The Right Pricing. For you.

We have the right pricing plan for your needs. Get a free account or contact us.

Annual

Monthly

Free

$0/month

Pro

$79/month

Business

$799/month

Enterprise

Contact us

Free

$0/month

Pro

$79/month

Business

$99/month

Enterprise

Contact Us

FeatureFreeProBusinessEnterprise
Scan engines111Multiple
Apps/domainsUnlimitedUnlimitedUnlimitedUnlimited
Scan hours5UnlimitedUnlimitedUnlimited
Users3525Up to Unlimited
Projects

Separate scanning flows and manage user groups and access to a project. Full control over permissions and associated ticketing repositories

123Unlimited
Storage200MB / User500MB / User2GB / UserUnlimited
CI/CD Integrations
Ticketing integrations12UnlimitedUnlimited
API keys

User API keys are perfect for single projects. Org an Project API keys allow collaboration and organizational level control and visibility

User onlyUser onlyUser, Org & ProjectUser, Org & Project
Repeater scope

The Bright Repeater is a scan proxy providing a secure connection between the Bright cloud engine and a target on a local network. Scan both public and internal targets securely and with ease

Account levelAccount levelAccount and project-levelAccount and project-level
SupportReal-time chat, emailReal-time chat, emailReal-time chat, email, SlackReal-time chat, email, Slack, phone, dedicated customer success manager
Support SLAs
Export reports: PDF,  JSON,  SARIF, CSV
SSO & provisioning

Configure Single Sign On (SSO) integration to securely authenticate with Bright with Okta, Google, Azure and more

Role-Based access control
Key featuresFreeProBusinessEnterprise
Delivery model  SaaS SaaS SaaS SaaS
Web app scans
Single-page application scans
Internal app scans
Mobile app scans
API scans (REST, SOAP, GraphQL, Websockets)
Detect 10,000+ vulnerabilities
Business logic vulnerability testing

Business logic flaws are notoriously difficult to test automatically, but Bright can do it!

Open API/Swagger and Postman Collection support
API linter

Bright's built-in linter automatically parses, validates and allows you to edit an uploaded API schema to scope the test and ensure a comprehensive security scan

HAR file attack surface discovery
Comprehensive attack surface crawl
Scan optimizations

Bright's engine can optimize the attack surface with automatic smart decisions, such as parameter skipping and enhanced detection phases, to exclude irrelevant tests and minimize scan time

CI/CD integration

Run automated tests with every build! Bright works with GitHub Actions, CircleCI, Jenkins, Azure Pipelines, Travis CI, GitLab, TeamCity and JFrog Pipelines

Issue tracking/ticketing integration

Bright can automatically create tickets/notifications in Slack, Jira, GitHub, GitLab Boards, Azure Boards, and Monday.com

Request editor
Scan templates

Say goodbye to complicated configurations - create, manage and share your own or use our pre-defined templates

Authenticated scans

Support for form & header authentication, API calls, OpenID/OAuth, custom multi-step and browser-based form auth

Customizable PDF reports
Key reports and vulnerability severity classificationFreeProBusinessEnterprise
OWASP TOP 10 report
CVSS (common vulnerability scoring system)
Developer-friendly remediation advice
Project dashboard and management reporting
Downloadable engine logs
Centralized management and extensibilityFreeProBusinessEnterprise
Dashboard
Scheduled scanning
Notifications
In app team messaging and collaboration
Issue tracker integration (Jira, Azure, GitHub, Gitlab, Slack)
Jenkins plug-in integration
In app team messaging and collaboration
CI/CD Integration (GitHub Actions, CircleCI, Jenkins, Azure Pipelines, TravisCI, JFrog, GitLab)
Integration APIs
Slack integration
Role-Based access controls
Developer focused featuresFreeProBusinessEnterprise
CLI
Test every build/PR in your CI/CD
Developer friendly remediation guidelines
cURL command reproduction
Finding triage
Docker / NLM / WIN repeater installation

Frequently Asked Questions

What are scan hours?

Scan hours is the duration that your scans run. This is a background action and is not the time you actually spend with the system.

Do I need to enter payment details to create a free account?

No. You can create a free account with no payment details at https://app.brightsec.com/signup/.

Which plan is right for me?

The Free plan is ideal for individuals or a very small team working on a simple project, usually at its early stages. The Pro plan is suited for a small team, usually with a single app. The Business plan is meant for larger dev groups with several apps. Enterprise was built for even larger organizations, who also wish to run multiple scanners in parallel (reducing scan times).  If you’d like to learn more, schedule a call with us.

Can I change my plan later?

Yes. You can upgrade, downgrade or move to the free plan at any time.

What forms of payment do you take?

We accept major credit cards. If you’d like to arrange for invoice-based payments or other methods, please contact us.

Do prices include VAT?

All prices are in USD and do not include VAT, which depends on your country.

What happens when I reach my scan hours limit?

We’ll notify you in advance if you’re approaching your limit. If you wish to change your plan before your billing cycle has ended, we’d be happy to accommodate you. Just get in touch with our sales team to discuss your options.

Which ticketing integrations do you support?

We currently support JIRA, Slack, Github, Azure Boards, GitLab Boards, and Monday.

Coming soon: ServiceNow and more.

Which Single Sign-On (SSO) systems do you support? 

We currently support Okta, Google and Azure Active Directory.

Which CI pipelines do you support?

We currently support GitHub Actions, CircleCI, Jenkins, Azure Pipelines, Travis CI, GitLab and JFrog Pipelines.

Can I add developers to my account beyond the plan limit?

You can pay an extra fee for additional users. Please talk to our team.

Can I add storage capacity and projects to my account?

Yes, with an additional fee. Contact us to discuss.