Compare our plans
| One credit per scan hour |
Consumption of 1 credit for every hour of scan.
| Targets with unlimited scans |
Choose how many targets you want with unlimited scans.
|1 included |
($118 per target, per month)
|5 included |
(extra: contact us)
| Free monthly credits |
Every month we offer you free credits to run scans.
|5 free credits |
|5 free credits |
|5 free credits |
| Extra credits |
Purchase packs of extra credits if you need to run more scans.
|Starting at 10 credits for $175||Starting at 10 credits for $225||Starting at 100 credits for $2220|
| Automatic top up |
Automatically top up your account with extra credits when you run out of credits or at their expiration date.
| Lightning scans |
Run a quick 1 minute scan on your website for vulnerabilities related to Security Headers, Cookie flags and TLS
| Full Scans |
Scan your entire app for 100+ types of vulnerabilities totaling over 30,000 different vulnerabilities
| Standalone API and Micro-services scanning |
Scan APIs based on a Swagger/OpenAPI schema or Postman Collection file
| Single-Page App Scanning |
Support for Single-Page App Scanning (AngularJS, ReactJS, etc.)
| Extra hosts in the scope |
Add extra-hosts for Single-Page Apps (SPA) or apps that call APIs
|Up to 2 (per target)||Up to 5 (per target)|
| Fingerprinting |
Our advanced fingerprinting recognizes popular web applications and optimizes tests based on the technology used
| Technology based Scanning Modules |
Run specific scanning modules aimed at certain technologies of the target
| Scanning Profiles |
Choose one of our scanning profiles based on how intrusively you would like Probely to be while scanning your website
|Normal, Safe, Security Posture||Full, Normal, Safe, Security Posture||Full, Normal, Safe, Security Posture|
| Reduced False-Positives |
Probely safely exploits certain types of vulnerabilities to eliminate false-positives
| Report False-Positives and Invalid Vulnerabilities |
Prevent Probely from reporting that vulnerability again. The team also analyzes reports to prevent similar cases in the future.
| Schedule Scans |
Schedule scans, or configure recurring scans on a daily, weekly, or monthly basis
| Fixed IPs |
We used fixed IP addresses for all of our scans
| Seeds List |
Add paths from your target to the list of URLs to be crawled/scanned
| Reject List |
Add paths from your target to the list of URLs that you don't want Probely to crawl/scan
| Custom Headers |
Control which headers are used by the scanner
| Custom Cookies |
Control which cookies are used by the scanner
|Scan internal targets|
| Navigation sequences recorder plugin |
Plugin to record navigation sequences. Record a navigation sequence and Probely will replay and scan the sequence
| Partial Scans - Reduced Scope |
Run the scan on a subset of your target. You can also set the subscope while starting a scan via API, to speed up testing in CI/CD pipelines.
| Partial Scans - Incremental Scan |
Scan only new and modified URLs since the previous scan.
| Pause and Resume scans |
Pause a scan during a specific timeframe and resume it later automatically
| Pool of Targets |
Have a pool of multiple targets under one account
| Switch Targets with Unlimited Scans |
Add and delete targets as long as you don't exceed the pool size of targets with unlimited scans
|Once per month|
| Skip Target Verification |
Waive target ownership verification requirement when adding a new target (upon request)
| Target Labels |
Set target labels to group targets
| Login Form |
Let Probely authenticate on your website via Login Form, so it can scan your website as a logged in user
| Basic Authentication |
Let Probely authenticate on your website using basic authentication
| Customize Cookies |
Customize cookies to be used for authentication
| Customize Headers |
Customize headers to be used for authentication
| Dynamic API Authentication |
Extract a token (e.g. JWT) from the response to an authentication request, and use it in a header or cookie in the following requests.
| Login sequence recorder plugin |
Record the login sequence and Probely will replay the sequence for authenticating on the target
| SSO / Openid Connect |
Support for SSO and Openid Connect
| Slack |
Get notifications on Slack for scan start, finish, vulnerabilities found, etc
| Jira Cloud |
Two-way sync findings with Jira Cloud
| Jira Server |
Two-way sync findings with Jira Server
| API |
Use our full-featured API
| Plugins for CI tools |
Install a Probely plugin in your CI tool (Jenkins, Circle CI)
| Azure DevOps |
Two-way sync findings with Azure DevOps Boards
| DefectDojo |
Sync findings with DefectDojo
| Shortcut |
Sync findings with Shortcut
| Webhooks |
Set Webhooks via the API to be notified of Probely events
| Scan Results PDF Report |
Download a PDF report with the scan results
| Coverage Report |
Download a CSV file with the coverage of the scan (scanned endpoints)
| Scan Results Editable Report |
Download an MS-Word report with the scan results
| Compliance Report |
Download a PCI-DSS or OWASP TOP10 compliance PDF report
|Teams and Collaboration|
| Users |
Add an unlimited number of users to your team
|Up to 3|
| Assign vulnerabilities to a member |
Assign a vulnerability to a certain team member to let them know that they are in charge of fixing it
| Single Sign-On |
Single Sign-On Support (SAML, Microsoft AD, OpenID Connect)
| Role-based Access Controls |
Assign roles to users, create new roles with a set of permissions, grant user roles account-wide or on target-basis
|Built-in roles only||Built-in roles only|
| Teams |
Support for Teams / Business Units. A team comprises a group of users/roles and targets. You can set a maximum number of targets for the team (quota) and reserve a number of slots for targets.
| Payment by Credit Card |
Fast payment by a Credit Card
| Payment by Invoice |
For annual contracts. Wire transfers.
| Online Chat Support |
Online Chat Support (only in English)
| Dedicated Account Manager |
Dedicated Account Manager that knows your business and acts as a single point of contact with Probely.
| Priority Support |
Priority Support via email or chat
| Data stored in a top-tier EU datacenter |
Data stored in the EU in a top-tier cloud provider with strict security controls
| Data stored in a top-tier US datacenter |
Data stored in the US in a top-tier cloud provider with strict security controls (on request)
| Data stored in a separate database instance |
Data stored in a segregated database instance, in a top-tier cloud provider or on-premises (addon)
| Verify Scan Coverage |
Proactively Monitor scans, verify scan coverage and settings - Professional Services Plan Addon
| Vulnerability Curation |
Validate vulnerabilities and adjust the severity based on the context - Professional Services Plan Addon
| Custom Scanning Profiles |
Build custom scanning profiles (scan max duration, crawling patterns, tested vulnerabilities, enforce scanning speed, record actions or flows) - Professional Services Plan Addon
Choose the best plan for you and get secure!
- What is the difference between a target and a pool of targets?
When you select the Starter or Pro plan, your subscription is tied to the target’s URL. This means that you can’t delete that target and add a new one under the same subscription.
When you select the Premium or Enterprise Plan, you subscribe to a pool of targets. You are free to delete and add new targets as long as you don’t exceed the pool size (the number of slots you subscribed). Read more.
- What is a target?
A target is the URL of a web application or website. The scope of the scan is the target. The scanner will never exceed its scope (it will never scan any page that is not under the target).
Here are some examples of targets:
If the target is https://example.com, the scanner will not scan www.example.com or any other hosts. In other words, the scanner will only scan URLs that start with ‘example.com’.
- What does the free plan include?
The free plan is our contribution to making web security accessible. It helps your business identify and fix vulnerabilities, improving the security posture of your business. The free plan includes five free targets.
- Can I upgrade my subscription plan?
Yes, you can adjust your plan in the Probely interface or contact us directly.
- Is there an Enterprise version of Probely?
Yes, Probely+ is our enterprise version. Read more.
- What payment methods do you accept?
We accept credit card payments (Visa, MasterCard, Maestro, American Express, Diners Club) and annual invoices for the Premium and Enterprise Plans.