🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →

Book a Demo Install Sign in

Developer security for teams of all sizes

Simple, transparent pricing that grows with your team.

Free

per month,
per developer

For individual developers and small teams looking to stay secure as they build.

Get started

Unlimited developers & repos.

1,000 scans per month.

3 members, 1 repository label.

Detect 70+ risk types (malware, vulnerabilities, license, etc.).

Block malicious dependencies automatically.

AI analysis that flags hidden dependency behavior.

Team

$25

per month,
per developer

Save 20%

with yearly plan

For growing teams ready to streamline security with smart automation and reachability analysis to cut noise.

Get started

All Features in Free, plus:

5,000 scans per month.

10 members, 3 repository labels.

Exclusive to Socket — precomputed reachability analysis cuts 60% of CVE false positives automatically, no extra setup needed.

Priority scoring to focus on real risks.

Slack alerts for new malware or vulns.

Business

$50

per month,
per developer

Save 20%

with yearly plan

For organizations that need enterprise-grade automation, compliance, and integrations — no sales call required.

Get started

Contact Sales

All Features in Team, plus:

Unlimited members, Unlimited repository labels.

Unlimited scans & API quota.

Compliance integrations (e.g. Vanta).

SBOM import/export for full dependency visibility.

SSO/SAML & webhook automation.

Scan GitHub Actions and AI models.

Enterprise

Custom

For large organizations that need full application function-level reachability — eliminating up to 90% of irrelevant CVEs with the most powerful platform on the market.

Request trial

Buy on GCP Marketplace

All Features in Business, plus:

Full application function-level reachability that delivers industry-best accuracy, even in dynamic languages where others struggle — cutting up to 90% of irrelevant CVEs.

Integrations for GitLab, Bitbucket, Azure DevOps, and self-hosted repos.

SCIM provisioning, audit logs, IP restrictions.

Private Slack channel, migration help, named account manager.

Powering the best companies

Free

Team

Business

Enterprise

Unlimited developers

Unlimited public repositories

Unlimited private repositories

1 repository label

3 repository labels

Unlimited repository labels

5 members

10 members

Unlimited members

Core

Priority scoring

IDE plugins

Chat integrations

Ticketing integrations

Compliance integrations

SIEM integrations

Socket Open Source *

1,000 scans

5,000 scans

Unlimited scans

Scan 10+ languages

Autofix

Socket vulnerability DB

Block malicious packages

License compliance

Advanced license compliance

Reachability analysis

Scan GitHub Actions

Scan AI models

SBOM support

Full Application Function-level Reachability

Socket Threat Intel *

2 attack campaigns

Unlimited attack campaigns

30 threat feed items

Unlimited threat feed items

Threat feed API

Socket Certified Patches *

One-Click CVE Fixes

Automatic patch PRs

Continuous patch updates

Safe, human-reviewed patches

Reachability-powered remediation

Socket Firewall *

Block malicious packages at install time

4 supported ecosystems

10+ supported ecosystems

Custom security policy

Self-hosted or client/server deployment

Centralized visibility

Custom registries

Socket ExtensionGuard *

Scan browser extensions

Scan IDE extensions

Socket Basics - SAST *

Unlimited scans

10+ languages

Socket Basics - Secrets *

Unlimited scans

800+ secret detectors

Pre-commit & pre-receive hooks

Socket Basics - Container *

Unlimited scans

Public container registries

Automation

500 API quota per hour

5,000 API quota per hour

Unlimited API quota

1 API token

5 API tokens

Unlimited API tokens

Block or warn on PRs

Monorepo support

Webhooks

Integrations

GitHub

GitHub, GitLab, BitBucket, Azure DevOps

AI code agents

MCP server

IDE integrations

Proactive interventions

Self-hosted source code management

Analytics & Reporting

1,000 dependencies

1,000,000 dependencies

14 days scan retention

30 days scan retention

90 days scan retention

365 days scan retention

Analytics

Historical analytics

SBOM generation

Prioritization

Per-label security policy

Per-label license policy

Security

SOC2 Type II compliant

Advanced membership roles

Single-sign on (SSO/SAML)

Advanced authentication

Audit Log

SCIM provisioning

Support

Basic support

Priority support

Account manager

Private Slack channel

Uptime SLA

Training and onboarding

Get started

Contact Sales

Request trial Buy on GCP Marketplace

* Socket’s products are available for individual purchase. All products must be purchased within the same plan. Plan price varies per product.

Frequently Asked
Questions

How are the number of developers measured?

A developer is someone who made a commit to your organization's repository scanned by Socket in the past 90 days.

Is there special pricing for early stage startups?

We love startups! To get access to special pricing, contact us!

Is private source code shared with Socket?

No. Your source code never leaves your computer or your CI environment. Only your list of dependencies are sent to Socket's service.

Which payment methods do you accept?

We accept all major credit and debit cards on all plans; ACH/Wire on Enterprise plans. Your payment info is stored and processed securely by Stripe, a PCI Level 1 certified payments provider, and never touches our servers.

Do you support manual invoicing?

Yes. We can do manual invoicing for all Enterprise plans.

Can I cancel the subscription anytime?

Yes. You can downgrade or cancel your subscription anytime. When you cancel, you'll still have access to the plan's features for the time you've already paid for. After that period, your account will be downgraded to the Free plan.

Is there a discount available for yearly plans?

Yes. If you choose to pay annually, you’ll save up to 20% compared to paying monthly. We offer volume based discounts for Enterprise plans.

What happens when I change plans?

Upgrading or downgrading your plan works similarly to adding and removing users. Your account will be charged or credited based on the percentage of the billing cycle left at the time the plan was changed.

Are the prices inclusive of taxes?

Yes. All prices mentioned are inclusive of taxes.

Do I have to pay for open-source projects?

No. Socket is built on open-source software. Every developer on the Socket team is an open source maintainer so we are committed to supporting the open source community. Socket is and will always be free to use for open-source. If you want a free Team account for your open-source project, contact us.

What is priority support?

Priority support means that your support tickets will be prioritized first. We will also provide you with a dedicated account manager.

I still have questions.

Please reach out to us and we'll get back to you within 1 business day.

Developer security for teams of all sizes

Powering the best companies

Frequently Asked Questions

How are the number of developers measured?

Is there special pricing for early stage startups?

Is private source code shared with Socket?

Which payment methods do you accept?

Do you support manual invoicing?

Can I cancel the subscription anytime?

Is there a discount available for yearly plans?

What happens when I change plans?

Are the prices inclusive of taxes?

Do I have to pay for open-source projects?

What is priority support?

I still have questions.

Frequently Asked
Questions