Home Features Pricing Contact Sign In
Simple, Transparent Pricing

Per-Domain Pricing

Each plan covers one FQDN (domain). Single-tenant deployment with full data sovereignty. MSSPs — see Enterprise for multi-tenant.

Monthly Annual Save 20%

Starter

Essential DAST scanning for a single domain

$499/mo

per FQDN, billed monthly

  • 1 FQDN (domain)
  • 100 core plugins
  • 1 concurrent scan
  • HTML + JSON reports
  • OWASP Top 10 mapping
  • Email notifications
  • REST API access
  • No recurring scans
  • No cross-scan dedup
Most Popular

Professional

Full-spectrum DAST for security teams

$999/mo

per FQDN, billed monthly

  • 1 FQDN (domain)
  • All 474+ plugins
  • 3 concurrent scans
  • PDF + HTML + JSON + CSV reports
  • OWASP + PCI-DSS compliance
  • Email + webhook notifications
  • Recurring + scheduled scans
  • Cross-scan deduplication
  • Scan comparison + profiling
  • Full REST API access
  • Email support (48h SLA)

Enterprise

Multi-tenant platform for MSSPs

Custom

unlimited FQDNs, multi-tenant

  • Unlimited FQDNs
  • Multi-tenant (MSSPs)
  • All 474+ plugins + custom
  • 10+ concurrent scans
  • White-label reports
  • Custom compliance frameworks
  • Slack + Teams integration
  • Full API + SDK access
  • Signed audit logs + export
  • Priority support (4h SLA)
  • Managed deployment
Contact Sales

Payment Successful!

Thank you for subscribing. Check your email for setup instructions.

Sign In to Get Started

Feature Comparison

Detailed breakdown of what's included in each plan.

Feature Starter Professional Enterprise
FQDNs (Domains)11Unlimited
TenantsSingleSingleMulti-tenant
Concurrent Scans1310+
Security Plugins100 CoreAll 474+All + Custom
Recurring Scans
Report FormatsHTML, JSONPDF, HTML, JSON, CSVAll + White-label
ComplianceOWASP Top 10+ PCI-DSS+ Custom Frameworks
NotificationsEmailEmail + Webhook+ Slack/Teams
Cross-Scan Dedup
Scan Comparison
API AccessFullFullFull + SDK
Audit LoggingBasicSigned chainSigned + Export
MSSP Multi-Tenant
SupportCommunityEmail (48h)Priority (4h SLA)
DeploymentSelf-hostedSelf-hostedManaged / Dedicated

Frequently Asked Questions

Dynamic Application Security Testing (DAST) analyzes running web applications to find security vulnerabilities. Unlike SAST which examines source code, DAST tests applications as an attacker would, sending requests and analyzing responses to identify vulnerabilities like SQL injection, XSS, authentication bypasses, and more.
Each Starter or Professional subscription covers scanning one Fully Qualified Domain Name (e.g., app.example.com). If you need to scan multiple domains, you can purchase additional subscriptions or upgrade to Enterprise for unlimited FQDNs.
Starter and Professional are single-tenant — your organization is the sole user of the instance. Enterprise offers multi-tenant architecture with PostgreSQL Row-Level Security, allowing MSSPs (Managed Security Service Providers) to serve multiple clients from one installation with complete data isolation between tenants.
Yes, annual billing saves 20% compared to monthly billing. Toggle "Annual" above to see discounted pricing.
ArmoScan runs entirely on your infrastructure. You deploy the application on a Linux server with PostgreSQL and Redis. No data leaves your network. We provide deployment scripts, systemd service files, and Nginx configuration for a production-ready setup.
Payments are processed securely by Paddle, our merchant of record. Paddle handles payment processing, tax calculation, invoicing, and subscription management. You can pay with credit card, PayPal, Apple Pay, or Google Pay.