Annual plans · B2B SaaS SOC 2

Simple pricing for a serious SOC 2 workspace.

One product: checklists, evidence, policies, integrations, and clear control status from deterministic rules—not from an LLM guessing green checks. We don’t issue SOC 2 reports or replace your auditor.

Deterministic status

Rule-verified vs evidence-linked controls—LLMs classify; they don’t decide satisfaction.

Evidence & checklists

SOC 2 TSC catalog, Annex A (ISMS) catalog, uploads, and (when connected) GitHub, GitLab, Jira, Drive, Slack.

Policies & export

TSC-aligned policy starters (customize for your auditor). Audit bundle export on paid plans.

Trust Center

Optional public posture page at /t/[slug] for your customers—configured in the app.

Tiers differ by support level and how we recommend you buy—not by turning off core product features in software. Choose Professional if you want priority support on your first SOC 2 program; choose Starter if email support matches your pace and budget.

Policy starters reference SOC 2 TSC control IDs (CC1–CC9 and listed Additional Criteria)—not legal advice. Annex A controls use separate IDs in the same evidence pipeline.

Qualification & fit 12-week readiness roadmap

Starter

Build the program

Full workspace on annual billing with email support. Best when you want the same capabilities with standard response times.

£2,999/year

SOC 2 TSC + Annex A catalogs in-app
Evidence uploads & integrations (GitHub, GitLab, Jira, Drive, Slack) when you connect them
Policy starters, gaps, remediation guidance, Trust Center
Audit bundle export (paid)
Email support

After payment or request, we provision your workspace and email access—typically within one business day.

Recommended

Professional

Run it like a product

Same platform with priority support—our default for B2B SaaS teams on a first or early SOC 2 Type II track who want faster answers while integrations and remediation are in daily use.

£5,999/year

Everything in Starter
Priority support
Positioned for git-first evidence (GitHub & GitLab) and broader integration use
AI classification + remediation APIs suggest what to upload next

Same provisioning flow: checkout or email, then we enable your tenant.

Enterprise

Scope & procurement

SSO, multi-workspace, security review packages, and dedicated success are not implied until captured in contract—email us to align.

Custom

Commercial and security terms matched to your procurement process
Multi-entity or advanced scope discussed up front
Dedicated success where agreed in writing

Contact sales

Trial: Scope is aligned when we provision your workspace (typically includes five recommended SOC 2 controls, uploads and git-host sync where connected, AI classification, and gap views). Full checklist access and audit bundle export require a paid plan.

Questions

Straight answers—aligned with how the app actually behaves today.

What’s included in the trial?

Trial scope is confirmed when your workspace is provisioned—typically five recommended SOC 2 controls with upload and sync for those controls (e.g. GitHub or GitLab when connected), AI classification, and gap visibility. Opening the full checklist and downloading the audit bundle are paid-plan features.

Do Starter and Professional get different software?

The same core product. The difference on this page is support level (email vs priority) and which tier we recommend for first SOC 2 programs—not a separate “lite” codebase hiding features behind the cheaper SKU.

What does “AI” actually do?

It classifies evidence and helps surface what to upload next via remediation guidance. Control satisfaction comes from your evidence and deterministic rules in the product—not from an LLM marking controls complete.

Who should talk to sales?

Procurement-heavy deals, SSO or multi-workspace needs, multi-entity scope, or anything that must be confirmed in a security review or contract. We won’t assume those are included until they’re written down.