CodeGuards v1
// pricing

Pay for the scans you run.

Flat platform fee, then a per-scan rate. Trial is free for 14 days. No seat licenses, no per-repo upcharge, no minimum commit volume.

// trial
Free trial

14 days, one workspace, one repo. See how the reports read before you roll it out.

€0/ 14 days
No card. No auto-renew. Cancel by closing the tab.
  • 1 workspace
  • 1 connected repository
  • Up to 50 scans
  • Full detection library
  • Email support
Start trial
// team
Team

For backend teams with one to a dozen repos. Webhooks on, CI optional, and full reporting on every change.

189/ month
+ €0.50 per completed scan · failed scans not billed
  • Unlimited repositories
  • Unlimited team members
  • Full detection library — backend, frontend, infra
  • Per-repository review settings & severity tuning
  • GitLab webhooks + manual + CI triggers
  • Dashboard, security report, scan history
  • Per-scan audit trail — handy for SOC 2 / ISO 27001 reviews
  • Email support · 1 business day SLA
Start with team
// enterprise
Enterprise

High-volume scanning, self-hosted GitLab fleets, audit trails, custom contracts.

Custom
Volume tier from 2,000 scans / month · invoiced quarterly.
  • Reduced per-scan rate
  • Dedicated onboarding
  • Self-hosted GitLab assistance
  • SSO / SCIM (on roadmap)
  • SLA with guaranteed response
  • Auditor-ready evidence export — SOC 2 CC7.1 / CC8.1, ISO 27001 A.14.2, PCI-DSS 6.3
  • Security questionnaire support & DPA
  • Dedicated account contact
Talk to us
How billing works. The flat €189/mo on Team covers platform infrastructure, GitLab webhook hosting, review infrastructure, and the dashboard. Each completed scan adds €0.50 to your usage line — failed or cancelled scans are not billed. Usage rolls into a single monthly invoice. No seat fees, no per-repo upcharge.

Q. What counts as a scan?

One review of one diff. Push event, MR open/update, manual click, or CI call — they all count as one scan, no matter the diff size.

Q. Are failed scans billed?

No. If your token expired, the diff was unreadable, or the review could not be completed, that scan is on us.

Q. Can I cap monthly spend?

Yes — set a soft cap in workspace settings. We'll keep scanning but won't post comments or send invoices past it until you raise the cap.

Q. What about volume discounts?

From 2,000 scans / month, the per-scan rate drops. Above 10,000, talk to us — we'll tier it sensibly.

Q. Will this help us pass a SOC 2 / ISO 27001 audit?

Not on its own — only your auditor signs off. But every scan persists a timestamped record (who, what, verdict, rationale, acceptance trail) that maps to SOC 2 CC7.1, CC8.1, ISO 27001 A.14.2 and PCI-DSS 6.3. That's the part teams usually scramble to assemble two weeks before the audit. CodeGuards has it ready.