Cloud security plans to scale with your team

Choose a plan to get started with codified cloud security


IaC scanning for small infrastructure projects.


For up to 50 resources

Start for free
  • IaC scanning powered by Checkov
  • Core Bridgecrew platform
  • Pull request fixes


Commit to cloud security coverage for teams.


For 150 resources

Start free trial
  • IaC, cloud, and workload scanning
  • Smart Fixes
  • Resource and policy management
  • Custom policies
  • Dashboards and reports


Customized codified cloud security for your team.

Starts at $999/mo

Custom resources

Schedule a demo
  • Everything in Standard
  • Image scanning
  • Roles and teams
  • On-prem/self-hosted VCS
  • Priority support and engineering support


Compare our plans

Usage Community Standard Premium
Resources Included 50 150 Custom
IaC scanning
Cloud and workload scanning -
Image scanning - -
Secrets scanning
VCS and CI/CD configuration scanning
Incident Insights
Pull request insights
Resource Inventory -
Advanced policy management -
Dashboards -
Custom policies -
Supply Chain Graph visualization
Compliance Reporting -
IaC tagging management
VCS integrations
CI/CD integrations
Notification integrations
On-prem VCS - -
Unlimited users
Support Email Standard Priority
Engineering support - -


Answers to all your Bridgecrew pricing questions

What is considered a resource?

Bridgecrew scans entire IaC templates for misconfigurations, but billable resources are defined as only resource blocks defined within your IaC files. Other blocks, such as modules, are scanned but not billable.

In runtime, each of the following cloud resource types are counted as a resource. For AWS: EC2, RDS, Redshift, ELB, NAT gateway. For Azure: Virtual Machines, SQL DB, PostgreSQL DB, SQL Managed Instance, Load Balancer. For Google Cloud: GCE, Cloud SQL DB, Load Balancer, Cloud NAT. Each cloud workload is counted as a resource.

For Dockerfile scanning, each unique Dockerfile per file scanned is counted as a resource.  For secrets scanning, each unique secret per file scanned is counted as a unique resource.

Besides the included number of resources, what’s the difference between Community and Standard?

Community supports only IaC scanning and pull request fixes as well as insights across insights. It does not include runtime cloud and workload security or more advanced features such as policy management, compliance reporting.

Are there limits to the number of infrastructure sources I can connect?

Nope! On all of our plans including Community, there are no limits to how many infrastructure code repositories you can connect. On our Standard plan and above, there are no limits to how many clouds and workloads you can connect.

Are there limits to how many teammates I can invite?

Nope! Bridgecrew is built for teams of all sizes. That’s why we welcome unlimited users on all of our plans including Community.

Do I need a credit card to try Bridgecrew?

No, you can sign up and start using Bridgecrew without submitting any credit card information.

What happens if I scan more than the included number of resources within my plan?

On Community, you will no longer be able to do additional scans with Bridgecrew until your next billing cycle. Our Standard plan is designed to scale as you go. For each additional 10 resources above 150, you will be charged $59 at the end of your billing period. Monthly usage is calculated at the end of your billing period and is based on the max resources scanned within that period.

How do I upgrade and downgrade my plan?

You can upgrade your plan from Community to Standard at any time using a credit card. We currently only offer annual billing. If you have questions or want to learn about getting started on a Premium plan, please feel free to reach out. Please contact us if you need to downgrade your plan.

Does Bridgecrew sponsor plans for open-source projects?

Yes! In addition to our Community plan which is free for up to 50 resources, Bridgecrew is happy to support projects that are free, open-sourced, publicly accessible to all, and independently operated. To learn more, contact our team.

As an existing Prisma Cloud customer, how can I get access to Bridgecrew and how much does it cost?

IaC powered by Bridgecrew will be integrated into Prisma CLoud Enterprise Edition soon as a module that your admin can enable. Until the integration is complete, you are welcome to sign up for Bridgecrew at any time. For more information about pricing for existing Prisma Cloud customers and integration details, reach out to our Prisma Cloud representative.

Bridgecrew is free to get started

Sign up to codify and automate your cloud security