Start Free Trial
Book a Demo

Pricing

Developers Scans
developers (up to): 
Annual Subscription – Pricing Based on Your Daily Scans

Standard

For a seamless start with all-in-one CI/CD integration.

$

Loading

per month / $2.160 billed annually

Products
  • SAST
  • SCA (Reachability & Autofix)
  • CI/CD Security
  • Secrets Security
  • IAC Security
  • Container Images
  • SDLC Inventory
  • Unlimited Repositories
  • Unlimited Contributors
Start Free Trial
Most popular

Premium

For growing teams needing advanced security.

$

Loading

per month / $2.160 billed annually

All Standard product plus:
  • Real-Time Malware Detection in OSS
  • Pipeline Malicious Command Detection
  • IaC Malicious Command Detection
  • Container Images Malicious Command Detection
  • SSCS Compliance (CIS, OpenSSF, and more)
  • Unlimited Repositories
  • Unlimited Contributors
Start Free Trial

Enterprise

For at-scale organizations needing advanced security.


Custom

All Premium product plus:
  • ASPM
  • Malicious Code Detection in Application Code
  • Health Check
  • Anomalies Detection
  • Build Security
  • On-Premise
  • Unlimited Repositories
  • Unlimited Contributors
Contact Us

Compare our plans

Standard
Start Trial
Premium
Start Trial
Enterprise

Code Security

SAST
Malicious Code Detection in proprietary application code

Open Source Security

Open source vulnerability (Detection, blocking, and alerting)
Reachability
Exploitability
License and Obsolescence Management
Advanced Prioritization
Auto-remediation
SBOM and VDR On-Demand Generation
Pipeline and issue tracker integrations
Containers support
Real-time Malware in OS Packages (Early Detection, alerting, and immediate dependency firewalling)

CI/CD Security

Advanced Prioritization
Pipeline and issue tracker integrations
Remediation Guidance
Context-Driven Security Insights
Pipeline vulnerabilities detection
CI/CD Infrastructure Misconfigurations Identification
Pre-Commit Hooks
Malicious Command Detection in Pipelines

Secrets Security

Secrets Leakage Detection, blocking, and alerting
Source code, Infrastructure-as-Code, Docker images,...
Scan in Historical Information
Multi-SCM support (GitHub, Azure Repos, GitLab, Bitbucket)
Advanced Prioritization
Auto-revocation
Issue management with ticketing tracker integrations
Pre-Commit Hooks
Automated Continuous DevOps Security Scanning

Infrastructure As Code Security

Advanced Prioritization
Pipeline and issue tracker integrations
Remediation Guidance
Context-Driven Security Insights
Support for Terraform, CloudFormation: ARM and Bicep, Ansible
Pre-Commit Hooks
Support for Multi-Framework / AWS and Azure, Kubernetes and Docker.
Malicious Command Detection in IaC

Application Security Posture Management (ASPM)

Complete Application Risk Management
Application Security Posture Management Dashboards
Full SDLC Assets visibility
Full Security Context from Code to Cloud
Advanced Correlation, Prioritization and Remediation
Third Party Tools Integration (SAST, SCA, Secrets, and others)
Context-Driven Security Insights
Advanced Security Audit Trails

Anomalies Detection

Behavior-Based Risks Detection
Continuous Monitoring
Alert Anomalies in Real-Time
Block Code Tampering
Customizable anomaly rule sets

Build Security

SLSA Provenance Generation
Build Attestation Generation
Build Integrity Verification
Artifact Signature Verification
Software Artifact Tampering Detection

Xygeni Platform

Integrations (See all)*
Customer User Roles
Policy Management
Projects Tags
Policy Customization
SDLC Inventory
SDLC Asset Graph
SSC Compliance (CIS, OpenSSF, and more)
Governance
DevOps Health Check
SSO: SAML, OKTA
Rich API

Compare our plans

Standard
Premium
Enterprise
SAST
Malicious Code Detection in proprietary application code
Open source vulnerability (Detection blocking, and alerting)
Reachability
Exploitability
License and Obsolescence Management
Advanced Prioritization
Auto-remediation
SBOM and VDR On-Demand Generation
Pipeline and issue tracker integrations
Containers support
Real-time Malware in OS Packages (Early Detection, alerting, and immediate dependency firewalling)
Advanced Prioritization
Pipeline and issue tracker integrations
Remediation Guidance
Context-Driven Security Insights
Pipeline vulnerabilities detection
CI/CD Infrastructure Misconfigurations Identification
Pre-Commit Hooks
Malicious Command Detection in Pipelines
Secrets Leakage Detection, blocking, and alerting
Source code, Infrastructure-as-Code, Docker images,...
Scan in Historical Information
Multi-SCM support (GitHub, Azure Repos, GitLab, Bitbucket)
Advanced Prioritization
Auto-revocation
Issue management with ticketing tracker integrations
Pre-Commit Hooks
Automated Continuous DevOps Security Scanning
Advanced Prioritization
Pipeline and issue tracker integrations
Remediation Guidance
Context-Driven Security Insights
Support for Terraform, CloudFormation: ARM and Bicep, Ansible
Pre-Commit Hooks
Support for Multi-Framework / AWS and Azure, Kubernetes and Docker.
Malicious Command Detection in IaC
Complete Application Risk Management
Application Security Posture Management Dashboards
Full SDLC Assets visibility
Full Security Context from Code to Cloud
Advanced Correlation, Prioritization and Remediation
Third Party Tools Integration (SAST, SCA, Secrets, and others)
Context-Driven Security Insights
Advanced Security Audit Trails
Behavior-Based Risks Detection
Continuous Monitoring
Alert Anomalies in Real-Time
Block Code Tampering
Customizable anomaly rule sets
SLSA Provenance Generation
Build Attestation Generation
Build Integrity Verification
Artifact Signature Verification
Software Artifact Tampering Detection
Integrations (See all)*
Customer User Roles
Policy Management
Projects Tags
Policy Customization
SDLC Inventory
SDLC Asset Graph
SSC Compliance (CIS, OpenSSF, and more)
Governance
DevOps Health Check
SSO: SAML, OKTA
Rich API

FAQs

Xygeni counts each developer that has made at least one commit to a repository scanned within the past 90 days. There is no limit to the number of commits per identifier.
The daily scan subscription allows you to run the contracted number of scans, regardless of the number of developers, contributors, or repositories in your organization. The only limitation is the number of scans you can perform each day.
For example, if you purchase a subscription for 100 daily scans, you will be able to perform up to 100 scans per day for an entire year (365 days).
A scan in Xygeni contains a comprehensive set of security analyses, including SAST, dependency analysis, inventory, secrets detection, SCA, IaC security, and malware detection.
A scan applies the full set of analyses associated with your plan's products.
No. Xygeni doesn't upload your source code to scan it. The scan is executed locally into your network infrastructure and no code is uploaded to Xygeni servers. Only the results are uploaded (duly protected during transit and in storage)
In case you use the auto-remediation functionality Xygeni will upload the file to change but then it will be removed from our systems immediately after the change.
Yes. Xygeni offers preloaded projects so you can view examples of different security vulnerabilities without scanning your code.
Of course, the Xygeni scanner can connect to your repos but also works over a file system folder. You just need to specify where the source code is: either in a local folder or into an external git repository.
No, a credit card isn’t required to sign up for the Free Trial. There are no hidden fees or automatic enrollments. After the 14-day trial, your account will be paused, and your data will be securely stored for 30 days, giving you time to choose the plan that best fits your needs.
You can cancel or downgrade your subscription anytime. You’ll keep access to the Xygeni plan features you’ve already paid for until the end of your current billing period, and any changes will take effect at the start of the next billing cycle.
Yes, you can upgrade your plan anytime through any of Xygeni’s available purchase channels.

Secure your Software Development and Delivery

with Xygeni Product Suite

Start Free Trial
Take The Product Tour
Xygeni Logo White

© 2024 Xygeni. All rights reserved

Linkedin-in X-twitter Youtube

Products

Resources

Company

Legal

Start Your Free 7-day Trial

Start exploring Xygeni’s AppSec platform your way — no credit card needed.

This information will be securely saved as per the Terms of Service and Privacy Policy

Take Product Tour

Take a guided tour and see how Xygeni identifies and fixes software vulnerabilities.

Start Product Tour
Scan Your Own Repos

Your source code is never uploaded.
your privacy stays in your hands

Scan Your Code Now
Get started with one click
No credit card required.
  • Your source code is never uploaded – your privacy stays in your hands
  • Up to 25 scans per day included

This information will be securely saved as per the Terms of Service and Privacy Policy