Choose Your Plan

Includes:

• Fair Use Policy
• 1 User, 1 API key (addtl. available)
• Unlimited Inventories
• CycloneDX & SPDX Support
• CI/CD Integration
• Secure SBOM Sharing
• Package Intelligence (Basic) i Analyzes software packages across ecosystems to surface dependency structure, organizational exposure, and supply chain risk intelligence.
• Vulnerability Matching (Basic) i Matches SBOM components against known vulnerabilities from public security databases.
• FOSS License Visibility (Basic) i Provides visibility into open source licenses used across your software components.
• Community Support

Everything in Community, plus:

• Incl. 5 Users
• 5 API keys
• Secure SBOM Request & Response Workflows i Request, receive, track, and manage SBOM exchanges securely across suppliers and teams.

Everything in Team, plus:

• Unlimited Users
• Package Intelligence with Geo-Risk i Identifies package provenance and maintainer geo-risk to support supply chain risk analysis. Identify maintainer and contributor country provenance Detect packages with elevated geopolitical exposure Support supplier and procurement risk decisions
• Advanced Vulnerability Data
• FOSS License Risk Management i AI-powered identification of license conflicts and potential FOSS compliance issues.
• Advanced Analytics (Exposure Management) i Cross-SBOM analytics to identify affected products, suppliers, and systems during security incidents.
• Policies Manager i Define and enforce custom SBOM quality, compliance, and sharing policies across the organization.
• Quality Gate i Automatically validates SBOMs against NTIA, OWASP, and custom policy requirements. Automatically validate SBOM quality and completeness Enforce NTIA, OWASP, and custom policies Reduce manual review and compliance effort
• Component Health i Tracks package quality, maintenance activity, vulnerability history, and ecosystem health indicators.
• Professional Support