Published prices. No quote calls.
Priced by in-scope suppliers — the suppliers you actually have to track under NIS2. Not by seats. Not by feature gates.
Free up to 5 suppliers. Starter at €3,500/yr, Growth at €6,900/yr, Enterprise from €14,000/yr — every band has a number, Enterprise included.
Available on the Microsoft commercial marketplace from V1 production (Q4 2026).
The axis is in-scope suppliers.
Your price is set by the number of suppliers you track under NIS2 — the suppliers whose disruption or compromise would materially affect your service. Not your full vendor master. Not your seat count. Not how many process areas you assess them against. Three things that follow from that:
- 01
One supplier, one count.
Whether you assess governance, incident handling, BC/DR, or all seven control families — one supplier counts as one in-scope supplier per year.
- 02
The audit story is included in every paid tier.
Evidence records, decision trace, audit trail, signed export bundle. We don't paywall the parts that survive an audit.
- 03
No quote-only tiers.
Every band shows its starting price. Enterprise included.
Four tiers. Four published prices.
Pick the band that matches the suppliers you have to track. Most teams land on Growth.
Free
Pilot evaluations, smallest end of NIS2 scope, single-evaluator teams
Single user, single legal entity. For pilot evaluations and the smallest end of NIS2 scope.
- Engagement-based supplier reviews
- Evidence records with decision trace
- Append-only audit trail
- Manual supplier entry
- Basic AI suggest-answer (limited monthly quota)
- PDF export of audit bundle
- Notifications — manual setup, opt-in per event
- 1 buyer user · 1 legal entity
- Community support
- Supplier exposure query (incident response)
Not included
- Excel / CSV bulk supplier import
- JSON / machine-readable export
- Signed export bundle
- Pre-configured notification defaults
- Power BI workspace
- Multi-user collaboration
Starter
First paying NIS2 mid-market buyers
Annual billing. Up to 5 buyer users on a single legal entity.
Everything in Free, plus:
- Excel / CSV bulk supplier import
- JSON / machine-readable export
- Signed export bundle (V1)
- Full AI suggest-answer quota with citations
- Pre-configured notification defaults — certificate expiry, review-due, supplier submissions
- Configurable notification rules
- Auditor-ready PDF bundle
- Basic Power BI workspace
- Up to 5 buyer users · 1 legal entity
- 1 framework template
- Guided 1-hour onboarding kickoff
- Next-business-day support
Growth
Buyers with a recurring review load across multiple entities
Annual billing. Up to 10 buyer users across 3 legal entities. Most teams land here.
Everything in Starter, plus:
- Ask-evidence Q&A with strict grounding (V1)
- Trusted Vendor Baselines (V1.2 — mid 2027)
- Review trigger engine with automated notifications (V1.2 — mid 2027)
- Up to 3 framework templates
- Up to 10 buyer users · up to 3 legal entities
- Full Power BI workspace
- 8-hour support response
- Quarterly review with the founder
Enterprise
Multi-entity buyers, audit-heavy environments, DORA-adjacent
Annual billing. Multi-entity buyers, audit-heavy environments, DORA-adjacent. Published floor — no quote-only tier.
Everything in Growth, plus:
- Contract clause check (V1.2 — mid 2027) included
- Buyer-specific clause packs
- SAML / external IdP federation
- Export API
- Webhook notifications
- Unlimited buyer users · unlimited legal entities
- Unlimited framework templates
- Named customer success contact
- 4-hour support response
Annual billing only at launch. Monthly may follow on Microsoft Marketplace if signups ask for it. The pilot through Q4 2026 is your trial.
Receiving a request pack from a buyer? The supplier side is free, forever — see the supplier tier below.
Everything you can compare, in one table.
Grouped by capability. Version tags inline (V1, V1.2) tell you what ships when — we don't hide the roadmap.
| Capability | Free | Starter | Growth | Enterprise |
|---|---|---|---|---|
| Core workflow | ||||
| In-scope suppliers | Up to 5 | Up to 25 | Up to 75 | 76+ |
| Supplier library size | Up to 25 | Up to 200 | Up to 400 | 600+ |
| Engagement-based reviews | ||||
| Evidence records with decision trace | ||||
| Append-only audit trail | ||||
| Supplier exposure query (incident response) | ||||
| Reassessment & resubmission flow | ||||
| Supplier onboarding | ||||
| Manual supplier entry | ||||
| Excel / CSV bulk import | ||||
| AI assistance | ||||
| AI suggest-answer with citations | Limited monthly quota | Full quota | Full quota | Full quota |
| Ask-evidence Q&A (V1) | ||||
| Contract clause check (V1.2 — mid 2027) | Add-on | |||
| Trusted Vendor Baselines (V1.2 — mid 2027) | ||||
| Review trigger engine (V1.2 — mid 2027) | ||||
| Notifications | ||||
| Manual notification setup (per-event opt-in) | ||||
| Pre-configured notification defaults | ||||
| Certificate-expiry email alerts | Manual setup | Pre-configured | Pre-configured | Pre-configured |
| Review-due email alerts | Manual setup | Pre-configured | Pre-configured | Pre-configured |
| Supplier-submission email alerts | Manual setup | Pre-configured | Pre-configured | Pre-configured |
| Configurable notification rules | ||||
| Automated review-trigger notifications (V1.2) | ||||
| Webhook notifications | ||||
| Identity & users | ||||
| Buyer users included | 1 | 5 | 10 | Unlimited |
| Microsoft Entra ID / Azure SSO | ||||
| SAML / external IdP federation | ||||
| Role-based access control | Basic | Advanced | ||
| Scale & governance | ||||
| Legal entities | 1 | 1 | Up to 3 | Unlimited |
| Framework templates | NIS2 default | 1 | Up to 3 | Unlimited + custom |
| Buyer-specific clause packs | ||||
| Audit & export | ||||
| PDF audit bundle | Basic | Auditor-ready | Auditor-ready | Auditor-ready |
| JSON / machine-readable export | ||||
| CSV export | ||||
| Signed export bundle | ||||
| Export API | ||||
| Power BI analytics workspace | Basic | Full | Full + custom | |
| Onboarding & support | ||||
| Onboarding | Self-serve | Guided 1-hour kickoff | Guided + 30-day check-in | Named CSM |
| Support response | Community | Next business day | 8-hour | 4-hour |
| Quarterly review with founder | ||||
Free, forever, for the side answering the questions.
Suppliers do most of the work in the assurance loop. Charging you to answer your customer's questions would be backwards. Buyers pay because they need management visibility across many suppliers — that is where our price sits.
Supplier
For suppliers responding to NIS2 due diligence from their customers.
No card. No upgrade. No charge to the supplier side, ever.
Everything included in the supplier free tier:
- Verified trust profile, sharable with any buyer
- Reusable evidence library — upload once
- Respond to buyer requests, export submissions as JSON
- Discoverable in the Shards supplier directory (opt-in)
- Cross-buyer evidence reuse with your consent
- Unlimited buyer connections
- No charge, no upgrade prompts
Public surface launches with V1 (Q4 2026). Pilot suppliers can onboard now via buyer invitation; the public directory and trust profile go live with V1.
Stretch a tier without changing it.
Four packs that extend depth or capacity. Use uplift to stay on your current band when supplier counts creep; use the others to deepen the workflow when V1.2 lands.
Supplier uplift
Available on: Starter and Growth (Enterprise has uncapped suppliers)
+10 in-scope suppliers per pack. Stay on your current tier when your in-scope count creeps past the band, without bumping up.
- Each pack adds +10 in-scope suppliers
- Stackable to a maximum of 3 packs per tier
- Pro-rated to the remainder of your annual term
- Past 3 packs we walk you through the next tier rather than stack further
Contract Clause Check pack
Available on: Growth (add-on) · Enterprise (included)
Anchored clause-text checks across incident notice, audit rights, exit, BC/DR — findings linked to specific contract excerpts with reviewer sign-off.
- Clause-text checks on incident notice, audit rights, exit, BC/DR
- Findings linked to specific contract excerpts
- Reviewer sign-off captured per finding
- Reusable clause-pack library
Extended baseline library
Available on: Growth and above
Pre-built Trusted Vendor Baselines for the most common cloud and SaaS suppliers. Saves rebuilding baselines from scratch for common third parties.
- Pre-built baselines for common cloud and SaaS providers
- Drift-aware refresh and re-review
- Saves rebuild time for common vendors
NIS2 Supplier Exposure Assessment
Available on: Productized advisory engagement — not part of the SaaS
Maps your in-scope supplier portfolio against NIS2 Article 21(2)(d). Delivers a board-ready exposure report and a scoped pilot plan if you want to move into the SaaS afterward.
- Maps your portfolio against NIS2 Article 21(2)(d)
- Board-ready exposure report
- Scoped pilot plan to move into the SaaS afterward
Common pricing questions
What counts as an "in-scope supplier"?+
An in-scope supplier is one whose disruption, compromise, or substandard security would materially affect your essential or important service under NIS2 — not your whole vendor master, just the suppliers you actually have to track. Most regulated mid-market buyers have between 10 and 80 in-scope suppliers, depending on size and sector. A 100-person Slovak utility typically lands in the 20–35 range. A 400-person fintech often sits closer to 50–80. Manufacturing buyers concentrate in fewer, more critical suppliers; SaaS-heavy buyers tend toward longer in-scope lists.
What's the difference between in-scope suppliers and the supplier library?+
The supplier library is the broader register of all suppliers visible in your account — including the in-scope ones plus suppliers you are tracking but not actively assessing. You pay for in-scope suppliers, not for everyone in the library. The library exists so you can map your full vendor ecosystem in one place, then promote suppliers into in-scope as your assurance programme grows. Library caps: 25 in Free, 200 in Starter, 400 in Growth, 600+ in Enterprise.
I assess one supplier across several process areas. Does that count more than once?+
No. One supplier counts as one in-scope supplier per year, no matter how many process areas you assess them against — governance, incident handling, BC/DR, supply chain dependencies, secure development, access control, asset and logging. Reassessments triggered by certificate expiry, incident, or scheduled review do not count as additional suppliers. The pricing follows the supplier, not the workload.
What if I just need a few extra in-scope suppliers, not a tier upgrade?+
You can add a Supplier Uplift pack for €1,200 a year, which adds ten in-scope suppliers to your current tier. Up to three packs stack on Starter or Growth — beyond that we will walk you through the next tier instead. Uplift packs are pro-rated to the remainder of your annual term. Enterprise has uncapped supplier counts and does not need uplift packs.
Why annual only?+
Paid tiers bill annually at launch. We're a small team, and every hour spent operating a monthly billing pipeline is an hour not spent shipping V1.2. Annual matches how every comparable product in the market sells — 3rdRisk, OneTrust, Vanta, Drata, Risk Ledger. The pilot through Q4 2026 is your trial. If V1 launch signups tell us monthly is what mid-market buyers want, we'll add it on Microsoft Marketplace. Until then: one invoice a year, on the date you sign.
Do you charge per user or per seat?+
No. Tiers include a fixed number of buyer users — 1 in Free, 5 in Starter, 10 in Growth, unlimited in Enterprise. If you need more users on a tier, that is a signal to look at the next band, not a per-seat upsell.
Can I buy through Microsoft Marketplace?+
From V1 production (Q4 2026), yes — Supply Chain Assurance will be available on the Microsoft commercial marketplace, with subscription cost committable against your Microsoft Azure spend. Direct billing will follow. Pilot customers join under a direct agreement at free or compute-cost pricing.
We're a supplier — why is the supplier side free?+
Suppliers do most of the work in the assurance loop. Charging you to answer your customer's questions would be backwards. The free supplier tier covers a verified trust profile, a reusable evidence library, response to buyer requests, and the supplier directory. Buyers pay because they need management visibility across many suppliers — that is where our price sits.
Pilot now. Subscribe in Q4 2026.
The first cohort gets the lifetime of input on what we build next. Free or compute-cost. Mutual exchange, not a limited offer.
Bratislava-based. EU-hosted. Microsoft Partner.