Pricing

Transparent pricing. No surprises.

Start free with npx safeweave-mcp. Upgrade when your needs grow.

MonthlyYearlyYearly — save 2 months free 🎉

Pricing plans comparison
	Free $0 10 scans with no signup. Register free for unlimited.	Self-Hosted Pro $15/mo Runs on your infrastructure. License + updates included.	PopularCloud $29/mo	Team $99/mo Up to 25 seats · Unlimited repos
Instant trial (10 scans, no signup)	✓	—	—	—
SAST (top 20 curated rules)	✓	—	—	—
SAST (full registry — 3,000+ rules)	—	✓	✓	✓
Secrets (28 built-in patterns, no custom rules)	✓	✓	✓	✓
Dependency scanning	✓	✓	✓	✓
All 8 scanners	—	✓	✓	✓
Compliance profiles (7 frameworks)OWASP Top 10, SOC 2, PCI-DSS, HIPAA, GDPR, ISO 27001, and NIST 800-53 — 254 original rules that map findings to compliance controls.	—	✓	✓	✓
Runs locally via npx	✓	✓	—	—
Dashboard & reportingWeb-based dashboard to track trends, view findings history, and monitor security posture. Self-Hosted Pro sends metadata only — no source code leaves your machine.	—	✓	✓	✓
Hosted scanningSafeWeave runs scans on our infrastructure — no local setup or CLI needed.	—	—	✓	✓
Team managementInvite team members, assign roles, and manage access to projects and findings.	—	—	—	✓
SSOSingle Sign-On via SAML or OIDC for enterprise identity providers.	—	—	—	✓
Custom profilesCreate custom scanning profiles with your own rule sets and severity thresholds.	—	—	—	✓
	Try 10 Scans Free — No Signup	Self-Host in 5 Minutes✓ 14-day money-back guarantee · Cancel anytime	Start 14-Day Trial✓ 14-day money-back guarantee · Cancel anytime	Try Team Free✓ 14-day money-back guarantee · Cancel anytime Invite your team — get 1 month free

Free

10 scans with no signup. Register free for unlimited.

✓Instant trial (10 scans, no signup)
✓SAST (top 20 curated rules)
—SAST (full registry — 3,000+ rules)
✓Secrets (28 built-in patterns, no custom rules)
✓Dependency scanning
—All 8 scanners
—Compliance profiles (7 frameworks)
✓Runs locally via npx
—Dashboard & reporting
—Hosted scanning
—Team management
—SSO
—Custom profiles

Try 10 Scans Free — No Signup

Self-Hosted Pro

$15/mo

Runs on your infrastructure. License + updates included.

—Instant trial (10 scans, no signup)
—SAST (top 20 curated rules)
✓SAST (full registry — 3,000+ rules)
✓Secrets (28 built-in patterns, no custom rules)
✓Dependency scanning
✓All 8 scanners
✓Compliance profiles (7 frameworks)
✓Runs locally via npx
✓Dashboard & reporting
—Hosted scanning
—Team management
—SSO
—Custom profiles

Self-Host in 5 Minutes

✓ 14-day money-back guarantee · Cancel anytime

Cloud

Popular

$29/mo

—Instant trial (10 scans, no signup)
—SAST (top 20 curated rules)
✓SAST (full registry — 3,000+ rules)
✓Secrets (28 built-in patterns, no custom rules)
✓Dependency scanning
✓All 8 scanners
✓Compliance profiles (7 frameworks)
—Runs locally via npx
✓Dashboard & reporting
✓Hosted scanning
—Team management
—SSO
—Custom profiles

Start 14-Day Trial

✓ 14-day money-back guarantee · Cancel anytime

Team

$99/mo

Up to 25 seats · Unlimited repos

—Instant trial (10 scans, no signup)
—SAST (top 20 curated rules)
✓SAST (full registry — 3,000+ rules)
✓Secrets (28 built-in patterns, no custom rules)
✓Dependency scanning
✓All 8 scanners
✓Compliance profiles (7 frameworks)
—Runs locally via npx
✓Dashboard & reporting
✓Hosted scanning
✓Team management
✓SSO
✓Custom profiles

Try Team Free

✓ 14-day money-back guarantee · Cancel anytime

Invite your team — get 1 month free

FAQ

Frequently asked questions

Does SafeWeave store or transmit my source code?

In Self-Hosted mode, your code stays on your machine. File contents are sent to our scanner fleet over HTTPS for analysis and immediately discarded after scanning — we never store source code. In Cloud mode, scan results (not source code) are stored for dashboard analytics.

How is this different from Snyk or GitHub Advanced Security?

SafeWeave is MCP-native — it integrates directly into AI code editors like Cursor, Claude Code, and VS Code as a first-class tool. You get 8 specialized scanners through a single npx command, with no complex setup or vendor lock-in. Self-hosted scanning starts at $0/mo.

Which CI/CD platforms are supported?

SafeWeave works with GitHub Actions, GitLab CI, CircleCI, Jenkins, and any CI/CD platform that supports Node.js. Just add npx safeweave-mcp to your pipeline.

Does the MCP server require internet access to my codebase?

The free Self-Hosted tier sends files to our scanner fleet for analysis. Self-Hosted Pro does the same but unlocks all 8 scanners. No cloud account is needed — just run npx safeweave-mcp.

What does 'Basic' SAST mean on the free plan?

The free tier includes SAST scanning with the top 20 most impactful rules covering SQL injection, XSS, SSRF, and path traversal. Custom patterns, extended rule sets, and scan history require Self-Hosted Pro or higher.

Can I self-host the MCP server?

Yes. The MCP server runs locally on your machine via npx safeweave-mcp. On the free tier you get 3 scanners; Self-Hosted Pro ($15/mo) unlocks all 8 scanners and compliance profiles while keeping everything local. Only license verification touches our servers.