💳 Transparent Pricing
Start Free. Scale as You Comply.
Every plan runs on EU servers. Every plan includes FusionAuth SSO and cryptographic audit trails. No credit card required to start.
MonthlyAnnualSAVE 20%
📡Learn more →
Attack Surface Inventory — Device Limits by Plan
Passive sensor discovers every device, port, and CVE on your network. Included in all paid plans.
FREEMIUM
Not included
Upgrade to unlock
STARTER
10 devices
€159/mo
PROFESSIONAL
100 devices
€350/mo
ENTERPRISE
Unlimited
POA
⚔️
DORA Article 26 TLPT Add-On
Full TIBER-EU framework Threat-Led Penetration Testing. Required for "significant entities" every 3 years. Includes CREST-certified red team, threat intelligence provider, BaFin notification support, and management board reporting templates.
€120K–€200K
per engagement · every 3 years
ROI vs Traditional Penetration Testing
Manual pentesting costs €80K–€300K per annual engagement. Breachr Professional costs €4,200/year.
Traditional annual pentest
€120K+
3 × €40K engagements
Breachr Professional annual
€4,200
€350/month × 12
Annual saving
€115K+
Plus continuous vs point-in-time
Pricing FAQs
Q: What's the difference between Annual and Monthly billing?
A: Annual billing locks in the base rate (Starter €159/mo, Professional €350/mo) with no commitment penalty. Monthly billing is available at +25% (Starter ~€199/mo, Professional ~€438/mo) for full flexibility. Both give you the same features.
Q: What's the difference between Starter and Professional?
A: Starter is designed for smaller teams beginning their compliance journey — 5 targets, 20 scans/month, basic compliance reports at €159/mo (€1,908/yr). Professional adds QSA-grade PCI DSS reports, BaFin/NCA-grade DORA and NIS2 reports, 10 targets, 50 scans, and priority support at €350/mo (€4,200/yr). Most teams under active PCI DSS or DORA obligations need Professional.
Q: Can I upgrade between plans mid-month?
A: Yes. We prorate your current subscription and apply the credit to the new plan. Most teams start Starter or Professional, then upgrade to Enterprise when TLPT, CDE scoping, or on-premise deployment becomes required.
Q: What's included in the 14-day free trial?
A: Full Professional tier access — 10 targets, 50 scans, all integrations, PCI DSS, DORA + NIS2 reports. No credit card required. Extends to 30 days if you schedule a demo call.
Q: Do you support on-premise deployment?
A: Yes — Enterprise tier supports air-gapped on-premise installation and customer cloud (AWS/Azure/GCP in your account). This is a hard requirement for many central banks and insurance companies.
Q: What is Breachr Inventory and how does the sensor work?
A: Breachr Inventory is a passive network discovery tool. You run a single Docker container on your network — it passively sniffs ARP and DHCP traffic to discover devices the moment they appear, then runs an active nmap scan every 4 hours to map open ports and services. New devices trigger instant email alerts. No agents on individual machines, no firewall changes, zero network disruption.
Q: What counts as a monitored device?
A: A monitored device is a unique MAC address seen by the sensor within the last 30 days. A device that goes offline still counts toward your limit for 30 days after its last heartbeat. If you hit your limit, new devices will still be detected and alerted — you'll just need to upgrade to monitor more than your plan allows.
No Credit Card. Start in Minutes.
Freemium gets you your first scan today. Upgrade when your obligations grow.