How pricing works

Risk-based vulnerability prioritization, priced to your environment

Priced per asset, never per vulnerability - discover as many findings as you want, you pay only on the unified assets we manage, not the volume of vulnerabilities. Every plan includes the full platform: the prioritization engine and the unified inventory underneath it, every integration.

Built for security teams managing hundreds to tens of thousands of unified assets.

Design partner program

We're currently onboarding a small group of design partners

We're working hands-on with a handful of teams first: bring your scanner output and we'll show you which findings actually matter on your network. No surprise add-ons.

See it on your data

How pricing works

Every plan includes the full platform. Only the unified asset volume changes - and we size that to your environment.

The full platform on every plan

The prioritization engine, the unified inventory underneath it, every integration, SSO, RBAC, audit trail, and API access. No feature gating, and prioritization is never priced per vulnerability.

Priced on unified assets, not findings

You pay on the number of golden-record assets we manage for you, not the volume of vulnerabilities we surface. One device merged from every source counts once.

Scoped to your environment

We size a plan to your asset count and rollout, with hands-on onboarding while we finalize commercial terms together.

Talk to us about pricing

What is a unified asset?

A unified asset is a single golden record - one entry per device, merged from all your connected sources. If the same laptop appears in Defender, Intune, and your on-prem agent, it counts as one unified asset. Raw source records don't count toward your plan. This unified inventory is what makes the prioritization aware of your real assets and the controls on them.

Go over your asset count? No surprises.

Nothing breaks if you go over your unified asset count. We don't cut off access and we don't spring surprise charges on you. If you're consistently above your plan, we'll reach out and get you onto the right one.

Every plan includes

No feature gating. No hidden limits. Prioritization is the product - it's on every plan.

Risk-based prioritization engine
Exposure & reachability scoring
Compensating-control down-ranking
Exploit signal (EPSS, CISA KEV, CVSS)
CVE catalog (NVD, MITRE, EPSS, KEV)
Custom priority rules
Exception workflows
Unified asset inventory (the engine)
Unlimited integrations
Asset aging & lifecycle
On-prem agent (E2E encrypted)
RBAC & asset groups
Custom field mappings
Full audit trail
API access
SSO (OIDC + SAML)

Enterprise adds

Guided onboarding & consultation
Prioritized integration development
Custom asset volume

Frequently Asked Questions

How do I get started right now?
Bring your scanner output and we'll show you which findings actually matter on your network. Tell us about your environment on the contact page and we'll set up a look at your data within one business day.
Why design partners instead of a self-serve trial?
The whole point of Koopic is that the score is trustworthy because it reflects your assets, your exposure, and the controls you already run. That's worth getting right together. Working closely with you to tune the prioritization to your real environment is how we make the score trustworthy - on your data, not a canned demo.
How is Koopic priced?
Every plan includes the full platform. You pay on the number of unified assets we manage for you - not the volume of vulnerabilities, and never per finding. We size a plan to your environment and finalize commercial terms together. No surprise add-ons.
What is a unified asset?
A unified asset is a single golden record - one entry per device, merged from all connected sources. If the same laptop appears in Defender, Intune, and your on-prem agent, it counts as one unified asset. Raw source records don't count toward your plan. The unified inventory is the engine that makes the prioritization aware of your real assets and controls.
Do all plans include the same features?
Yes. Every plan includes the full platform - the risk-based prioritization engine (exposure, compensating controls, exploit signal), the CVE catalog enriched from NVD, MITRE, EPSS, and KEV, the unified asset inventory underneath it, unlimited integrations, RBAC, audit trail, SSO (OIDC + SAML), and API access. The only difference between plans is the number of unified assets. Enterprise adds guided onboarding and prioritized integration development.
Is prioritization priced per vulnerability?
No. The risk-based prioritization engine - exploit signals (EPSS, CISA KEV), CVSS, asset exposure and criticality, custom priority rules, and compensating controls - is included on every plan. It is not a separate add-on and it is never priced per vulnerability. You pay only on the number of unified assets.
What if I exceed my asset count?
Nothing breaks. We do not hard-stop your access the moment you cross your plan, and we will not spring a surprise charge on you. If you are consistently over, we will reach out and move you to the right plan.
Do you offer annual pricing?
Yes. We offer annual plans - mention it on the contact page and we will size the right plan for your environment.
Is there MSP or MSSP pricing?
Yes. We offer multi-tenant pricing for managed service providers. Each customer environment is fully isolated with database-level tenant isolation. Mention it on the contact page for MSP pricing.
Can I export my data?
Absolutely. You can export your complete asset inventory, prioritized findings, and audit logs in CSV or JSON format at any time. Your data is always yours.

See it on your data.

Bring your scanner output - we'll show you which findings actually matter on your network.

See it on your data Talk to us