Network & port discovery
Nmap-powered scanning maps every open TCP/UDP port and running service. Know your exposed surface before attackers do.
Vulnerability scanning, on autopilot
Find vulnerabilities before attackers do.
SecurityLayer runs continuous, automated security scans across your websites, servers, networks, and APIs — powered by industry-leading scanners, managed end-to-end so your team can focus on remediation.
First target free forever · No credit card required
Features
Every scanner you need.
One unified platform.
Network, web, SSL, and infrastructure scanning — with continuous monitoring, alerting, and remediation guidance baked in.
CVE & vulnerability detection
OpenVAS and Nuclei detect known CVEs, misconfigurations, and weaknesses across servers, devices, and web stacks.
Web app & OWASP Top 10
OWASP ZAP catches XSS, SQL injection, IDOR, and the rest of the OWASP Top 10. Authenticated scanning included.
SSL / TLS analysis
Verify cipher suites, protocol versions, and certificate health with SSLyze. Catch expiring certs weeks in advance.
WordPress & CMS scanning
WPScan checks plugins, themes, and core for vulnerable versions. Specific to WordPress, with deep coverage.
Continuous scheduling
Daily, weekly, or custom cron schedules. We run scans automatically and alert you the moment something new is found.
CVSS & risk scoring
Every finding scored by CVSS 3.1 and ranked by exploitability. Triage with confidence; fix what matters first.
Compliance reporting
Map findings to SOC 2, ISO 27001, GDPR, CCPA, and TPN controls. Generate audit-ready PDF evidence in one click.
Developer-first API
REST API, webhooks, Slack alerts, and CI/CD hooks. Trigger scans from pull requests; fail builds on regressions.
How it works
From signup to first finding
1
Create your workspace
Sign up in under two minutes. Sensible defaults for severity thresholds, schedules, and alerts — all editable.
2
Add your targets
Drop in domains, IPs, CIDR ranges, or APIs. Group them by environment for organised scanning and reporting.
3
Run your first scan
Hit go — or schedule it. Findings stream in live with CVSS scores, references, and remediation steps.
“No agents to install. No consultants. You can be scanning before lunch.”
Pricing
Simple pricing.
No hidden tiers.
First target free forever. Unlimited team members on every plan. Cancel anytime.
Basic
$49
per month
5 targets included
- Nmap, SSLyze & Nuclei scanners
- Continuous scheduling
- Email & Slack alerts
- CVSS scoring & dashboards
- Compliance reporting
- Unlimited team members
Most popular
Premium
$109
per month
15 targets included
- Everything in Basic
- OWASP ZAP web scanning
- Authenticated scans
- Internal network scanning (agent)
- REST API & webhooks
- CSV / JSON export
Professional
$189
per month
50 targets included
- Everything in Premium
- OpenVAS network scanning
- White-label PDF reports
- SAML 2.0 SSO
- Multi-client workspaces
- Priority support & onboarding
All plans include unlimited team members at no extra cost. Additional targets billed per-target on the same plan.
Compare
Honest scanning, fair pricing.
See what other vulnerability scanners charge extra for — or simply don't include.
| SecurityLayerfrom $49/mo | Detectifyfrom $89/mo | HostedScanfrom $79/mo | Intruderfrom $113/mo | |
|---|---|---|---|---|
| Scanning Coverage | ||||
| Network & port scanning (Nmap) | ✓ | — | ✓ | ✓ |
| Web app scanning (OWASP ZAP) | ✓ | ✓ | ✓ | ✓ |
| CVE detection (OpenVAS) | ✓ | — | ✓ | ✓ |
| SSL / TLS analysis | ✓ | ✓ | ✓ | Paid tier |
| WordPress / CMS (WPScan) | ✓ | — | — | — |
| Workflow & Access | ||||
| Authenticated scans | ✓ | ✓ | Paid tier | Paid tier |
| Internal network agent | ✓ | — | Paid tier | ✓ |
| Unlimited team seats | ✓ | Paid tier | ✓ | Per-seat |
| Role-based permissions | ✓ | ✓ | Paid tier | ✓ |
| SAML 2.0 SSO | ✓ | Enterprise | Enterprise | Enterprise |
| Compliance & Reporting | ||||
| SOC 2 / ISO 27001 mapping | ✓ | Paid tier | ✓ | Paid tier |
| White-label PDF reports | ✓ | Paid tier | Paid tier | — |
| REST API & webhooks | ✓ | ✓ | Paid tier | ✓ |
| Onboarding | ||||
| Free permanent target | ✓ | 14-day trial | 14-day trial | 14-day trial |
Competitor pricing based on publicly listed rates, April 2026. Prices shown per workspace/month on monthly billing.
Built for every team
From startup to scale
Whether you're shipping your first MVP or managing hundreds of clients, SecurityLayer scales with you.
Startups & growing teams
- Enterprise-grade scanners without the enterprise price tag
- Continuous scheduling means you focus on building
- Meet SOC 2 requirements as you grow — evidence ready on demand
- One free target, permanently — no credit card
MSPs & security teams
- Multi-client workspaces with isolated data per tenant
- SAML SSO and white-label reporting for client delivery
- API-first design integrates with your existing toolchain
- Manage hundreds of targets across clients from one console
Security
Your scan data,
treated like the secret it is.
Vulnerability data is sensitive by definition. SecurityLayer is built so your security findings stay in a workspace that respects boundaries.
AES-256 at rest, TLS 1.3 in transit
Scan results, credentials, and reports are encrypted everywhere. Application-level encryption for stored secrets.
MFA enforcement
Enforce multi-factor authentication per workspace. Optional SAML SSO with Okta, Azure AD, and Google Workspace.
Role-based access
Owner, admin, member, and viewer roles. Scope permissions per workspace; isolate findings to need-to-know teams.
Tenant isolation
Each workspace's data is logically isolated. No cross-tenant access — ever — and no shared scanner state.
Full audit trails
Every scan, login, and configuration change is logged. Export to your SIEM for long-term retention and compliance.
Granular IP allow-listing
Restrict workspace access by IP range. Optional API key scoping limits CI/CD pipelines to specific actions.
FAQ
Questions, answered.
SecurityLayer runs industry-leading open-source scanners managed for you: Nmap for port discovery, SSLyze for TLS analysis, Nuclei for template-based detection, OWASP ZAP for web application testing, OpenVAS for network vulnerability scanning, and WPScan for WordPress sites.
Every account includes one free target permanently. No credit card required to get started. You can run all scan types available on your plan against your free target with no time limit.
Yes, on Premium plans and above. Deploy our lightweight Linux agent inside your network. The agent polls SecurityLayer for jobs and posts results back over a single outbound TLS connection — no inbound firewall rules required.
SecurityLayer maps scan results to SOC 2 Type II, ISO 27001, GDPR, CCPA, and TPN (Trusted Partner Network) controls. Generate audit-ready evidence reports on demand.
Yes, on Premium and above. We support recorded login sessions, session cookies, and custom HTTP headers. This lets ZAP scan past login forms and authenticated areas of your web app.
Yes. Import vulnerability data from Snyk, GitHub Dependabot, and other tools via CSV or JSON. All imported findings are normalised, deduped, and tracked alongside scanner-detected issues.
Yes — Premium plans include a full REST API with API-key authentication. Trigger scans, retrieve results, manage targets, and integrate with your CI/CD pipeline. Webhooks fire on scan completion and new critical findings. See the API documentation for details.
Set scans to run daily, weekly, or on a custom cron schedule. SecurityLayer runs the scan automatically and alerts you via email, Slack, or webhook the moment new critical or high-severity findings are detected.
Professional plans include custom-branded PDF reports. Upload your logo, set brand colours, and generate audit-ready reports under your own brand for client delivery.
Yes, Professional plans include SAML 2.0 SSO compatible with Okta, Azure AD, Google Workspace, and any other SAML 2.0 identity provider.
Every plan includes unlimited team members at no extra cost. Owners, admins, members, and viewers are all free. You only pay per target scanned.
SecurityLayer runs in EU and US regions with full encryption at rest and in transit. Contact us for specific data residency requirements or single-tenant deployments.
Ready to find what attackers already know?
Create a workspace in under two minutes. Your first target is free, forever — no credit card.