Know Exactly What You'll Pay Before You Talk to Anyone
Start with What You Need. Add Modules as You Grow.
For teams replacing spreadsheets with governed proof
- Governed controls, evidence, and assessments
- Unlimited reviewer access and sharing
- SSO, SCIM, RBAC, and audit exports included
- Ask Aurora AI-assisted answers
- 5 operators, 1 workspace, 1 framework
- 25 review projects per year
For teams buried in reviews, renewals, and vendor diligence
- Everything in Core, plus:
- Automated evidence collection (10 connectors)
- Risk registers and remediation workflows
- Vendor risk management (50 vendors)
- Same base footprint, more review-heavy workflow coverage
- 50 review projects per year
For broader programs that need the full governed-proof platform before Command
- Quoted bundle before premium Command scope
- Continuous Compliance and Risk & Accountability
- Readiness Suite bundle included
- Vendor Risk (250 vendors)
- 10 operators and 3 frameworks
- Command quoted separately when provenance scope changes
See Exactly What Each Plan Includes
| Features | Core From $600/Mo | Professional From $1600/Mo | Enterprise From $2600/Mo |
|---|---|---|---|
| Base platform | |||
| 5 | 5 | 10 | |
| 1 | 1 | 1 | |
| 1 | 1 | 3 | |
| 25 | 50 | 25 base | |
| Reviewer operations | |||
| Compliance automation | |||
| 10 | 10 | ||
| Risk & accountability | |||
| 50 vendors | 250 vendors | ||
| Readiness | |||
| Command | |||
| Quoted separately | |||
| Quoted separately | |||
| Start Core | Start Professional | Talk Through Enterprise Fit | |
Named seats for team members who manage controls, approvals, evidence, or reviewer workflows. Reviewers are always free.
Learn moreScoped boundaries for business units, subsidiaries, or client programs. Each workspace gets its own controls, evidence, and reviewer access.
Learn moreCompliance frameworks like SOC 2, ISO 27001, or HIPAA. Aurora reuses one proof graph across frameworks instead of rebuilding each one.
Learn moreAudits, buyer reviews, renewals, and vendor assessments. Aurora meters by project, not by question count or approved domain.
Learn moreExternal reviewers, auditors, and buyers access proof without counting against your seat limit. No approved-domain caps or viewer-seat charges.
Learn morePublish proof tiers, manage reviewer access, and control what evidence is visible to each audience with full audit trails.
Learn moreEnterprise identity, access, and role controls ship in every plan. No security-tax upsell to get the basics.
Learn moreStructured exports, audit-period diffs, SIEM sinks, and webhooks for downstream compliance and security tooling.
Learn moreRetrieve prior answers, citations, and proof context using AI. Reuse existing evidence instead of rebuilding from scratch.
Learn moreRead-only integrations, scheduled evidence checks, drift detection, and evidence freshness signals that keep proof current between reviews.
Learn moreConnector-backed evidence collection from cloud providers, SaaS tools, and infrastructure. Automate what you used to upload manually.
Learn moreContinuous monitoring flags when evidence drifts from expected state, giving teams time to remediate before the next review.
Learn moreTrack risks, assign owners, set due dates, and produce closure evidence. Remediation workflows replace scattered follow-up threads.
Learn moreVendor inventory, due diligence questionnaires, assigned assessments, Vendor Watch, and shareable outputs for third-party reviews.
Learn moreRoute requests to the right owner with escalation paths and SLA tracking. Every request gets an accountable trail.
Learn moreTraining assignments, custom content, acknowledgments, phishing simulations, and readiness dashboards tied to your proof record.
Learn moreTabletop exercises, incident management, playbooks, emergency communications, and after-action records with readiness analytics.
Learn moreBuild-your-own training content, phishing simulation campaigns, and completion tracking with evidence that survives the next audit.
Learn moreOn-premises evidence plane with scoped collectors, field coverage, encrypted snapshots, and governed exports for regulated environments.
Learn moreGoverned actions with plan, apply, rollback, and approval history for high-assurance environments that need operational control.
Learn moreBuild Your Exact Configuration
Core includes 5
Core includes 1
Core includes 1
Core includes 25
Published annual list-price estimate from the same units on this page.
Reference bundles help buyers orient. Aurora can package the motion cleanly.
- This configuration qualifies for self-serve checkout at published prices.
Every Module and Add-On, Priced Transparently
Pricing That Doesn't Require a Sales Call to Understand
Unlimited reviewer seats, always
External reviewers never count against your seat limit. Share proof without worrying about per-viewer fees or approved-domain caps.
No surprise enterprise tax
SSO, SCIM, RBAC, audit exports, diffs, and webhooks are in the base plan. You should not have to pay extra for security basics.
Predictable review metering
Aurora meters review projects, not individual questions. Your costs scale with real workload, not arbitrary counts.
Framework Expansion Without Rebuild Costs
Adding SOC 2, ISO 27001, HIPAA, or any framework reuses your existing proof graph. No reimplementation cost.
24-month price lock
Multi-year agreements lock your rate. Renewals are plain-language, not surprise uplift math.
Command Is Premium Because the Evidence Burden Is Different
Command pricing is intentionally premium. It requires a scoping conversation with a mandatory deployment package and premium support minimum because the evidence requirements and operating model are materially different from a standard software-only module.