AI agent security that scales with your stack.
Start free. Upgrade when you need verified intelligence and automated remediation.
Hundreds of rules · Any AI agent platform · No sign-up required
See what’s exposed. Fix what’s known.
- Unlimited scans, any platform
- Guided fixes for known vulnerabilities
- Monitor unlimited agents: detect threats, 24-hour history
- 50 AI credits/mo (1 deep scan)
- HTML + JSON reports
Open source. No credit card. No account for scanning.
Know what’s real. Fix it automatically.
- Everything in Free, plus:
- Unlimited deep scans (AI-verified)
- One-click auto-fix
- Monitor unlimited agents: detect + block threats, 7-day history
- 500 AI credits/mo
14 days free, then $29/mo early bird.
Prove it to your auditors.
- Everything in Pro, plus:
- Monitor unlimited agents: detect + block + enforce policies, 90-day history
- Penetration testing
- Compliance evidence generation
- Up to 10 seats, up to 10 projects
- 3,000 AI credits/mo
- Custom rules + white-labeled reports
14 days free, then $199/mo early bird. Founder-led onboarding.
Enterprise-grade, your way.
- Everything in Business, plus:
- Monitor unlimited agents — fleet-wide + webhooks, custom history
- SSO/SAML, RBAC, SLA
- Dedicated support
- Unlimited projects and users
- Custom compliance frameworks
Founder-led sales.
Need more AI credits?
Pro and Business users can buy credit packs anytime. No automatic charges. You choose when to top up.
Credit packs are one-time purchases. Pack credits expire after 12 months. Available to Pro and Business users.
Feature comparison
Every plan monitors unlimited agents. No per-agent pricing.
| Feature | Free | Pro | Business | Custom |
|---|---|---|---|---|
| Scan (static) | Unlimited | Unlimited | Unlimited + custom rules | Unlimited + custom rules |
| Deep scan (AI verification) | 1/month | Unlimited (uses credits) | Unlimited (uses credits) | Unlimited (uses credits) |
| Fix | Safe fixes (guided) | One-click verified fixes | Auto-quarantine + disable | Auto-quarantine + disable |
| Monitor | Unlimited agents | Unlimited agents | Unlimited agents | Unlimited agents |
| Detection | Detect | Detect + block | Detect + block + enforce | Fleet-wide + webhook |
| History | 24 hours | 7 days | 90 days | Custom |
| Intelligence | Rule-based detection | Contextual exploit simulation | Catches attacks no rule covers | Custom models |
| Reports | HTML | PDF + badge | White-labeled | White-labeled + custom |
| CI | Gate on known vulns | Gate on verified threats | Policy enforcement gate | Policy enforcement gate |
| AI credits/mo | 50 | 500 (top-up available) | 3,000 | Custom |
| Pentest / compliance / policy | — | — | ||
| Projects / seats | 1 / 1 | 1 / 1 | 10 / 10 | Unlimited / Unlimited |
| SSO / SAML / RBAC | — | — | — | |
| Support | Community | Priority | Dedicated |
Built for regulated teams
Every finding maps to the frameworks your auditors already know.
Frequently asked questions
What’s the difference between tiers in simple terms?
Every tier monitors unlimited agents with no per-agent limits. Free detects threats and keeps 24 hours of history. Pro detects and blocks threats automatically with 7 days of history. Business detects, blocks, and enforces organization-wide policies with 90 days of history. Each tier also adds intelligence: Pro adds AI-verified deep scans and one-click auto-fix, Business adds penetration testing and compliance evidence.
What are AI credits?
Deep scan uses 5 AI credits per component analyzed. Rule-based scanning and safe fixes are always free and unlimited. AI credits power the intelligence layer that tells you which findings are real threats vs expected behavior. Credits reset monthly. Pro and Business users can buy top-up packs starting at 6c/credit.
What happens when I run out of credits?
Rule-based scanning and safe fixes keep working. Unlimited, always. The deep scan layer pauses until credits reset next month. Pro users can buy credit packs anytime. No surprise charges, no automatic overages.
Is the free tier really unlimited?
Yes. Unlimited static scans, safe fixes (CVE patches, secret redaction, config hardening), monitoring for unlimited agents (detect threats, 24-hour history), and 50 AI credits per month. No credit card, no account required for scanning.
How does the free trial work?
Pro and Business both include a 14-day free trial. You get full access to all features in the tier you choose. Cancel anytime during the trial and you won’t be charged. After 14 days, your subscription continues at the listed price (or early bird price if available). If you cancel, you keep Free tier features — unlimited scans, detect threats across all your agents, 24-hour history, and 50 AI credits per month.
How is this different from other security tools?
Traditional security tools cover npm, pip, and container images. Firmis is purpose-built for AI agent stacks: MCP servers, Claude skills, Cursor rules, CrewAI agents, and more. Hundreds of detection rules map your complete attack surface across both code patterns and instruction files. Then deep scan verifies exploitability, fix patches automatically, and monitor blocks threats at runtime.
How do I get the early bird price?
Early bird pricing is $29/mo for Pro and $199/mo for Business for the first 12 months (normally $49/mo and $299/mo). Limited availability. Sign up on the pricing page and the discount applies automatically.
Start scanning in 30 seconds
Free forever. No account needed.