret scanning
  • SBOM (CycloneDX) & VEX deliverables
  • Safe usage recommendations
  • Executive summary
  • Expert-signed CRA assertion (Article 10 / Annex I)

Delivery: typically 3–5 business days for new assessments

Get Started — $499
High-Criticality

$999

per component

Best for cryptography, networking, auth, privileged data handlers

  • Everything in Standard
  • Extended semantic SAST
  • Binary hardening audit (ASLR, DEP, Stack Canaries, CFG)
  • Malware scanning
  • CI/CD workflow security analysis
  • Cryptography analysis & CBOM
  • AI-driven anomaly, backdoor & threat model
  • Dependency tree deep-dive (top 3 riskiest sub-deps)
  • Detailed executive summary

Delivery: typically 5–10 business days for new assessments

Get Started — $999

Assessing multiple components?

We offer tailored pricing for teams with larger dependency lists. Contact us for a custom proposal.

Keeping reports current

The CRA requires up-to-date due diligence documentation. We offer annual re-assessments to keep your reports audit-ready as components evolve. Contact us to learn more.

Scanner Output vs. Due Diligence Report

What a Scanner Gives You

  • × Raw CVE list with no context
  • × No reachability analysis
  • × No CRA regulatory mapping
  • × No expert review or professional judgment
  • × No signed assertion for auditors

What Our Reports Deliver

  • CVE analysis with reachability + VEX
  • SAST + credential scanning with expert triage
  • Machine-readable SBOM & VEX deliverables
  • Safe usage recommendations & exec summary
  • Expert-signed assertion — audit-ready

Auditors expect professional review and expert opinion — not raw tool output.

All prices exclusive of applicable taxes. Payment via invoice (Stripe or wire).

Request a proposal and receive it within 24 hours.

Get a Custom Proposal