Annual
Monthly
Key features | Free | Pro | Business | Enterprise |
---|---|---|---|---|
Delivery model | SaaS | SaaS | SaaS | SaaS |
Web app scans | ||||
Single-page application scans | ||||
Internal app scans | ||||
Mobile app scans | ||||
API scans (REST, SOAP, GraphQL, Websockets) | ||||
Detect 10,000+ vulnerabilities | ||||
Business logic vulnerability testing Business logic flaws are notoriously difficult to test automatically, but Bright can do it! | ||||
Open API/Swagger and Postman Collection support | ||||
API linter Bright's built-in linter automatically parses, validates and allows you to edit an uploaded API schema to scope the test and ensure a comprehensive security scan | ||||
HAR file attack surface discovery | ||||
Comprehensive attack surface crawl | ||||
Scan optimizations Bright's engine can optimize the attack surface with automatic smart decisions, such as parameter skipping and enhanced detection phases, to exclude irrelevant tests and minimize scan time | ||||
CI/CD integration Run automated tests with every build! Bright works with GitHub Actions, CircleCI, Jenkins, Azure Pipelines, Travis CI, GitLab, TeamCity and JFrog Pipelines | ||||
Issue tracking/ticketing integration Bright can automatically create tickets/notifications in Slack, Jira, GitHub, GitLab Boards, Azure Boards, and Monday.com | ||||
Request editor | ||||
Scan templates Say goodbye to complicated configurations - create, manage and share your own or use our pre-defined templates | ||||
Authenticated scans Support for form & header authentication, API calls, OpenID/OAuth, custom multi-step and browser-based form auth | ||||
Customizable PDF reports | ||||
Key reports and vulnerability severity classification | Free | Pro | Business | Enterprise |
OWASP TOP 10 report | ||||
CVSS (common vulnerability scoring system) | ||||
Developer-friendly remediation advice | ||||
Project dashboard and management reporting | ||||
Downloadable engine logs | ||||
Centralized management and extensibility | Free | Pro | Business | Enterprise |
Dashboard | ||||
Scheduled scanning | ||||
Notifications | ||||
In app team messaging and collaboration | ||||
Issue tracker integration (Jira, Azure, GitHub, Gitlab, Slack) | ||||
Jenkins plug-in integration | ||||
In app team messaging and collaboration | ||||
CI/CD Integration (GitHub Actions, CircleCI, Jenkins, Azure Pipelines, TravisCI, JFrog, GitLab) | ||||
Integration APIs | ||||
Slack integration | ||||
Role-Based access controls | ||||
Developer focused features | Free | Pro | Business | Enterprise |
CLI | ||||
Test every build/PR in your CI/CD | ||||
Developer friendly remediation guidelines | ||||
cURL command reproduction | ||||
Finding triage | ||||
Docker / NLM / WIN repeater installation |
Scan hours is the duration that your scans run. This is a background action and is not the time you actually spend with the system.
No. You can create a free account with no payment details at https://app.brightsec.com/signup/.
The Free plan is ideal for individuals or a very small team working on a simple project, usually at its early stages. The Pro plan is suited for a small team, usually with a single app. The Business plan is meant for larger dev groups with several apps. Enterprise was built for even larger organizations, who also wish to run multiple scanners in parallel (reducing scan times). If you’d like to learn more, schedule a call with us.
Yes. You can upgrade, downgrade or move to the free plan at any time.
We accept major credit cards. If you’d like to arrange for invoice-based payments or other methods, please contact us.
All prices are in USD and do not include VAT, which depends on your country.
We’ll notify you in advance if you’re approaching your limit. If you wish to change your plan before your billing cycle has ended, we’d be happy to accommodate you. Just get in touch with our sales team to discuss your options.
We currently support JIRA, Slack, Github, Azure Boards, GitLab Boards, and Monday.
Coming soon: ServiceNow and more.
We currently support Okta, Google and Azure Active Directory.
We currently support GitHub Actions, CircleCI, Jenkins, Azure Pipelines, Travis CI, GitLab and JFrog Pipelines.
You can pay an extra fee for additional users. Please talk to our team.
Yes, with an additional fee. Contact us to discuss.
© 2022 Bright Security Inc. All Rights Reserved