Pricing

Vulnerability scanner pricing — simple & transparent.

Every plan includes proof-backed findings and 5-framework compliance mapping. Core and Pro unlock full attack-path visibility and recurring monitoring depth. No per-scan fees. No surprises. Cancel any time.

Starter
$ 49
per month
For small teams getting started with external security.
1 domain monitored
1 manual scan / month
1 active verified domain scanned monthly
Proof-backed findings
5-framework compliance mapping
PDF report + portal access
Slack alerts
Attack path chains
Delta reports
Get started
Most popular
Core
$ 149
per month
For security-focused engineering teams who need depth.
Up to 5 active verified domains
5 manual scans / month
Each active verified domain scanned weekly
Proof-backed findings
5-framework compliance mapping
PDF report + portal access
Slack alerts on criticals
Attack path chains
Delta reports (new/fixed/overdue)
Start with Core →
Pro
$ 299
per month
For growing SaaS teams monitoring multiple public assets.
Up to 20 active verified domains
25 manual scans / month
Each active verified domain scanned weekly
Proof-backed findings
5-framework compliance mapping
PDF report + portal access
Slack alerts + Attack paths
Delta reports
Compliance export (CSV/JSON)
Start with Pro

All plans require a signed Rules of Engagement document. Manual onboarding for first 20 customers.

Full Comparison

Everything side by side.

Feature Starter Core Pro
Domains monitored1520
Automatic scheduleEach active verified domain scanned monthlyEach active verified domain scanned weeklyEach active verified domain scanned weekly
Subdomain enumeration
Port & service scan
Vulnerability scan (nuclei)
SSL/TLS checks
Email security (SPF/DMARC/DKIM)
Cloud exposure checks
Proof-backed validation
BIS risk scoring
PDF report delivery
Customer portal
5-framework compliance mapping
Attack path chains
Slack critical alerts
Delta reports (new/fixed/overdue)
Compliance export (CSV/JSON)
Get started Start with Core Start with Pro
Common Questions

Everything you need to know.

No. VeilScan is purely external — it only scans what is visible from the public internet. No agents, no credentials, no internal network access required.
A signed document confirming you have authorisation to scan the specified domains. Required before any scan runs. We provide a template and handle onboarding manually.
Every Critical finding must include a reproducible curl command with a real response containing verified sensitive data before it is classified as Critical. Anything unverified is auto-downgraded.
All customer data — scan results, reports, findings — is stored exclusively in AWS eu-west-2 (London). No data leaves the EU.
Yes. On all plans you can trigger an on-demand manual scan from your portal. Manual scans are separate from your automatic per-domain schedule.
Get Started

Your first scan.
In under two hours.

Add your domain, verify ownership, and let VeilScan do the rest. No agents, no credentials, no internal access required.

Start scanning → I already have an account
No hidden scan fees Cancel any time Data stays in London (eu-west-2)