Pricing

Plans that scale with your business.

Four single tenant subscription tiers. Every plan includes the full feature suite. Pro tiers add a dedicated security engineer and included monthly remediation hours. All plans run a 12 month term.

Annual billing includes one free month.

Self serve
Starter
$149/mo
Up to 50 users
in one organization
  • Full feature suite
  • Shadow IT and Shadow AI discovery
  • Compliance mapping (SOC 2, ISO 27001, NIST CSF, CIS v8)
  • Vendor security intelligence
  • 3 scans per day
  • Email support
Choose Starter
Self serve, larger team
Starter Plus
$399/mo
Up to 300 users
in one organization
  • Everything in Starter
  • Headroom for 300 user organizations
  • Same multi layer discovery and reporting
  • Same compliance and Shadow IT coverage
  • 3 scans per day
  • Email support
Choose Starter Plus
Includes a dedicated engineer
Pro
$499/mo
Up to 150 users
in one organization
  • Includes Starter features plus:
  • Dedicated security engineer (named contact)
  • 1 hour of remediation work included monthly
  • $175 per hour beyond included (vs $250 standard)
  • Remediation recommendations in PDF reports
  • 5 scans per day
Choose Pro
Dedicated engineer, larger team
Pro Plus
$999/mo
Up to 300 users
in one organization
  • Includes Pro features plus:
  • Headroom for 300 user organizations
  • 3 hours of remediation work included monthly
  • $150 per hour beyond included (vs $250 standard)
  • Remediation recommendations in PDF reports
  • 5 scans per day
Choose Pro Plus

What every plan includes.

Same multi layer discovery, same compliance coverage, same reports. Tiers differ on user cap, scan frequency, and whether you have an engineer on call.

Every plan
  • Multi layer discovery: identity, email pattern, financial cross reference, endpoint scanning
  • OAuth grant auditing across all connected applications
  • Shadow IT and Shadow AI discovery
  • Compliance mapping: NIST CSF, CIS v8, SOC 2, ISO 27001:2025
  • Vendor security intelligence (SOC 2, ISO, breach data, SSO and MFA posture)
  • Drift analysis between scans
  • Executive PDF reports with posture scoring and action plans
Pro and Pro Plus add
  • Dedicated security engineer assigned as your named contact
  • Included monthly remediation hours (1 hour on Pro, 3 hours on Pro Plus)
  • Discounted hourly rate beyond included hours ($175 on Pro, $150 on Pro Plus)
  • Remediation recommendations baked into your PDF reports
  • 5 scans per day (vs 3 on Starter tiers)

How remediation hours work.

FailSafe surfaces the findings. Pro tiers also fix them. A dedicated security engineer spends time each month acting on what your scans surface, at a rate that beats hiring on demand.

Standard rate
$250/hr
What it costs to engage a security engineer without a Pro subscription. Charged in 15 minute increments after the work is complete.
No included hours
Pro discount
$175/hr
30% off standard. Apply to remediation work that exceeds your included hour each month.
1 hour included monthly
Pro Plus discount
$150/hr
40% off standard. Discount deepens at the higher tier. Apply to work beyond your 3 included hours each month.
3 hours included monthly

What counts as a remediation hour. Time your dedicated engineer spends acting on findings surfaced by FailSafe. OAuth grant review and revocation. MFA policy configuration. Stale account offboarding. Compliance documentation tied to scan results. Other consulting work outside FailSafe scope is billed at the standard $250 hourly rate.

No rollover. Included hours reset each calendar month. Use them or lose them.

Tracked transparently. Every minute is logged and reviewed with you before billing. No surprises.

Managing multiple clients?

FailSafe for MSPs gives you a multi tenant dashboard, role based access, white label reporting, and seat pool billing across your entire client portfolio. Per seat pricing, custom quoted to your portfolio.

For MSPs

Frequently asked questions.

What is the difference between the tiers?

Every tier includes the full FailSafe feature suite. Compliance mapping, Shadow IT and Shadow AI discovery, vendor security intelligence, OAuth auditing, drift analysis, executive PDFs. The differences are user cap, scans per day, and whether you have a dedicated security engineer with included monthly remediation hours. Starter and Starter Plus are self serve. Pro and Pro Plus add the engineer and the hours.

Can I switch plans later?

Upgrades take effect immediately and are prorated against your current billing period. Downgrades take effect at the end of your 12 month term. All plans run a 12 month term regardless of billing cycle.

What happens if I exceed my user cap?

You will get an in app notification when you cross the threshold and a grace period to upgrade. We do not silently truncate your scans or hide users from your reports.

Do you offer a free trial?

Not currently. Pick a tier above and sign up directly to run your first scan. All plans run a 12 month term. See the Refunds and Cancellations Policy for cancellation and refund details.

What about cancellation and refunds?

All plans are 12 month subscriptions. Cancellation and mid term refund requests are reviewed case by case at our discretion, except where applicable consumer protection law provides otherwise. Full details on the Refunds and Cancellations page.

Are my Microsoft 365 or Google Workspace credentials safe?

FailSafe uses official OAuth and service account flows that you authorize. We hold no passwords. We have read only scopes. You can revoke access at any time from your Microsoft or Google admin console. Full detail in the Privacy Policy.

What if I have more than 300 users?

Reach out to sales. We will scope your environment and provide a custom quote.

See what your environment really looks like.

FailSafe surfaces Shadow IT, drift, OAuth sprawl, and compliance gaps that your IT team cannot see manually. Pick a plan that fits and start your first scan today.

Sign up For MSPs