Skip to content
RiskMeter
Plans

Website security scanning for SMBs.

Plain-English website security scans, priced for small and mid-sized businesses. Pay per scan for one-offs, or subscribe for continuous coverage between scans.

Subscription plans

Ongoing website security, priced for SMBs.

Continuous coverage between scans for a flat monthly fee — no per-seat pricing, no enterprise sales process.

Standard

$50/month

Monthly external scans, ongoing reporting, and remediation guidance for a single business website.

  • Monthly scans of authorized public surface
  • Continuous monitoring of new CVEs affecting your stack
  • Findings tracked and re-scored every month
  • Email support during business hours
Subscribe

Pro

$300/month

Designed for growing teams managing multiple properties — deeper coverage, faster cycles, and direct support.

  • Weekly scans across multiple authorized assets
  • On-demand scans whenever you need one
  • Authenticated testing under written agreement
Subscribe
Pay as you go

On-demand baseline scan

Need a one-off check before a launch, an audit, or a board meeting? Order a single external website security scan — same checks, same plain-English report. No subscription, no commitment.

$50/ scan
Buy a scan

Common questions

How much does a baseline website security scan cost?
$50 for an on-demand baseline scan, paid per scan with no subscription. The Standard plan ($50/month) bundles monthly scans with between-scan monitoring; Pro ($300/month) covers weekly multi-asset scans, on-demand scans whenever you need one, plus authenticated testing under written agreement.
Do you offer free scans?
Occasionally — via promo codes we hand out to businesses in our own network. If you've been given one, enter it on the application form. We do not run a public free-scan program.
Who do you scan for?
Small and mid-sized businesses without an internal security team, with a public-facing website we can scan responsibly. Consultants and MSPs submitting on behalf of clients are also welcome. Submitting an application does not guarantee acceptance.
Will you sell or share my data?
No. We collect the minimum needed to perform and report on the website security scan, and we don't share your data with third parties for marketing. See our Privacy Policy for full details.
What does a RiskMeter website security scan check for?
OWASP Top 10 weakness classes, TLS and certificate configuration, missing or weak security headers, exposed services and admin paths, and known-CVE / outdated software on your public surface. We do not perform destructive checks or test inside login-protected customer accounts in our default scan.