Secure your supply chain.
Pay only for what you need.
Start free. Scale with your team. Enterprise-grade security at every tier.
Developer
For individual developers and open-source projects.
- Unlimited public repo scanning
- 10 private repo checks / month
- CVE browser & search
- PDF security reports
- npm & PyPI ecosystems
- Basic reachability analysis
- Community support
- Dashboard & analytics
- Slack / Jira integrations
- SSO / SAML
Team
For engineering teams shipping secure software.
- Everything in Developer
- Unlimited private repo scanning
- Team security dashboard
- Slack alerts for critical CVEs
- Jira ticket auto-creation
- Go, Java, Rust ecosystems
- Advanced reachability analysis
- Priority email support
- Up to 25 seats
- SSO / SAML
Enterprise
For organizations requiring compliance and control.
- Everything in Team
- Unlimited seats
- SSO / SAML (Okta, Azure AD)
- Role-based access control
- Audit logs & compliance
- PagerDuty integration
- Dedicated API endpoints
- Custom SLA (99.9% uptime)
- SOC 2 / ISO 27001 readiness
- Dedicated account manager
Feature Comparison
| Feature | Developer | Team | Enterprise |
|---|---|---|---|
| Public repo scanning | Unlimited | Unlimited | Unlimited |
| Private repo scanning | 10 / month | Unlimited | Unlimited |
| Ecosystems | npm, PyPI | npm, PyPI, Go, Java, Rust | All + custom |
| Reachability analysis | Basic | Advanced | Advanced + custom rules |
| Dashboard | — | ✓ | ✓ |
| Slack alerts | — | ✓ | ✓ |
| Jira integration | — | ✓ | ✓ |
| PagerDuty | — | — | ✓ |
| API access | — | Read-only | Full read/write |
| SSO / SAML | — | — | ✓ |
| Audit logs | — | — | ✓ |
| RBAC | — | — | ✓ |
| SLA | — | — | 99.9% |
| Support | Community | Priority email | Dedicated account manager |
| Compliance | — | — | SOC 2 / ISO 27001 ready |
Frequently asked questions
Absolutely. The Developer tier is completely free — unlimited scanning for public repos, CVE browser, PDF reports, and reachability analysis. No credit card required.
The Team plan is $49/month flat for up to 25 seats. Each seat corresponds to a developer in your GitHub organization who triggers PR scans. You only pay for active seats.
Each time the OsVault GitHub App runs a security check on a pull request in a private repository, that counts as one check. Public repositories are always unlimited.
Yes. You can upgrade, downgrade, or cancel at any time. When upgrading, you'll get immediate access to the new features. Downgrades take effect at the next billing cycle.
Yes — we offer 50% off for verified startups (under 50 employees) and free Team plans for qualifying open-source maintainers. Contact us to apply.
Ready to secure your dependencies?
Start with the free tier — no credit card required.