Pricing
Direct licensing, starting with a 14-day trial.
Vulkro is licensed per seat, and licensing is handled directly by our team rather than a checkout page. Start with a 14-day trial of the full product: your first CLI sign-in activates it, no card required. When the trial ends, write to us and we issue your team's license, including license files for air-gapped machines.
How it works
Trial first, then a direct license.
01
Create an account and connect the CLI
02
Scan on your machine
03
License your team when the trial ends
The product
What a Vulkro license includes.
One license, the whole product. There are no feature tiers: the trial and the issued license are the same scanner.
Vulkro
Deterministic security scanning for the code your AI writes. No AI in the scan, the same result every time, and your code never leaves your machine.
- The full scanner: 150+ security checks for JavaScript and TypeScript, Python, and Go, plus dependency risk across npm, PyPI, Go, Cargo, and Maven
- Compliance evidence packs: SOC 2, ISO 27001, HIPAA, PCI-DSS 4.0, NIST 800-53/171, HITRUST (9+ packs)
- Machine-readable output formats including SARIF, CycloneDX and SPDX SBOMs, OpenVEX, and executive PDF and HTML reports (23 formats in total)
- Portfolio view: scan and track many projects at once
- Signed CVE bundle updates from the Vulkro CDN
- Email support, direct from the Vulkro team
How licensing works
Vulkro is licensed per seat, directly through our team. Tell us about your team and how you work, and we set you up.
- Per-seat licenses issued directly by the Vulkro team
- 14-day trial starts on your first device login, no card required
- License files for air-gapped and strict-egress machines
- Vulkro for Salesforce licensed the same way
- Terms agreed in writing before anything is billed
Questions
Straight answers.
- Why is there no price on this page?
- Licensing is sales-led: we quote per seat for your team's size and environment, including air-gapped deployments. Write to [email protected] and we respond with terms.
- Do I need an account to use Vulkro?
- Yes. The CLI scans against a verified account: either a signed lease from signing in, or an installed license file for air-gapped machines. Your first device login starts a 14-day trial, so you can evaluate the full product before licensing your team.
- Does my code leave my machine?
- No. Scanning is entirely local and your source code is never uploaded. The daily entitlement check sends only minimal usage keys (product, install id, version, operating system, timestamp, and a scan counter), never your code, never file names, never findings. The trust page documents this in full.
- What about machines with no internet access?
- Air-gapped and strict-egress environments use a license file instead of the online lease. Ask us for one when we set up your license and the CLI will run without any network access.
- What happens when the 14-day trial lapses?
- The CLI asks you to license your seat. Nothing you produced goes away: reports, scan history, and configuration stay on your machine and are yours to keep.
- Is there a Salesforce edition?
- Yes. Vulkro for Salesforce covers Apex, LWC, Aura, Flow, and live-org posture. It is licensed the same way: per seat, directly through our team, at [email protected].