Developer-first security plans to scale with your team
Choose a plan to start automating and streamlining your security from code to cloud
IaC scanning for small infrastructure projects.
For up to 50 resourcesSign up
- IaC scanning powered by Checkov
- Core Bridgecrew platform and integrations
- Code fixes
Commit to cloud security coverage for teams.
- IaC, cloud, and workload scanning
- Smart Fixes based on past secure coding patterns
- Code to cloud resource and policy management
- Custom policies
- Dashboards and reports
Code Security for any team and at any scale.
Custom resourcesRequest a demo
- Everything in Standard
- Image scanning
- Roles and teams
- On-prem/self-hosted VCS
- Access to Prisma Cloud
What you get in each of Bridgecrew's plans
|Cloud and workload scanning||-|
|VCS and CI/CD configuration scanning|
|Pull request insights|
|Advanced policy management||-|
|Supply Chain Graph visualization|
|IaC tagging management|
|SSO and RBA|
Answers to all your Bridgecrew pricing questions
What is considered a resource?
Bridgecrew scans entire infrastructure as code (IaC) templates for misconfigurations, but billable resources are defined as only resource blocks defined within your IaC files. Other blocks, such as modules, are scanned but not billable.
In runtime, each of the following cloud resource types are counted as a resource:
- For AWS: EC2, RDS, Redshift, ELB, NAT gateway
- For Azure: Virtual Machines, SQL DB, PostgreSQL DB, SQL Managed Instance, Load Balancer
- For Google Cloud: GCE, Cloud SQL DB, Load Balancer, Cloud NAT
Each cloud workload is counted as a resource.
For Dockerfile scanning, each unique Dockerfile per file scanned is counted as a resource. For secrets scanning, each unique secret per file scanned is counted as a unique resource.
Besides the included number of resources, what’s the difference between Community and Standard?
Community supports only IaC scanning and pull request fixes. It does not include runtime cloud and workload security or more advanced features such as policy management and compliance reporting, which are included in Standard and Prisma Cloud.
Are there limits to the number of infrastructure sources I can connect?
Nope! On all of our plans—including Community—there are no limits to how many infrastructure code repositories you can connect. And on our Standard plan and above, there are no limits to how many clouds and workloads you can connect.
Are there limits to how many teammates I can invite?
Nope! Bridgecrew is built for teams of all sizes. That’s why we welcome unlimited users on all of our plans, including Community.
Do I need a credit card to try Bridgecrew?
Nope! You can sign up and start using Bridgecrew without submitting any credit card information.
What happens if I scan more than the included number of resources within my plan?
On Community, you will no longer be able to do additional scans with Bridgecrew until your next billing cycle. Our Standard plan is designed to scale as you go. For each additional 10 resources above 150, you will be charged $59 at the end of your billing period. Monthly usage is calculated at the end of your billing period and is based on the maximum number of resources scanned within that period.
How do I upgrade and downgrade my plan?
You can upgrade your plan from Community to Standard at any time using a credit card within the Bridgecrew platform. We currently only offer annual billing.
Does Bridgecrew sponsor plans for open-source projects?
Yes! In addition to our Community plan, which is free for up to 50 resources, Bridgecrew is happy to support projects that are free, open-sourced, publicly accessible to all, and independently operated. To learn more, contact our team.
Is Bridgecrew part of Prisma Cloud?
Bridgecrew powers the Code Security module within the Prisma Cloud Enterprise Edition. You’re welcome to try Bridgecrew for free here, but if you’re interested in seeing the Prisma Cloud Code Security module in action, you can request a Prisma Cloud Code Security trial and learn how to start shifting your cloud security left.