Vornin
Start free
Scan. Resolve. Prove.

Vulnerability management pricing
made easy.

Vulnerability scanning and compliance management fused on one EU-hosted platform. Plans start at €99/month with a 14-day free trial and a free-forever plan.

  • 15 scanners, 9 frameworks
  • EU data residency
  • No credit card required
Free
€0 /month, forever
3 targets

Try every scanner on 3 targets. Free forever.

  • All 15 scanners
  • EU-hosted in Germany
  • AI-enriched findings (CVE/CVSS/EPSS/KEV) + triage
  • 1 compliance framework preview
Start free
Team
€99 /month
5 targets

For solo IT and small teams running their own scans.

All Free features, plus

  • Unlimited users
  • 5 scheduled scans
  • All 9 frameworks + attestation workflow
  • Tenant audit log
  • REST API access
Start free trial
Scale
€559 /month
5 targets

For large international organisations with multi-cloud estates or regulated audits.

All Business features, plus

  • Unlimited scheduled scans
  • CI/CD build gates
  • White-label reports + branding
Request a trial
Need more targets? Use the slider to fit your needs. Targets:
5 200+

Vornin vulnerability management pricing combines a fixed plan price with a target-based allowance. A target is a hostname, IP, IP range, URL, or cloud account (AWS, Azure, GCP, Kubernetes). Volume discounts apply after 50 and 100 targets. Need more than 200? Type any number. The rate stays at €3/target (€2.40 annual).

Compare tiers

What's in each tier.

Compare tiers Targets: 5
Free €0
Team €99
Business €239
Scale €559
Coverage
Scheduled scans
Hands-off scans on your cadence. Free runs manual only.
Manual
5
15
Unlimited
AI triage and remediation guidance
Per-finding exploitability assessment plus plain-language fix guidance. Suppresses CVSS noise.
Attack surface management
Continuous attack surface monitor + per-asset risk score 0-100. Find what you forgot you owned. Free runs the subdomain scanner on demand; automatic daily monitoring requires Team+.
Manual
CVE / CVSS / EPSS / KEV enrichment
Every finding enriched with NVD lookup, exploit probability, and CISA known-exploited flag.
Reachability filter on dependency findings
Drops CVEs in dependencies your app never imports. No more noise on unused transitive deps.
Compliance
EU and international compliance framework mapping
NIS2, DORA, ISO 27001, SOC 2, GDPR, HIPAA, PCI DSS, CIS Controls v8, NIST 800-53 mapped to your findings.
1 preview
Attestation workflow with evidence vault
Per-control sign-off, history, expiry reminders. Acts on the frameworks you see.
Tamper-evidence chain (signed audit trail)
Every finding event gets a SHA-256 hash link, from day one. Tamper shows up as a broken chain. Runs on all tiers.
Auditor pack (tenant-wide compliance bundle PDF)
Bundles the hash chain into one PDF an auditor can verify offline. Hand them a chain, not a folder of PDFs.
Audit evidence pack (PDF + CSV bundle)
Answers the auditor's evidence request in one generated pack: coverage, scan cadence, SLA history, verified fixes, accepted risks. CSVs included for anything they want to check.
Vulnerability management policy (generated)
Your VM policy as a PDF, built from your live SLA targets, cadence, and coverage. It cannot drift from what you run. You review and own it.
Management review report
Quarterly posture report for leadership: risk trend, cadence adherence, top open risks, sign-off block. Covers the ISO 27001 management review.
Operations
PDF report export
Technical and executive PDFs per scan. Free is in-app only.
SARIF, SBOM, and CSV exports
SARIF v2.1.0 for CI, CycloneDX SBOM for supply chain, CSV for everything else.
Scan import (Nessus, OpenVAS, CSV, JSON)
Bring history from your previous scanner. No starting from zero.
Scan comparison
Diff two scans. See what's new, fixed, or regressed since last time.
Suppression rules
Triage once. Pattern, host, and scanner filters silence known false positives.
Webhooks and chat alerts (Slack, Teams, Jira, Discord)
Push findings into your team's channels and tickets.
SLA enforcement with auto-escalation
Email and webhook on breach. The system chases stale findings. Tighten a policy and open findings get the new deadlines too.
Drift detection alerts
Alerts when an asset's posture changes between scans.
REST API access
Programmatic scan creation, finding queries, report retrieval.
Git PR write-back (GitHub, GitLab, Azure DevOps)
Auto-issues and PR fix-plan comments on High/Critical findings.
CI/CD build gates (block on Critical/High)
Shift security left. Fail the pipeline before the vulnerability ships.
Custom PDF branding (logo, colour, footer)
Your logo, primary colour, and footer text on every report.
Full white-label (Vornin branding removed)
Reports leave no trace of Vornin. For MSPs and resold deployments.
Security
Unlimited users
No seat tax. Add the whole team. More eyes on findings, not on the invoice.
Tenant audit log (action trail)
Full per-tenant action trail of who did what, when. Baseline for any audit interview.
Tenant governance (IP allowlist + MFA enforcement)
IP-range gating plus tenant-wide MFA (TOTP) enforcement.
SAML 2.0 SSO
Federated identity with any SAML 2.0 IdP. Tested with Okta, Entra ID, Google Workspace, PingFederate.
SCIM 2.0 provisioning
Automated user and group lifecycle from your IdP. Writable Users + Groups.
Integrations
Cloud providers
AWS, Azure, GCP via read-only IAM. Kubernetes via kubeconfig. Each connection counts as one target.
AWS Azure Google Cloud Kubernetes
AWS Azure Google Cloud Kubernetes
AWS Azure Google Cloud Kubernetes
Code hosts
Clone for SAST, secrets, dependency scans. PR write-back gated at Business+.
GitHub GitLab Azure DevOps
GitHub GitLab Azure DevOps
GitHub GitLab Azure DevOps
Chat & ticketing
First-class webhook payload shapes for each platform.
Slack Teams Jira Discord
Slack Teams Jira Discord
Slack Teams Jira Discord
Identity providers (SAML + Entra OIDC)
Standards-compliant SAML 2.0 plus dedicated Entra ID OIDC flow.
Okta Entra Google Workspace PingFederate
Okta Entra Google Workspace PingFederate

Prices in EUR exclude VAT. Reverse-charge for EU business customers with a valid VAT ID. USD / GBP available on request.

Evaluating other tools? Compare vulnerability management software models →

What's included in the free trial?

14 days of full Team or Business access, depending on which plan you start. No credit card required. Cancel anytime during the trial, or pick a paid tier at the end. Scale is request-based. Contact us for a Scale trial.

How is Vornin's pricing calculated?

Vornin pricing combines a fixed plan price with a variable target charge. Choose the plan tier based on the capabilities and scan allowance you need, then set the number of targets in your environment. That keeps vulnerability management pricing predictable: per-target rates fall as you add more, and the calculator above shows your exact monthly and annual price.

What counts as a target?

A target is anything you add for scanning: a hostname, IP, IP range, URL, or cloud account (AWS, Azure, GCP, Kubernetes). Each entry counts as one target however many hosts or resources sit inside it, so an IP range or a cloud account is a single target, not one per discovered asset. Assets found during a scan are not counted until you choose to promote them to a target.

Does Vornin charge separately for users, scanners, or compliance frameworks?

No. Paid plans include unlimited users, all 15 scanner engines, and mapping to all 9 supported compliance frameworks. You pay for the plan tier and your target count, not per user and not per scanner. Some advanced workflow, governance, reporting, and audit capabilities depend on the plan tier.

What audit evidence does Vornin generate?

Business and Scale plans generate what an auditor asks for: a period-scoped evidence pack (PDF plus CSVs), a vulnerability management policy built from your live configuration, a quarterly management review report, and per-finding evidence bundles with a tamper-evident hash chain. It answers the evidence request; it is not a certification and not a guaranteed audit outcome.

How is vulnerability management software usually priced?

Vulnerability management platforms may be priced per asset, per IP, per endpoint, per user, per scanner, per module, per scan allowance, or by managed-service scope. Enterprise and partner-led vendors often provide a custom quote instead. These models are not directly comparable, because the metered unit, included features, support, and contract minimums all differ. Vornin combines a fixed plan price with a target-based allowance and publishes the calculation before you sign up.

Why do some vulnerability management vendors not publish full pricing?

Some sell through resellers or managed-service partners whose margins and packages vary. Others support enterprise deployments that need custom integrations, onboarding, support, data residency, or contract terms. Private quoting also gives vendors flexibility to vary commercial terms by customer size, scope, urgency, contract length, and willingness to pay. The mix differs by vendor, but the buyer faces the same result: the final cost is unknown until a sales call or quote. Vornin publishes its standard prices and target-based calculation, so you can establish the cost without a mandatory discovery call.

What should I compare besides the headline subscription price?

Compare the unit being charged, minimum contract value, included users, scanner coverage, compliance mapping, reporting, evidence retention, integrations, implementation fees, support, professional services, overage rules, and the cost of adding more assets. A low starting price can become expensive when key capabilities are separate modules, or when growth increases your licensed asset count. Compare vulnerability management software models to see how self-serve platforms, enterprise suites, open-source approaches, and GRC tools differ in pricing structure, operating burden, and audit evidence.

Can I change the number of targets after I sign up?

Yes. Slide the target count up or down in-app at any time. Increases are prorated to your billing cycle; decreases take effect on your next renewal.

Does Vornin's pricing include VAT?

Listed prices exclude VAT and other applicable taxes. Taxes are calculated at checkout by Paddle, our Merchant of Record, based on your business status and location. Eligible EU business customers may be charged under the reverse-charge mechanism after validating their VAT ID.

Can I cancel my plan at any time?

You can cancel renewal at any time. Monthly plans remain active until the end of the current billing period; annual plans remain active until the end of the 12-month term. See our terms.

What happens to my data if I cancel?

Your data stays available for 30 days after cancellation so you can export findings, reports, and audit evidence. After 30 days it is permanently deleted. You can request immediate deletion at any time per our DPA.

Question not covered? Email hello@vornin.com.

Get started

Get results on your security and compliance posture in minutes.

Start free, upgrade on-demand, cancel any time. 14-day trial for Team and Business. No CC required.

MSP or multi-tenant resale? Email us