Pricing
Enterprise only.
Custom scoped.
Every organization has a different attack surface. We don't believe in one-size-fits-all pricing for intelligence this critical.
Why we don't publish pricing.
Every perimeter is different.
A 50-person startup with a single product has a fundamentally different public footprint than a Fortune 500 with thousands of developers across dozens of subsidiaries. The scope of reconnaissance, the volume of findings, and the depth of analysis vary dramatically. Our pricing reflects your actual exposure — not an arbitrary tier.
Intelligence should not be commoditized.
The intelligence we deliver is verified, unredacted, and actionable. Every finding in your dossier has been cryptographically validated and independently confirmed. This is not an automated scan report — it's a forensic audit performed by purpose-built engines and reviewed by human analysts.
We scope to your risk, not a plan.
Some organizations need a one-time baseline audit. Others need continuous monitoring to catch new exposures as they happen. Your engagement is scoped around what you actually need — detection and delivery, nothing more.
What every engagement includes.
Historical Forensic Audit
A complete, one-time extraction of every credential and infrastructure signature exposed in the public domain.
Encrypted Dossier Delivery
Findings delivered through our secure portal with full source URLs, timestamps, committer data, and unredacted credentials.
Dedicated Analyst
A named GitShield analyst assigned to your engagement for direct communication and questions about your findings.
NDA & Legal Framework
Mutual NDA, Master Service Agreement, and full legal documentation issued within 24 hours.
Available add-on.
Scoped and priced based on your requirements.
Continuous Risk Radar
24/7 ongoing monitoring of the global public domain for new exposures. Real-time alerts to your security desk the moment something surfaces.
Common questions.
Can I get a ballpark estimate?
We provide a detailed quote after a brief scoping conversation. Engagement pricing is based on the size of your public footprint, the volume of findings, and whether you need ongoing monitoring. We're transparent about costs once we understand your scope.
Is there a minimum engagement size?
GitShield is designed for organizations where a credential exposure has material business impact. We typically engage with mid-market and enterprise organizations, but we evaluate every inquiry on its merits.
Do you offer trials or pilots?
We don't offer free trials, but every engagement begins with a baseline audit so you see the value of our intelligence before committing to ongoing monitoring. If we find nothing, the conversation ends there.
What's the typical timeline?
From initial contact to dossier delivery: typically 48–72 hours. NDA issued within 24 hours. Audit results delivered within 24 hours of engagement start.
Do you handle remediation?
No. We are a pure detection and intelligence service. We find every exposure and deliver the full, unredacted findings to your team. Remediation — credential rotation, repository cleanup, takedown requests — is handled by your team on your terms.
Request a custom quote.
Tell us about your organization and we'll scope an engagement that fits.
Start an engagementsales@gitshield.io