Plans & Pricing

Start with visibility, expand to enterprise compliance.

Start with visibility into your Security, Privacy, or PCI compliance posture across a small number of websites or mobile applications — and expand to comprehensive enterprise governance and compliance for every site and application, across every jurisdiction, including more than 50 global standards and frameworks with Feroot's DUX Platform.

Trusted by leading brands

Reddit
Instacart
Xerox
Aristocrat
The Motley Fool
Trex
Torani
ClickFunnels
Gusto
Newegg
Forbes
Hornblower

Assess

Web Crawler

Great for companies with several websites or mobile applications that must comply with privacy laws and standards. Covers use cases including privacy compliance for third-party scripts and pixels, cookie and tracker inventory, consent audit, age verification, and PII discovery across your digital properties.

  • Up to 10 unique websites and mobile applications; unlimited dynamic websites
  • Unlimited number of website visitors
  • Discover tracking technologies, pixels, cookies and vendors
  • Comprehensive multi-jurisdiction privacy compliance
  • Compliant use of AI
  • API and SSO integration

Priced by

Domains Crawl frequency Mobile apps Regulations
Request a Demo

Enterprise

Web Crawler Script Tag

The complete Feroot DUX Platform for privacy. Unlimited scale across every website, mobile application, and jurisdiction — combining DXComply with DXSecure and PaymentGuard for organizations that require enterprise-wide privacy governance, security, and PCI compliance in a single deployment.

  • Unlimited websites and mobile applications
  • Unlimited number of website visitors
  • Discover tracking technologies, pixels, cookies and vendors
  • Comprehensive multi-regulation privacy compliance (50+ frameworks)
  • AI-powered consent audit across all regulations
  • Enforce Compliance Policies
  • Runtime privacy monitoring and protection
  • AI runtime compliance automation suite — full platform
  • Compliant use of AI
  • API and SSO integration
  • Enterprise SLA

Priced by

Domains Daily events processed Regulations
Request a Demo

Add-On

Additional Traffic & Regulations

Additional bundles of daily events and privacy regulations are available as you grow — including GDPR, CCPA/CPRA, PIPEDA, HIPAA, DORA, Australian Privacy Act, UK DPA, and more. Limits are visible in your contract and platform — no surprise overage fees.

Assess Govern Enterprise
Monthly Website VisitorsUnlimitedUnlimitedUnlimited
Domain CoverageUp to 10 DomainsUp to 10 DomainsCustom (10–5,000)
Mobile Applications
Deployment MethodWeb Crawler + Script TagWeb CrawlerWeb Crawler + Script Tag
AI Runtime Compliance — Global Privacy
Global Privacy Laws Coverage
Jurisdiction-Specific Reporting
Automated AI-based analysis and reportingoptionaloptional
Consent Management Audit
Consent Choice Analysisoptional
Geographic Consent Rulesoptional
Privacy Intelligence
Advanced AI Privacy Analysis
Data Collection Monitoring
Runtime Privacy Monitoring (Script Tag)
Data Protection
Alerts and Notification Policies
Automatic Data Asset Leakage Prevention
CHD, PII, PHI Exfiltration Detection
Compliance Automation
Automated Compliance Reports
AI Compliance Attestation Analysis
Continuous attestation and historical proof of compliance
Vendor Management
Detection and Inventory
Monitoring and control third-party data access
Integration & Management
Third-party Integrations (SIEM / SOC)
Vendor Risk Management
Integration & API Access
Single-Sign-On (SSO)
Support
Full Implementation Assistanceoptional
Support LevelSupport SLATickets + ChatSupport SLA
SOC 2 Type II Compliant
Business Associate Agreement (BAA) includedoptional

Assess

Web Crawler

For companies with several websites or mobile applications with e-commerce payment pages that must comply with PCI DSS 4 Requirements 6.4.3 and 11.6.1. Covers use cases including payment page script inventory, unauthorized script detection, change-detection baselining, and QSA-ready compliance evidence.

  • PCI DSS 4 Requirement 6.4.3
  • PCI DSS 4 Requirement 11.6.1
  • Up to 10 unique websites and mobile applications; unlimited dynamic websites
  • Up to 20 payment pages
  • Unlimited number of website visitors
  • Advanced Security Policies and Rules
  • Compliant use of AI
  • SOC/SIEM Integrations
  • API and SSO integration

Priced by

Domains Crawl frequency
Request a Demo

Enterprise

Web Crawler Script Tag

The complete Feroot DUX Platform for PCI compliance. Unlimited payment pages across unlimited domains — combining PaymentGuard with DXComply and DXSecure for organizations classified as Merchant SAQ A-EP or SAQ D that require enterprise-wide PCI, privacy, and security compliance in a single deployment.

  • PCI DSS 4 Requirement 6.4.3
  • PCI DSS 4 Requirement 11.6.1
  • Unlimited websites and mobile applications
  • Unlimited payment pages
  • Unlimited number of website visitors
  • Advanced Security Policies and Rules
  • GRC AI automation suite — PCI Content Pack
  • API and SSO integration
  • Enterprise SLA

Priced by

Domains Daily events processed
Request a Demo

Add-On

Additional Traffic

Additional bundles of daily events are available as you grow. Traffic add-ons apply to script tag deployment only — crawler-only customers are never charged on traffic volume.

AssessGovernEnterprise
Monthly Website VisitorsUnlimitedUnlimitedUnlimited
Unique Websites & Mobile AppsUnlimitedUp to 10Up to 10
Payment PagesUnlimitedUp to 20Up to 20
Deployment MethodWeb Crawler + Script TagWeb CrawlerWeb Crawler + Script Tag
PCI DSS 4 Compliance
PCI DSS 4 Requirement 6.4.3
PCI DSS 4 Requirement 11.6.1
Script Inventory & Authorization Evidence
Runtime Payment Page Monitoring (Script Tag)
Ongoing PCI Evidence Automation
GRC AI — PCI Content Packoptional
Security & Monitoring
Advanced Security Policies and Rules
Payment-Field Access Visibility
Blocking and Runtime Control
Integration & Support
SOC/SIEM Integrations
API and SSO integration
Support LevelSupport SLATickets + ChatSupport SLA
SOC 2 Type II Compliant

Assess

Web Crawler

Great for companies with several websites or mobile applications that need foundational security controls. Covers use cases including third-party script inventory and risk discovery, supply chain attack detection, sensitive data exposure analysis, and JavaScript vulnerability assessment.

  • Up to 10 unique websites and mobile applications; unlimited dynamic websites
  • Unlimited number of website visitors
  • Client-side Security for the Front End JavaScript
  • Receive Realtime Alerts
  • Enforce JavaScript Security Policies
  • Compliant use of AI
  • SOC/SIEM Integrations
  • API and SSO integration

Priced by

Domains Crawl frequency Mobile apps
Request a Demo

Enterprise

Web Crawler Script Tag

The complete Feroot DUX Platform for security. Unlimited scale across every website and mobile application — combining DXSecure with DXComply and PaymentGuard for organizations that require enterprise-wide client-side security, privacy governance, and PCI compliance in a single deployment.

  • Unlimited websites and mobile applications
  • Unlimited number of website visitors
  • Hub and spoke client-side security for the front end
  • AI runtime compliance automation suite — full platform
  • Security framework compliance (NIST CSF, OWASP Top 10, and more)
  • Compliant use of AI
  • Full enterprise security stack integration
  • API and SSO integration
  • SOC/SIEM Integrations
  • Enterprise SLA

Priced by

Domains Daily events processed Security frameworks
Request a Demo

Add-On

Additional Traffic & Security Frameworks

Additional bundles of daily events and security frameworks (NIST CSF, OWASP Top 10, and more) are available as you grow. Limits are visible in your contract and platform — no surprise overage fees.

AssessGovernEnterprise
Monthly Website VisitorsUnlimitedUnlimitedUnlimited
Domain CoverageUp to 10 DomainsUp to 10 DomainsCustom (10–5,000)
Mobile Applications
Deployment MethodWeb Crawler + Script TagWeb CrawlerWeb Crawler + Script Tag
Security Framework Coverage
JavaScript Security Analysis
Script Behavior Analysis
Script Content AI Analysis
Supply Chain Attack Detection
Network Traffic Analysis
Request Analysis
Data Transfer Monitoring
Runtime Script Tag Monitoring
AI-Powered Security
Behavioral AI Analysis
Predictive Threat Detection
Runtime Protection
Script Execution Control
Data Exfiltration Prevention
Integration & Management
Third-party Integrations (SIEM / SOC)
API Access
Single-Sign-On (SSO)
Support
Full Implementation Assistanceoptional
Support LevelSupport SLATickets + ChatSupport SLA
SOC 2 Type II Compliant

Ready to experience Feroot in action?

Request a Demo