Skip to content

Simple pricing. No sales calls.

No quote-only gates. No 6-month sales cycles. Start free, upgrade when you need 24/7 monitoring.

Prices exclude VAT. EU business customers can provide VAT ID for reverse charge. Paid plans are billed monthly or annually — annual gives you two months free.

Free

€0forever

See what's out there

  • 1 protected root domain
  • Daily lookalike refresh
  • Email alerts (1/day limit)
  • 7-day retention
  • 5 brand-check scans/month
  • Blurred preview

Starter

€490/year

€41/mo · save €98/yr

Active threat monitoring

  • 1 protected root domain
  • Real-time CT monitoring
  • Continuous 24/7 monitoring
  • Full evidence packs
  • Email alerts
  • 90-day retention
  • Manual review & remediation
  • Agent API (read-only)

Growth

Most Popular
€1,990/year

€166/mo · save €398/yr

For multi-brand teams

  • 3 protected root domains
  • Real-time CT monitoring
  • Screenshot timeline
  • 3 team seats
  • Slack & Teams alerts
  • Auto-takedown to registrar & host
  • Agent API (read + draft)
  • All Starter features

Scale

€5,990/year

€499/mo · save €1,198/yr

Compliance-ready (NIS2 + GDPR)

  • 10 protected root domains
  • Real-time CT monitoring
  • Audit log export
  • 10 team seats
  • 1 year retention
  • DPA included
  • Agent API (full access)
  • All Growth features

Compare all features

Select a plan to see what's included

Detection

Lookalike domain detection

Detect domains similar to your brand

Continuous 24/7 monitoring

Always-on monitoring without monthly scan limits

Real-time campaign clustering

Instantly group threats sharing infrastructure (registrar, DNS, IP) as they are detected

Threat actor profiles

Cross-campaign intelligence linking campaigns to persistent threat actors

Screenshot timeline

Historical screenshots of detected threats

Visual clone detection

AI-powered visual similarity analysis

Evidence & Reporting

Full evidence packs

Complete screenshots, DOM, headers, and metadata

Executive reports

PDF reports for stakeholders and compliance

Audit log export

Downloadable audit trails for compliance

Compliance Center

NIS2, SOC 2, ISO 27001 requirements mapping and audit readiness

Alerts & Integrations

Email alerts

Get notified of new threats via email (1/day on Free)

Slack & Teams

Alerts delivered to Slack or Microsoft Teams

Remediation

Manual remediation

Review threats and submit takedown requests manually

Auto-takedown

Automated takedown to registrar (domain suspension) and host (content removal)

AI email drafts

AI-generated takedown emails tailored to each registrar and hosting provider

Provider integrations

Connect registrar and hosting credentials for faster takedowns (Cloudflare, GoDaddy, Namecheap, Vercel, and more)

Team & Compliance

3 team seats

Team collaboration

10 team seats

Extended team access

DPA included

Data Processing Agreement for GDPR (provided on request)

Data Retention

90-day retention

Extended alert and evidence history

365-day retention

Full year of alert and evidence history

Viewing Free features.

Frequently asked questions

What counts as a protected root domain?

A protected root domain is one registrable root domain such as example.com, example.io, or example.co.uk. Subdomains such as login.example.com, app.example.com, and support.example.com are included automatically. Separate root domains owned by the same company count separately.

How does detection work across different TLDs?

When you protect example.io, we don't just monitor .io domains — we scan across 18+ TLDs (.com, .net, .org, .xyz, .us, .info, and more) to catch attackers who register your brand name on different extensions. We also detect typosquats, homoglyphs (like examp1e.io), keyword combinations (login-example.com), and other impersonation patterns. Bad actors deliberately register your name on a different TLD to evade detection while looking legitimate to victims; scanning every extension catches them.

How fast is detection?

New certificates surface in your dashboard as they appear in Certificate Transparency logs. Newly registered domains are checked daily.

Which security frameworks does this support?

Brand impersonation monitoring supports ISO 27001:2022 A.5.7 (threat intelligence), NIST CSF 2.0 ID.RA-02 (external threat intelligence), SOC 2 CC7.2 (anomaly monitoring), and NIS2 Article 21 (external attack surface). Evidence packs, audit logs, and API exports help document compliance worldwide.

Where is my data stored?

All data is processed and stored in EU data centers (Frankfurt, Germany). EU-hosted infrastructure serves security teams in the US, Canada, APAC, and globally — your data stays in the EU regardless of where you operate.

Can I cancel anytime?

Yes. Cancel via Stripe in one click. Your access continues until the end of your billing period.