Simple, credit-based pricing
Credits are consumed during AI-validated scans. Quick scans are always free.
1 credit ≈ 100K tokens ≈ ~50 files or ~5,000 lines of code
5 credits/month
- Quick scans (unlimited)
- Validated scans
- CLI access
- Community support
100 credits/month
- Everything in Free
- Private repositories
- Diff/incremental scanning
- Email support
250 credits/month
- Everything in Starter
- GitHub Action + SARIF
- Priority support (24h)
- Usage analytics
1,000 credits/month
- Everything in Pro
- Team management
- Multiple API keys
- Dedicated support
Everything in Max, plus:
- Custom scan quotas (negotiated)
- Unlimited API keys
- SSO/SAML integration
- 99.9% uptime SLA
Premium support:
- Dedicated Slack Connect support
- Annual/multi-year contracts
- Data residency options (EU, US)
- Custom integrations (Jenkins, Azure DevOps)
Starting at $500/month • Negotiated based on team size
Compare Plans
Detailed breakdown of features and limits
| Feature | Free | Starter | Pro | Max |
|---|---|---|---|---|
| Monthly credits | 5 | 100 | 250 | 1,000 |
| Quick scans (local) | Unlimited | Unlimited | Unlimited | Unlimited |
| Validated scans (AI) | ✓ | ✓ | ✓ | ✓ |
| Private repositories | — | ✓ | ✓ | ✓ |
| Diff/incremental scanning | — | ✓ | ✓ | ✓ |
| GitHub Action + SARIF | — | — | ✓ | ✓ |
| Team management | — | — | — | ✓ |
| Multiple API keys | — | — | — | ✓ |
| Support | Community | Priority (24h) | Dedicated |
Frequently Asked Questions
Can I upgrade or downgrade at any time?+−
Yes! You can upgrade or downgrade your plan at any time. Upgrades take effect immediately, and downgrades take effect at the end of your current billing period. If you downgrade, you'll keep access to your current tier until the period ends.
What happens if I exceed my quota?+−
If you exceed your validated or deep scan quota, you can still run unlimited cheap scans (pattern-matching only). To run more validated/deep scans, you can either wait until your quota resets at the start of the next billing period, or upgrade to a higher tier immediately.
Do you offer refunds?+−
We offer a 14-day money-back guarantee on all paid plans. If you're not satisfied with Oculum within the first 14 days, contact us at support@oculum.dev and we'll issue a full refund, no questions asked.
What's the difference between scan depths?+−
Cheap scans use pattern-matching and run locally on your machine (<5s). Validated scans add AI validation to eliminate ~70% of false positives (~30s). Deep scans use multi-agent AI analysis for semantic vulnerabilities and business logic flaws (2-5 min). Learn more →
Is my source code stored?+−
No. Cheap scans run entirely on your machine. Validated and deep scans send code to our API for AI analysis, but we only store vulnerability metadata and small contextual snippets — never your full source code. All scan analysis happens in memory and is discarded after processing.
Can I use Oculum in CI/CD?+−
Yes! We have a GitHub Action and CLI that work great in CI/CD pipelines. The free tier includes 5 validated scans per month, which may not be enough for active repositories. Pro and Team tiers are designed for continuous integration workflows. See setup guide →
Ready to secure your AI-generated code?
Start with 5 free validated scans. No credit card required.