How CISGuard is licensed.
Per-deployment licensing based on endpoint count. All capabilities included in the base license. No per-module fees, no metered scans, no surprise true-ups.
Starter
Small teams beginning continuous compliance.
- Up to 50 endpoints
- 10 security benchmarks
- Real-time compliance dashboard
- Executive + detailed reports
- Email notifications
- Managed onboarding
- Community support
Professional
Growing organizations with serious compliance posture.
- Up to 500 endpoints
- All 22 security benchmarks
- Continuous monitoring + drift detection
- Multi-framework mapping (CIS, NIST, ISO, SOC 2)
- Teams, Email, Webhook notifications
- Executive + detailed + gap analysis reports
- SIEM integration (Syslog)
- Azure Entra ID SSO
- Priority email support
Enterprise
Large organizations operating at maximum scale.
- Unlimited endpoints
- All 22 security benchmarks
- Continuous monitoring + drift detection
- All four framework mappings
- Full SIEM integration (Syslog, CEF, Webhook)
- SSO (SAML 2.0 + Azure AD) + LDAP
- Exception and waiver workflow
- Scheduled scanning with blackout windows
- Multi-tenant architecture
- Air-gapped deployment support
- Dedicated compliance engineer + SLA
- All notification channels
Capabilities that ship in the base license.
Licensing questions, answered.
CISGuard is licensed per deployment based on the number of endpoints. All features within your plan tier are included with no per-module or per-scan fees.
Enterprise security deployments vary materially by endpoint count, framework scope, deployment topology (on-prem, air-gapped, hybrid), and SLA requirements. We provide a fixed quote within one business day of an initial conversation, with no hidden modules or metered scans afterwards.
We offer a 45-minute Executive Briefing: a live scan against a sample of your own infrastructure with your security engineering team in the room. Contact sales@cisguard.ae to schedule.
Yes. You can upgrade your plan at any time. Our team handles the transition with zero downtime.
Any Windows, Linux, or container host that runs the CISGuard agent. Cloud-scanned resources (Azure subscriptions, AWS accounts, M365 tenants) are counted separately based on your plan.
Yes. Custom pricing is available for large deployments (500+ endpoints) and multi-year agreements. Contact sales@cisguard.ae for a quote.
All plans include managed onboarding. Professional plans include priority email support. Enterprise plans include a dedicated compliance engineer with SLA-backed response times.
Ready for a tailored quote?
A 45-minute Executive Briefing. Live scan against your environment, framework mapping walkthrough, fixed quote within one business day.