Plans & pricing

Each product has its own section below. For example, API Risk and Agent Security sit in separate blocks. In addition, you subscribe in the live app with Stripe Checkout.

Therefore, you always see the amount and currency before you pay. Finally, new tiers will appear here so the homepage stays short and clear.

Live · app.alfanestlabs.com

API Risk Monitor

Read-only static analysis of OpenAPI 3.x specs: risk score, findings on authentication gaps and sensitive routes, short remediation hints, and a Markdown report per scan.

Because teams need fast triage, the output is built for engineering prioritisation. However, it is not a penetration test or a compliance certificate.

Open scanner App home →

Starter and Team plans

Although both tiers use the same scan engine, Team offers a larger monthly pool and bigger specs. Pick Starter for one owner; choose Team when volume grows.

Starter

Solo & small projects

€39 / month

~100 scans per month
1 seat (browser session after Stripe Checkout)
Risk score, severities, remediation hints
Markdown report per scan

Subscribe — Starter

Details — Starter

Best when one person or a single service owns API hygiene. After checkout, the app sets a secure session cookie for that browser.

Usage then counts toward your monthly scan quota. Typical use includes CI-adjacent checks, pre-release spec review, or watching one API surface.

Payload limits follow the Starter tier on the server (smaller max spec size than Team).

Upgrade or cancel via Stripe Customer Portal from the app.
Demo or beta access may bypass billing if the operator enables a beta key — not guaranteed for production.

Team

Shared quota for a small team

€99 / month

~500 scans per month (pooled)
Up to 5 members when org features ship in-app
Larger OpenAPI payloads than Starter
Same engine; roadmap: CSV export, team-scoped history

Subscribe — Team

Details — Team

One subscription shares a monthly scan pool across the workspace. Small teams use it for frequent spec checks or larger documents.

Multi-seat management in the UI is on the roadmap. Until then, billing stays one Stripe subscription. Quotas follow the Team tier on the backend.

Higher body / URL-fetch limits for large specs (vs Starter).
Future: per-workspace webhooks, CSV exports, and history scoped to your organisation.

Bundle: API Risk + Agent Security

Moreover, one subscription can cover both products. For instance, you get pooled OpenAPI scans plus a monthly quota for agent decide calls in one checkout.

Bundle

API Risk Monitor + AI Agent Security Layer

€99 / month

~800 OpenAPI scans per month (pooled in app; configure via server)
~75,000 agent security decide calls per month (app quota)
Policies, approvals, audit trail + risk score & Markdown reports
One Stripe subscription — complete checkout in the live app

Subscribe — Bundle

Checkout, list prices, and trials

Monthly amounts in EUR are list prices for comparison on this page. When you subscribe, you pay inside the app. Stripe Checkout shows the exact charge and currency before you confirm.

Try before you buy: the app may allow a small number of scans per day per network (UTC) without a subscription. That way, you can see the output format first. Beyond that limit—or if the server moves to subscription-only—you need an active plan.

Live · app.alfanestlabs.com

AI Agent Security Layer

Control layer for production agents: policies on tool calls, human approval for risky actions, and an append-only audit trail—before email, tickets, or APIs run.

This product is not an agent builder. Instead, you integrate the decision API before side effects run.

Product page Dashboard Sign in View pricing & MVP

Plans and checkout

Similarly to API Risk, live prices sit next to the product. Use the buttons above to open the in-app section.

Subscribe (Stripe)

When checkout is wired

List targets (Dev free, Starter, Growth, Pro) are on the in-app product page. The button above opens that section. Visitors then see the same numbers as on this labs page.

After you pick a tier, Stripe Checkout in the app will match the API Risk flow.

Decision API + policies (JSON) + approvals + read-only dashboard
POST /decide · events · approvals — Bearer or integration keys
Use View pricing & MVP until dedicated checkout links are published

MVP API endpoints

Agent Security subscriptions are not necessarily on this static HTML page; pricing copy lives next to the product. For enterprise or custom terms, use the contact form (messages go to contact@alfanestlabs.com).

Preview · app.alfanestlabs.com

Machine Identity

Inventory and govern non-human access to your APIs and AI agents. Declare identities in a manifest, upload via CI, review queues (ownerless, stale, over-wide), and get alerts when drift is detected.

Vault Encryption — Powered by SafeKey (Growth+): manifests are encrypted client-side with AES-256-GCM before storage. The server never sees your password. SafeKey crypto engine handles Key Shield derivation, HMAC integrity, hash chain verification, Shamir secret recovery, and encrypted .sfk exports on higher tiers.

Free