Plans & Pricing

Simple pricing for teams of all sizes. No hidden fees.

BASIC
300/mo
Select the number of developers covered by SDepend.
Covers 10 users
For small teams to cover the basics.
  • SCA Vulnerability Scanning

    SDepend performs deep Software Composition Analysis to detect CVEs in your open-source dependencies.

    Scan your project against the largest vulnerability database with over 5,370,646+ analyzed packages. Support for 18 package managers ensures 100% visibility across all your tech stacks.
  • CI/CD integration Automated security scanning for DevSecOps pipelines including GitHub Actions, GitLab CI, and Jenkins.
    Seamlessly integrates with your build pipelines including Jenkins, GitLab CI, Azure DevOps, GitHub Actions, and more. Automated security gates ensure no vulnerability reaches production.
  • 10 Projects / Applications
  • IDE Plugins
  • Unlimited scans
  • SBOM Export Generate Software Bill of Materials in CycloneDX and SPDX formats for supply chain security and compliance.
    Generate Software Bill of Materials (SBOM) in CycloneDX and SPDX formats. Mandatory for regulatory compliance and supply chain transparency.
  • Vulnerability Lifecycle Tracking Vulnerability management and governance with custom status workflows and audit trails.
    Advanced vulnerability governance with custom statuses: REOPENED,IN_PROGRESS,CONFIRMED,OPEN,FALSE_POSITVE, TO_VERIFY, PROPOSED_FALSE_POSITIVE, and ACCEPTED_RISK (temporary) and others. Ensures robust exemption management and a clear audit trail for security waivers.
  • Security Gate Set risk thresholds (Security Gate) based on CVSS scores and severity to block insecure builds in your pipeline.
    Set custom security gates and thresholds based on severity, CVSS score, or vulnerability age. Trigger automated alerts or break builds only when specific risk levels are exceeded.
  • Detailed PDF & SBOM Reports
  • Rules based access controls (RBAC)
  • Standard Support
Start Free Trial
SaaS Free Trial in: 30d:00h:00m:00s
Most Popular
PRO
600/mo
Select the number of developers covered by SDepend.
Covers 10 users
For growing teams to scale security.
  • All Basic features, plus:
  • Vulnerability Reachability Analysis Advanced reachability analysis for SCA that identifies if vulnerable functions in open-source libraries are actually executed in your code.
    Reduces security noise by up to 90% by identifying if the vulnerable part of a library is actually called within your codebase.
  • SAST & Call Stack Analysis SAST-powered call stack analysis to trace execution paths from source code to dependencies, reducing security noise and false positives.
    Advanced Reachability Analysis: Traces the execution path from your source code directly to the vulnerable function inside the dependency. Confirms if your code actually triggers the flaw, reducing false positives by up to 80%.
  • Auto-Remediation (AutoFix) Automated vulnerability remediation with one-click Pull Requests and manifest updates to the safest compatible version.
    Fix vulnerabilities faster with one-click Pull Requests. Automatically updates your manifest files to the safest compatible version to resolve flaws without breaking your code.
  • License Risk Management Open-source license compliance management to identify legal risks and forbidden licenses.
  • Unlimited imported SBOMs Import and analyze external Software Bill of Materials (SBOM) for comprehensive supply chain visibility.
  • Unlimited Projects / Applications
  • Custom Security Policies Define enterprise security policies and custom thresholds for automated vulnerability governance.
  • Attribute-Based Access Control (ABAC) Granular security permissions and team management using Attribute-Based Access Control (ABAC).
    Manage Teams and Users with precise profiles (Admin, AppSec, Manager, Developer). Control granular permissions for every feature: allow specific users to validate False Positives, run/delete scans, or manage team access ... etc
  • Baseline & Health Trend Tracking Monitor security posture over time with baseline comparisons and vulnerability health trends.
  • Secret Scanning Detect leaked secrets, API keys, and credentials within your source code and git history.
  • RiskScore based prioritization Prioritize vulnerability remediation based on an advanced RiskScore considering severity and reachability.
Start Free Trial
SaaS Free Trial in: 30d:00h:00m:00s
ENTERPRISE
Custom
Unlimited Developers
Tailored to your organization
For orgs with advanced security & compliance needs.
  • All Pro features, plus:
  • On-prem & Air-gapped Scanning Self-hosted and air-gapped SCA scanning for highly secure environments and offline infrastructure security.
  • EPSS & KEV Integration Prioritize vulnerabilities using EPSS (Exploit Prediction Scoring System) and CISA KEV (Known Exploited Vulnerabilities) catalog.
  • Broker for Internal Apps Secure broker connection to scan internal applications and private repositories without exposing your network.
  • SSO & Active Directory Enterprise identity management with SAML 2.0, OIDC, LDAP, and Active Directory integration for Okta and Azure.
    Enterprise-grade SSO & Directory Integration. Support for SAML 2.0, OIDC, and LDAP/Active Directory. Connect with Okta, Google, OneLogin, or your internal corporate directory.
  • Service Level Agreement (SLA) Guaranteed uptime and support response times with enterprise-grade Service Level Agreements.
  • Dedicated Support & Success Manager
Contact Sales
Contact Us

Global Support - Available 24/7 for Enterprise Partners

contact@sdepend.com

Secure Your Supply Chain

Search vulnerabilities by package, version, and ecosystem. Understand risk. Prioritize faster. Analyze real impact.

Resources
Stay Protected

© 2026 SDepender. All Rights Reserved.