Pricing for Mobile App Security

Free to evaluate. Pro for recurring compliance scans. Team adds AI Penetration Testing. Enterprise unlocks unlimited scale, the public Scan API, GitHub Action, and SSO.

Free

Evaluation and first checks

$0/mo
  • 3 scans per month
  • 1 app package per scan
  • 1 compliance framework per scan
  • HTML security report
  • APK, AAB, and IPA support
  • 14-day scan history

Pro

Indie devs and small studios shipping mobile apps

$149/mo
  • 20 scans per month
  • Up to 3 apps per month
  • 2 compliance frameworks per scan
  • All frameworks selectable (PCI-DSS, MASVS, HIPAA, GDPR, LGPD, SOC 2, NIST)
  • Enhanced SAST, CVE, and SBOM checks
  • AI remediation assistant
  • PDF, HTML, and SARIF reports
  • 90-day scan history
AI Penetration Testing is Team and Enterprise only. Pro can buy a 5-pack of pentest credits separately.
RECOMMENDED

Team

Mobile teams that need pentest coverage

$599/mo
  • 100 scans per month
  • Up to 10 apps per month
  • Everything in Pro, plus:
  • 2 AI Penetration Tests included per month
  • DAST (dynamic) testing
  • Read-only API access
  • 1-year scan history
  • Email + shared Slack support
Includes 2 AI Penetration Tests per month. Need more? Add credit packs or move to Enterprise for unlimited.

Enterprise

Security, compliance, and procurement-led orgs

From $2,000/mo

Custom terms available through Stripe, invoice, or AWS Marketplace.

  • Unlimited scans and apps
  • Unlimited AI Penetration Tests on real devices (beta)
  • AI build artifact detectionBETA
  • Mirror, malware, and store submission checks
  • Full API, CI/CD, and webhook workflows
  • SSO, priority queue, custom retention
  • Dedicated CSM and procurement terms
Enterprise also unlocks

Programmatic scanning for your CI/CD

Most mobile security tools stop at "upload an APK to our dashboard." Enterprise customers wire appaudix into their existing release process, so every PR gets a security review automatically.

REST API

POST a binary, poll status, fetch the report. Same surface as the dashboard, programmable.

GitHub Action

Drop appaudix/scan-action@v2 into your workflow. PR comment, severity gate, done.

Signed webhooks

HMAC-SHA256 callbacks when scans complete. No polling, plus metadata roundtrip for your CI context.

Build gating

Fail the build on configurable severity thresholds. Block releases before they ship.

One-time audit options

Useful when you need a single release check without opening a subscription.

Single Audit Scan

One app package, one report, no subscription.

$99

Pentest Credit Pack

Five AI Penetration Tests, usable on Pro or Team. Stays valid for 12 months.

$1,495

AWS Marketplace

Enterprise procurement is also available through your existing AWS bill.

Frequently Asked Questions

Which plan should I pick?
Free is for evaluating the scanner with up to 3 scans per month. Pro is for indie devs and small studios doing recurring release scans. Team adds AI Penetration Testing (2 per month) plus DAST and API access. Enterprise is for organisations that need unlimited pentest, full API/CI-CD, SSO, and procurement terms.
Is AI Penetration Testing included in Pro?
No. Pro covers static scanning and AI remediation. AI Penetration Testing starts on the Team plan (2 included per month) and is unlimited on Enterprise. Pro customers can also buy a 5-pack of pentest credits separately if they need it occasionally.
Can I move between Pro and Team without losing scan history?
Yes. Scan history and reports stay tied to your account. Upgrading or downgrading just changes your monthly limits and feature access from the next billing cycle.
Which file formats do you support?
Android APK and AAB, plus iOS IPA. No source code access is required - just upload your compiled app package.
How many compliance frameworks can I select per scan?
Free supports 1 framework per scan. Pro, Team, and Enterprise support up to 2 frameworks per scan, with all supported frameworks available to select.
Which compliance frameworks do you support?
AppAudix supports PCI-DSS 4.0.1, OWASP MASVS, HIPAA, GDPR, LGPD (Brazil), SOC 2, and NIST 800-163.
How is my app data protected?
App packages are encrypted during transit and at rest, processed in isolated environments, and retained according to your plan.
How long does a scan take?
Most scans complete within 5-10 minutes, depending on app size and complexity. Enterprise customers get priority queue access.

Have more questions? Email us at support@appaudix.com

Payments are processed by Stripe. Enterprise teams can use Stripe, invoice, or AWS Marketplace procurement.

Cookie preferences

We use necessary storage for security and login. With your permission, we also use analytics to understand page journeys and marketing pixels to measure ad campaigns.