Compare our plans

  LiteProEnterprise
Usage
One credit per scan hour

Consumption of 1 credit for every hour of scan.
Minimum of 1 credit and maximum of 5 credits per scan.

Targets with unlimited scans

Choose how many targets you want with unlimited scans.
These targets will not consume credits.

1 included
($118 per target, per month)
5 included
(extra: contact us)
Free monthly credits

Every month we offer you free credits to run scans.

5 free credits
per month
5 free credits
per month
5 free credits
per month
Extra credits

Purchase packs of extra credits if you need to run more scans.
Existing and new credits will expire 12 months after purchase.

Starting at 10 credits for $175Starting at 10 credits for $225Starting at 100 credits for $2220
Automatic top up

Automatically top up your account with extra credits when you run out of credits or at their expiration date.

Scanner
Lightning scans

Run a quick 1 minute scan on your website for vulnerabilities related to Security Headers, Cookie flags and TLS

Full Scans

Scan your entire app for 100+ types of vulnerabilities totaling over 30,000 different vulnerabilities

Standalone API and Micro-services scanning

Scan APIs based on a Swagger/OpenAPI schema or Postman Collection file

Single-Page App Scanning

Support for Single-Page App Scanning (AngularJS, ReactJS, etc.)

Extra hosts in the scope

Add extra-hosts for Single-Page Apps (SPA) or apps that call APIs

Up to 2 (per target)Up to 5 (per target)
Fingerprinting

Our advanced fingerprinting recognizes popular web applications and optimizes tests based on the technology used

Technology based Scanning Modules

Run specific scanning modules aimed at certain technologies of the target

Scanning Profiles

Choose one of our scanning profiles based on how intrusively you would like Probely to be while scanning your website

Normal, Safe, LightningFull, Normal, Safe, LightningFull, Normal, Safe, Lightning, Custom
Reduced False-Positives

Probely safely exploits certain types of vulnerabilities to eliminate false-positives

Report False-Positives and Invalid Vulnerabilities

Prevent Probely from reporting that vulnerability again. The team also analyzes reports to prevent similar cases in the future.

Schedule Scans

Schedule scans, or configure recurring scans on a daily, weekly, or monthly basis

Fixed IPs

We used fixed IP addresses for all of our scans

Seeds List

Add paths from your target to the list of URLs to be crawled/scanned

Reject List

Add paths from your target to the list of URLs that you don't want Probely to crawl/scan

Custom Headers

Control which headers are used by the scanner

Custom Cookies

Control which cookies are used by the scanner

Scan internal targets

Learn more about the scanning agent here

Scan 2FA Targets

Set up scanner to log into targets protected by Two-Factor Authentication (2FA)

Navigation sequences recorder plugin

Plugin to record navigation sequences. Record a navigation sequence and Probely will replay and scan the sequence

Partial Scans - Reduced Scope

Run the scan on a subset of your target. You can also set the subscope while starting a scan via API, to speed up testing in CI/CD pipelines.

Partial Scans - Incremental Scan

Scan only new and modified URLs since the previous scan.

Pause and Resume scans

Pause a scan during a specific timeframe and resume it later automatically

Targets
Skip Target Verification

Waive target ownership verification requirement when adding a new target (upon request)

Target Labels

Set target labels to group targets

Authentication
Login Form

Let Probely authenticate on your website via Login Form, so it can scan your website as a logged in user

Basic Authentication

Let Probely authenticate on your website using basic authentication

Customize Cookies

Customize cookies to be used for authentication

Customize Headers

Customize headers to be used for authentication

Dynamic API Authentication

Extract a token (e.g. JWT) from the response to an authentication request, and use it in a header or cookie in the following requests.

Login sequence recorder plugin

Record the login sequence and Probely will replay the sequence for authenticating on the target

SSO / Openid Connect

Support for SSO and Openid Connect

Integrations
Slack

Get notifications on Slack for scan start, finish, vulnerabilities found, etc

Jira Cloud

Two-way sync findings with Jira Cloud

Jira Server

Two-way sync findings with Jira Server

API

Use our full-featured API

Plugins for CI tools

Install a Probely plugin in your CI tool (Jenkins, Circle CI)

Azure DevOps

Two-way sync findings with Azure DevOps Boards

DefectDojo

Sync findings with DefectDojo

Shortcut

Sync findings with Shortcut

Webhooks

Set Webhooks via the API to be notified of Probely events

Reports
Scan Results PDF Report

Download a PDF report with the scan results

Coverage Report

Download a CSV file with the coverage of the scan (scanned endpoints)

Scan Results Editable Report

Download an MS-Word report with the scan results

User Audit Logs

Download Audit Logs with the trail of actions performed by users on the platform

Compliance Report

Download a PCI-DSS, OWASP TOP10, or ISO 27001 PDF compliance report

Executive Summary

Download a PDF Executive Summary with all relevant high-level scan information at a glance

Teams and Collaboration
Users

Add an unlimited number of users to your team

Up to 3
Assign vulnerabilities to a member

Assign a vulnerability to a certain team member to let them know that they are in charge of fixing it

Single Sign-On

Single Sign-On Support (SAML, Microsoft AD, OpenID Connect)

Role-based Access Controls

Assign roles to users, create new roles with a set of permissions, grant user roles account-wide or on target-basis

Built-in roles onlyBuilt-in roles only
Teams

Support for Teams / Business Units. A team comprises a group of users/roles and targets. You can set a maximum number of targets for the team (quota) and reserve a number of slots for targets.

Payment
Payment by Credit Card

Fast payment by a Credit Card

Payment by Invoice

For annual contracts. Wire transfers.

Support
Online Chat Support

Online Chat Support (only in English)

Dedicated Account Manager

Dedicated Account Manager that knows your business and acts as a single point of contact with Probely.

Priority Support

Priority Support via email or chat

Data Privacy
Data stored in a top-tier EU datacenter

Data stored in the EU in a top-tier cloud provider with strict security controls

Data stored in a top-tier US datacenter

Data stored in the US in a top-tier cloud provider with strict security controls (on request)

Data stored in a separate database instance

Data stored in a segregated database instance, in a top-tier cloud provider or on-premises (addon)

Managed Scans
Target Setup

Adding and configuring targets

Scanning and Scheduling Configuration

Starting scans or scan scheduling configuration

Scan Coverage Verification

Proactively monitoring scans, verifying scan coverage and settings

Vulnerability Curation

Validating vulnerabilities and adjust the severity based on context

Result Analysis

Analysis and explanation of scanning results and proposed fixes

API Scripting

Building of Python scripts to automate operational tasks and bulk actions

Best Practices and Integrations

Providing best practices on Probely's use and help on integration setup

Choose the best plan for you and get secure!

What is the difference between a target and a pool of targets?

When you select the Starter or Pro plan, your subscription is tied to the target’s URL. This means that you can’t delete that target and add a new one under the same subscription.

When you select the Premium or Enterprise Plan, you subscribe to a pool of targets. You are free to delete and add new targets as long as you don’t exceed the pool size (the number of slots you subscribed). Read more.

What is a target?

A target is the URL of a web application or website. The scope of the scan is the target. The scanner will never exceed its scope (it will never scan any page that is not under the target).

Here are some examples of targets:

  • https://app1.example.com
  • https://example.com/app1
  • https://example.com

If the target is https://example.com, the scanner will not scan www.example.com or any other hosts. In other words, the scanner will only scan URLs that start with ‘example.com’.

What does the free plan include?

The free plan is our contribution to making web security accessible. It helps your business identify and fix vulnerabilities, improving the security posture of your business. The free plan includes five free targets.

Can I upgrade my subscription plan?

Yes, you can adjust your plan in the Probely interface or contact us directly.

Is there an Enterprise version of Probely?

Yes, Probely+ is our enterprise version. Read more.

What payment methods do you accept?

We accept credit card payments (Visa, MasterCard, Maestro, American Express, Diners Club) and annual invoices for the Premium and Enterprise Plans.

Need a custom pricing model?

Check out Probely Enterprise version or contact us.