Your InfoSec Governance Operating System
Portal Login
Enterprise-ready pricing

Ship export-ready security proof without per-seat surprises.

Choose a plan based on the proof you need to ship. Aurora scales by maturity and automation depth, not by punishing you for adding collaborators.

Request a demo View sample proof pack
Have a deadline? Tell us. We can prioritize export-ready proof.
Access controls
Roles, approvals, and audit trails
Scoped credentials
Least-privilege access where supported
Access logging
Export and sharing audit trails
Encryption
At rest and in transit

Tools to self-qualify

Calculate ROISecurity Review KitCompare plans (matrix)
Billing
Monthly pricing shown below.
Proof outputs
Deliverables reviewers recognize, with preview links that match buyer expectations.
View sample proof pack
Plans
Pick a plan by maturity, not headcount
Trust Center and proof sharing are included at every tier. Higher tiers add automation depth and practice readiness.
Most popular

Foundations
For SaaS startups that need buyer-ready proof fast
$699 / mo

Ships
  • Buyer-ready packet exports (PDF/ZIP)
  • Policy pack exports with approvals (PDF)
  • Evidence binder exports (ZIP)
  • Verified Trust Center access (no deal-room packs)
Includes
  • Questionnaire import and cited drafting (grounded in your docs)
  • Manual evidence upload and evidence binder structure
  • Pre-built policy templates and approval trail
  • 3 active frameworks (swap anytime)
  • Included operator seats: up to 3 internal users
  • Unlimited viewers via Trust Center (buyers and auditors)
Start Foundations
Start fast; add automation when ready.
Recommended

Continuous
For teams scaling collaboration and continuous evidence
$1,999 / mo

Ships
  • Everything in Foundations, plus:
  • Audit workbook snapshots (PDF)
  • Coverage verdict reports (PDF/CSV)
  • Vendor due diligence packs (ZIP)
Includes
  • Scheduled evidence collection (cadence-based snapshots)
  • 3 included connectors (read-only where supported)
  • Remediation tracking with owners and due dates
  • Risk register and decision trail (accept, mitigate, transfer)
  • Vendor workflows (request, review, decision)
  • AI drafting with reusable answer library and citations (human-verified)
  • Included operator seats: up to 10 internal users
  • Unlimited viewers via Trust Center tiers
Request a demo
We’ll scope fit and rollout.

Security Ops
For regulated teams that need practice-ready proof (not just paperwork)
$3,999 / mo

Ships
  • Everything in Continuous, plus:
  • Practice readiness records (tabletop and phishing outputs)
  • Incident readiness exports (timeline and playbook evidence)
Includes
  • 10 included connectors (read-only where supported)
  • Monthly phishing simulations with exportable results
  • Tabletop simulations (roles, triggers, timelines, after-action exports)
  • Incident response playbooks and reporting exports
  • Vendor watch alerts and follow-ups
  • Email breach watch and remediation loop
  • Included operator seats: up to 25 internal users
  • Unlimited viewers via Trust Center tiers
Talk to sales
Best for high review volume and regulated teams.

Resilience
For teams that must prove preparedness beyond compliance
$5,999 / mo

Ships
  • Everything in Security Ops, plus:
  • Training completion logs tied to controls and audits
  • Business continuity artifacts (emergency comms records)
Includes
  • 15 included connectors
  • Training module with custom tracks and completion exports
  • Out-of-band emergency communication war room
  • Included operator seats: up to 50 internal users
  • Unlimited viewers via Trust Center tiers
Talk to sales
Ideal when buyers ask for training and comms readiness.

Command
For regulated orgs needing infrastructure-level truth (early access)
$9,999 / mo (starting)

Ships
  • Everything in Resilience, plus:
  • Telemetry-backed evidence excerpts (network and security controls)
  • Configuration drift and event-driven posture reports
Includes
  • Unlimited connectors for continuous evidence (SaaS)
  • Command module for on-site collection (firewalls, routers, SIEM, flow sources)
  • Configuration and event-driven alerts for compliance-relevant drift
  • Included operator seats: up to 75 internal users (expandable)
  • Unlimited viewers via Trust Center tiers
Talk to sales
Scope depends on environment and telemetry coverage.
Add-on
Add expert coverage without hiring a full-time CISO
Choose an add-on when you want expert oversight for audits, governance cadence, and insurer-ready readiness.

Compliance Mentor
Best for first certification and first enterprise vendor panels.
$2,500 / mo

  • 10 hours per month
  • Audit prep and program coaching
  • Policy and control review
  • Questionnaire strategy and golden answers review
Add to my plan

Strategic CISO
Best for regulated SMBs that need ongoing governance.
$6,000 / mo

  • 20 plus hours per month
  • Board-ready reporting
  • Incident readiness oversight
  • Vendor risk program oversight
  • Insurer and regulator-aligned cadence
Talk to us
Plan matrix
Compare plans by what they ship
Every plan produces exportable proof. Higher tiers add automation depth and practice readiness.
CapabilityFoundationsContinuousSecurity OpsResilienceCommand
Buyer-ready packet exports
IncludedIncludedIncludedIncludedIncluded
Policy pack exports with approvals
IncludedIncludedIncludedIncludedIncluded
Evidence binder exports
Structured artifacts with provenance.
IncludedIncludedIncludedIncludedIncluded
Audit workbook snapshots
Not includedIncludedIncludedIncludedIncluded
Coverage verdict reports
Not includedIncludedIncludedIncludedIncluded
Trust Center tiers and access logs
Gate sensitive docs behind verification and agreements. Log access.
LimitedIncludedIncludedIncludedIncluded
Deal rooms / curated packs
Not includedNot includedNot includedIncludedIncluded
Connectors included (read-only)
Not includedLimitedIncludedIncludedIncluded
Scheduled evidence checks
Not includedIncludedIncludedIncludedIncluded
Risk register and remediation tracking
Not includedIncludedIncludedIncludedIncluded
Vendor management and due diligence packs
Not includedIncludedIncludedIncludedIncluded
AI drafting and reusable answer library
LimitedIncludedIncludedIncludedIncluded
Tabletop simulations
Not includedNot includedIncludedIncludedIncluded
Phishing simulations
Not includedNot includedIncludedIncludedIncluded
Training module and completion logs
Not includedNot includedNot includedIncludedIncluded
Emergency communications (out-of-band)
Not includedNot includedNot includedIncludedIncluded
Command (on-prem telemetry)
Not includedNot includedNot includedNot includedIncluded
Operator seats included
LimitedLimitedLimitedLimitedLimited
Use the matrix to self-qualify, then confirm fit in a demo if your workflow is regulated or time-bound.
No surprises
No per-seat pricing surprises
Viewers (buyers, auditors, partners) access your Trust Center without counting as seats. Scale security reviews without scaling your bill.
  • Unlimited viewers via Trust Center
  • Operator seats included per plan
  • Pricing does not increase per framework (beyond Foundations framework limits)
Procurement-ready
Procurement-ready
Security overview, subprocessors, and DPAs are available through the Trust Center tiers, with access logging and agreement gates.
Open Trust CenterReview security practices
FAQ
Pricing questions
Do you charge per seat?
We don't charge per seat. Each plan includes a set number of operator seats, and Trust Center viewers are always unlimited.
Do you charge per framework?
Foundations includes 3 active frameworks. Higher plans support unlimited frameworks without per-framework fees.
How do integrations work?
Our integrations use read-only access to capture evidence automatically. You control the collection schedule and all evidence is timestamped.
Can we start manual and add automation later?
Yes. Start with uploads, then add connectors and scheduled checks without redoing mapping.
Do you replace an auditor?
No. You still engage an audit firm. Aurora produces artifacts and exports that reduce time and friction.
What’s included in Command?
Command includes on-premise telemetry collectors (early access). During implementation, we'll work with you to map coverage for your infrastructure.
Next step
Ship proof reviewers can finish in one sitting
If a deal is blocked, we’ll help you export a buyer-ready packet quickly, then build continuous readiness behind it.
Request a demoView sample proof pack
Have a deadline? Tell us. We can prioritize export-ready proof.