Pricing Plans

Choose a plan that suits your needs. Improve your security posture today with our 7-day trial.

Basic

Great for small sites that need good client-side security.

$19/mobilled anually

Start 7 Day Trial

(No credit card required)

1M data points / month

14 days retention

All the benefits of Free plan +

  • Cross-Team project management
  • Alert notifications on violations
  • Email & Chat support
  • 5 Projects
Most Popular

Pro

Best value client-side protection, monitoring and utilities for medium sized-sites.

$39/mobilled anually

Start 7 Day Trial

(No credit card required)

3M data points / month

30 days retention

All the benefits of Basic plan +

  • Threat detection report
  • Real-time monitoring
  • Advanced CSP analytics
  • API access & webhooks
  • Dynamic Environments: Dev, Staging, Production
  • 10 Projects

Premium

Perfect for teams running large scale applications, with advanced CSP use cases.

$99/mobilled anually

Start 7 Day Trial

(No credit card required)

10M data points / month

60 days retention

All the benefits of Pro plan +

  • Dedicated BI index for faster reporting
  • Advanced integrations: Github, Slack, SIEM, New Relic Insights, Webhooks
  • Professional assistance getting set up via Zoom
  • Custom Report-Uri
  • 20 Projects

Enterprise

Great for enterprises / agencies looking to get the best out of client-side protection and monitoring.

Let's Talkanually

Schedule a Demo

Unlimited data points

and retention

All the benefits of Premium plan +

  • Dedicated account manager
  • Custom reports & dashboards
  • Highest priority SLA
  • Whitelabel Report-Uri
  • Self-hosted / On-Prem Solution
  • SSO / SAML Login
  • Unlimited Projects

Free

Add the RapidSec badge at the bottom of your home page in order to use the Free plan and to show to your customers that you use RapidSec to protect their data.

RapidSec | Web Client-Side protection and CSP automation

Free way to get started with CSP for a hobby project / personal site.

$0/mo

Get Started

50K data points / month

7 days retention

What's included

  • Content-Security-Policy builder
  • Lite CSP analytics
  • 1 Project

Pricing and functions may change. Prices may be subject to VAT.

Frequently Asked Questions

If you didn’t find your question in this list, feel free to ask it in the support chat

What is included in the free trial? What happens after the free trial expires?
During the 7 day free trial you have access to all RapidSec Pro features. When your trial expires, RapidSec will prompt you to select the best plan for you.
What is a “Data Point”?
RapidSec processes 'data points' to power the CSP suggestions, dashboards, reports & monitoring alerts. Some origins of data points are CSP reports (sent to your unique report-uri), and HTTP or HTTPS requests handled by your application and protected by the RapidSec Microagent.
What happens if I consume all of my monthly data points?
You can upgrade your plan at any time to get higher quota of monthly data points. Once upgraded to one of our paid plans, you'll have access to the app even if you'll consume all of your new data points quota.
Can I cancel or change my plan at a later time, or get a refund?
Yes! We don’t hold anyone by force and strive to provide long term value to all our customers without tying them in. You can ask for a refund within 30 days if you are not satisfied for any reason.
How does Content-Security-Policy protect my site?
CSP is considered a general defense-in-depth technology, protecting from web client-side attacks. It is very powerful for the cases that a certain security vulnerability exists — either from your code, or from a 3rd party. Companies like Github and Google regularly use CSP to protect and monitor their assets from XSS and other client-side attacks.
How do I manually deploy a CSP HTTP header on my site?
Check out our documentation, or contact us for specific advice.
Which vulnerabilities does RapidSec defend against?
RapidSec protects your users and data from the most common and painful attacks on your Web Client side. These include:
XSS · Cross Site Scripting: The most common attack on web platforms, accounting for over 40% of all bug bounties worldwide, and behind many major attacks and lawsuits. XSS forces your site to run unauthorized javascript code, giving attackers full control of the user's session, forging requests, exfiltrating data, or deleting data.
CSRF · Cross Site Request Forgery: A malicious attack where a user is tricked into performing an action he or she didn't intend to do. It can result in damaged client relationships, unauthorized fund transfers, changed passwords and data theft — including stolen session cookies.
ClickJacking: An attack that tricks a user into clicking a webpage element which is invisible or disguised as another element. This can cause users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive information, transfer money, or purchase products online.
Magecart: It works by operatives gaining access to websites either directly or via third-party services and injecting malicious JavaScript that steals data shoppers enter into online payment forms, typically on checkout pages.
CSIM · Client Side Injected Malware: These vulnerabilities arise when applications using a client-side template framework dynamically embed user input in web pages. The security impact of client-side injection vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization.
What is Client-Side Protection?
Client-Side Protection is technology that runs inside the browser of your end-users, blocking a vast array of attacks such as Cross-site scripting (XSS), Clickjacking, CSRF, Formjacking, Magecart / Supply chain attacks. The best way to provide client side protection is implementing a strict content-security-policy (CSP), leveraging samesite cookies and optimizing other security headers. RapidSec fully automates these browser-native controls, making client-side protection effective, yet effortless.
Do I need RapidSec if I already have a WAF (Web Application Firewall)?
Yes, absolutely! RapidSec's patent-pending technology provides a new critical layer of web protection, above the WAF, which effectively eliminates attacks targeting your vulnerable client-side. We ensure only allowed scripts are running on your page, data exfiltration to malicious sources is blocked, and all cookies are well-configured to protect your users and data.
How does RapidSec Boost website performance?
Most web security products slow your web asset down: they require to be the first blocking javascript to run on each page and virtualize every DOM manipulation — to the detriment of your users and business metrics. RapidSec takes a different approach: our patent-pending technology runs at the browser's core-level and does not interfere with the javascript thread — while offloading business logic and compute to our distributed AI edge network. This means better security with improved performance!
Does RapidSec respect my data privacy?
Yes. RapidSec doesn't collect any PII, passwords, or secrets, and furthermore RapidSec doesn't redirect your traffic (unlike WAFs — web application firewalls). Read more about our privacy practice.
Looking for more information?
Just contact us at [email protected].