Plans & pricing
Pay for real-time defense, not per-seat.
Start free with delayed threat intel and one PBX scan. Upgrade to Single PBX for real-time blocking, or Active Defense Pro at $89/month to protect up to 10 customer endpoints with webhooks, PDF reports, and unlimited scans.
Community
Free
$0/ monthFor developers and sysadmins exploring SipRadar. Enough to find your first vulnerabilities and check suspicious IPs from logs.
- 1 on-demand PBX scan per month
- 100 API lookup requests per month
- Threat feed with 48-hour delay
- Community support (Discord)
Single PBX
Starter
$29/ monthFor small businesses, solo call centers, and local IT admins protecting one PBX edge.
- 1 active PBX IP (continuous monitoring)
- Real-time Threat API for Fail2Ban & iptables
- Weekly automated PBX audit (Monday email)
- 7-day log retention
- Most popular
Active Defense
Pro
$89/ monthFor MSPs and serious VoIP providers managing multiple customer PBX fleets from one account.
- Up to 10 PBX IP addresses
- Unlimited on-demand PBX scans
- Webhook & Slack alerts on brute-force
- PDF audit reports (MSP-ready)
- 30-day log retention
Enterprise
Wholesale
$249+/ monthFor telecom operators and large-scale VoIP infrastructure. Custom capacity and carrier-grade feeds.
- Unlimited IPs and API requests
- White-label PDF reports
- BGP Blackhole / SIP-URI feeds
- SOC 2 report, private honeypots, SSO
- 99.95% uptime SLA · 24×7 on-call
Prices in USD, exclusive of applicable taxes. Annual billing available on Active Defense (−15%). Non-profit and academic discounts on request.
Compare plans
Feature breakdown
See exactly what unlocks when you move from free analysis to real-time automated defense.
| Feature | Community | Single PBX | Active Defense | Enterprise |
|---|---|---|---|---|
| On-demand PBX scans | 1 / month | Weekly automated | Unlimited | Unlimited |
| API lookups | 100 / month | Real-time | Unlimited | Unlimited |
| Threat feed latency | 48-hour delay | Real-time | Real-time | Real-time |
| PBX IPs monitored | 1 | Up to 10 | Unlimited | |
| Fail2Ban / iptables automation | ||||
| Webhook & Slack alerts | ||||
| PDF audit reports | White-label | |||
| Log retention | 7 days | 30 days | Custom | |
| BGP Blackhole / SIP-URI feeds |
FAQ
Pricing questions we hear from ops teams.
Straight answers on plan limits, upgrades, VAT, and what the 48-hour Community feed means for automation.
Ask a question →The delayed feed is perfect for research and manual analysis. Real-time automation (blocking attackers the second our honeypots detect them) requires a paid plan with live API access.
Not sure which plan?
Run a free scan first. Upgrade when you need real-time automation.
Every paid plan includes live Threat API access. Community is perfect for evaluation: Pro is built for agencies shipping defense to multiple clients.