Pricing

Threatstealth Pricing

Three tiers to match your security maturity — from core WAF + EDR for growing teams to the full multi-tenant MSSP console for large enterprises.

• Startup — WAF, EDR, vulnerability scanner, SOC 2 compliance automation. 500 endpoints, 5 seats.
• Professional — Full platform: MDM, IAM, LLM scanner, phishing simulation, ISO 27001, PCI DSS. 2,500 endpoints, 25 seats.
• Enterprise — Unlimited endpoints and users, MSSP multi-tenant console, SAML/OIDC SSO, SCIM, dedicated CSM, 99.99% SLA.
• Annual billing: save 20% on Startup and Professional plans.
• 14-day free trial on all plans — no credit card required.

Startup Plan: Core Security for Growing Engineering Teams

The Threatstealth Startup plan is designed for engineering teams that need production-grade security controls and SOC 2 Type II compliance readiness without the cost or complexity of an enterprise security programme. The plan includes the Web Application Firewall powered by ModSecurity and OWASP CRS, the EDR agent for endpoint telemetry and behavioural detection, the CVE scanner with KEV-first prioritisation, and the SOC 2 compliance automation module with continuous control monitoring and automated evidence collection. The 500-endpoint and 5-seat limits are designed to accommodate teams from seed through Series A without requiring a plan upgrade. Annual billing is available at a 20% discount off the monthly rate.

• WAF included — ModSecurity + OWASP CRS web application firewall protecting all production applications
• EDR included — endpoint detection and response across 500 endpoints with behavioural alerting
• CVE scanner included — KEV-prioritised vulnerability scanner with automated remediation task generation
• SOC 2 automation included — continuous control monitoring and evidence collection for all five TSC
• 14-day free trial — full Startup plan access for 14 days without a credit card required

Professional Plan: Full Platform for Scaling Security Programmes

The Threatstealth Professional plan adds the complete platform capability to the Startup foundation — including Mobile Device Management for iOS, Android, macOS, and Windows device fleets, IAM monitoring with MFA enforcement and RBAC drift detection, the LLM Security Scanner for OWASP LLM Top 10 testing of AI endpoints, the Phishing Simulator for multi-vector employee resilience testing, and compliance automation extended to ISO 27001 and PCI DSS alongside SOC 2. The 2,500-endpoint and 25-seat limits accommodate organisations through Series C and beyond. Professional plan customers receive access to live chat support during business hours.

• All Startup features plus MDM, IAM, LLM scanner, phishing simulation, ISO 27001, and PCI DSS
• MDM included — cross-platform mobile device management for up to 2,500 endpoints
• IAM monitoring included — MFA enforcement, RBAC drift detection, and login anomaly alerting
• Phishing simulation included — multi-vector campaigns with automated training assignment
• Live chat support — business hours live chat support for technical and compliance questions

Enterprise Plan: Unlimited Scale with MSSP Multi-Tenant Console

The Threatstealth Enterprise plan removes endpoint and seat limits, adds the MSSP multi-tenant console for managing multiple client organisations from a single operator view, enterprise identity features (SAML 2.0/OIDC SSO and SCIM automatic provisioning), a dedicated Customer Success Manager, and a contractual 99.99% platform uptime SLA. Enterprise customers receive a custom onboarding programme, dedicated Slack channel for direct engineering team access, and custom security review questionnaire support. Enterprise plan pricing is custom — contact sales for a tailored quote based on endpoint count, client tenant requirements, and compliance framework scope.

• Unlimited endpoints and seats — no per-endpoint or per-seat limits for enterprise and MSSP deployments
• MSSP multi-tenant console — manage unlimited client tenants from a single unified operator interface
• SAML/OIDC SSO and SCIM — enterprise IdP integration with automatic user provisioning and deprovisioning
• Dedicated CSM — named customer success manager providing onboarding support and ongoing strategic guidance
• 99.99% uptime SLA — contractual uptime guarantee backed by financial credits for SLA breaches

ROI and Total Cost of Ownership Compared to Point Solutions

The total cost of ownership comparison between Threatstealth and an equivalent point-solution stack is significant. A comparable capability stack built from separate vendors — WAF (Imperva/Cloudflare), EDR (CrowdStrike/SentinelOne), MDM (Jamf/Intune), IAM monitoring (Okta/BeyondTrust), vulnerability scanner (Qualys/Tenable), phishing simulation (KnowBe4/Proofpoint), and compliance automation (Vanta/Drata) — typically costs between $180,000 and $350,000 per year for a mid-market organisation, plus the integration and operational overhead of managing seven vendor relationships. Threatstealth Professional plan delivers the equivalent capability at a fraction of the cost with a single vendor contract and unified console.

• Point-solution stack cost benchmark — comparable seven-tool stack typically costs $180K–$350K annually for mid-market
• Integration cost elimination — no ETL pipelines, API integrations, or correlation rules needed between tools
• Vendor consolidation value — one contract, one renewal, one SLA, one security review, one support team
• Analyst time savings — unified console eliminating context-switching overhead estimated at 15–25% analyst time recapture
• Audit cost reduction — automated evidence collection reducing pre-audit preparation from 4–8 weeks to days