PRICING
Free for the community,
serious for F500
AI agent security needs both a sensor network and an F500-grade platform. Community installs feed the network. Enterprise gets the platform + compliance evidence kit. We skip the middle tier on purpose — and explain why below.
Community
Available todayFull 7-layer stack, unlimited agents, every feature Enterprise has. Only difference: self-host + community support.
- 311 ATR detection rules (MIT licensed)
- Unlimited agents / endpoints / tenants
- 5 layers shipped today: L2 Audit · L3 Protect · L4 Detect · L5 Deceive · L6 Respond
- 2 layers coming Q2/Q3 2026: L1 Discover · L7 Govern
- Auto-registers as Threat Cloud sensor · anonymous telemetry (opt-out anytime)
- Threat Cloud rule updates (< 24h)
- Community support via GitHub Issues + Discord
- pga CLI: scan · audit · up · guard · status · sensor
Pilot
F500 bridgeF500 POC-before-procurement contract. IT director can approve without reaching CFO. Full $25K credits against Y1 Enterprise contract on upgrade.
- On-prem / VPC / airgap deployment help
- 6 hr/week engineering time (founder directly)
- Sample quarterly compliance evidence report (EU AI Act / NIST AI RMF / ISO 42001 / OWASP Agentic mapping)
- Custom ATR rule pack trial
- SIEM webhook integration template
- Clean exit or upgrade to Enterprise at day 90
- Full $25K credit to Y1 Enterprise contract on upgrade
Enterprise
Early customersTarget $250-350K · up to $500K+
We do not sell feature specs — we sell a direct channel to the ATR standard maintainer plus an F500-ready compliance evidence kit.
- Truly unlimited: agents / tenants / seats / sites
- On-prem / VPC / airgap deployment
- SAML SSO · SCIM · SIEM webhook · audit export
- AIAM: agent identity + scope + delegation (Q3 2026)
- ★ AI Compliance Audit Evidence Module — quarterly reports mapping every detection to EU AI Act · Colorado · NIST AI RMF · ISO 42001 · OWASP Agentic
- Priority rule update SLA: < 4h (vs < 24h Community)
- F500 Logo program · co-sell with Cisco / Microsoft / NVIDIA ecosystem
- Direct relationship with ATR standard maintainer · early draft rule access
- Dedicated CSM · quarterly executive review · roadmap voice
- PanGuard Inc. SOC2 Type II (target Q2 2027)
Founding 5 F500 pricing
First 5 F500 Enterprise customers lock $100K × 2 years (normal $250K) in exchange for public logo + case study rights. Standard pricing applies thereafter.
★ ENTERPRISE CORE PRODUCT
AI Compliance Audit Evidence Module
Vanta / Drata cannot build this (no detection engine). Lakera / Apono cannot (not enough stack). PanGuard is the only product that threads detection event → ATR rule → compliance framework article as a single audit-ready artifact.
Sample quarterly report excerpt
Q2 2026 Detection Evidence Report · Acme Corp ────────────────────────────────────────────── Total events intercepted by PanGuard Guard: 1,847 Mapping by compliance framework ────────────────────────────────────────────── EU AI Act Article 12 (logging requirement): 612 events └─ Primary rules: ATR-2026-00001, ATR-2026-00121, ATR-2026-00149 └─ Retention: 7-year audit log archive (Enterprise) NIST AI RMF Govern.1.1 (risk management): 488 events └─ Primary rules: ATR-2026-00080..00096 └─ Confidence: ≥0.90 across all flagged events ISO/IEC 42001 clause 6.2 (risk treatment): 347 events └─ Primary rules: ATR-2026-00040, ATR-2026-00099 Colorado AI Act SB24-205 (disclosure): 44 events OWASP Agentic Top 10 (ASI-01..10): 356 events (consolidated) Auditor-ready artefacts ────────────────────────────────────────────── ✓ PDF report (signed, hash-verified) ✓ JSON export for SIEM ingestion ✓ Per-article evidence bundle ✓ ATR rule provenance chain
ATR STANDARDS ORGANIZATION
Open standard, independent governance, certification program
ATR is an MIT-licensed open detection protocol with governance independent of PanGuard. Anyone, any product, can use it freely. Skill certification is run by community reviewers at no cost (MITRE ATT&CK model). The only paid surface is Enterprise Membership — modeled on the Apache Software Foundation Platinum Sponsor pattern.
ATR Certified Skill
community-run review
Skill authors submit a PR free of charge to the ATR repo. Community volunteer reviewers audit transparently (MITRE ATT&CK / Let's Encrypt model). Certified skills get the badge, ATR registry listing, and PanGuard Community whitelist. PanGuard does not charge and does not decide outcomes — authority lives in transparency, not paywalls.
Submit on ATR GitHubATR Enterprise Member
annual membership
Logo on ATR registry · governance vote · priority PR review · early draft rule access · seat in annual roadmap meeting. Modeled on MITRE Engenuity and ISO working-group pattern.
Apply for membershipWHY NO TEAM / BUSINESS TIER
Middle tier is a trap for this product
For individual devs and SMB, the value is being a sensor, not a subscription. Agent security is runtime-centric — a developer running 2 Claude Code sessions does not need a monthly bill to watch them. Each Community install is a sensor that feeds telemetry back to Threat Cloud, which crystallizes new ATR rules, which strengthens detection for everyone. A paywall breaks this flywheel.
A solo founder cannot run a self-serve middle tier well. 100 × $500/mo SMB customers = full-time low-LTV support, squeezing the engineering time F500 customers actually pay for. Snyk / Datadog ran that model with 50+ engineers. We are not that shape today.
F500 does not need a middle tier as a bridge. F500 security teams naturally pilot on free Community for 90 days, then jump to Pilot → Enterprise when they need compliance, SOC2, and airgap. That matches real F500 procurement behaviour — a paid Team tier sits in nobody's way.
If Y2 data shows a real middle-tier demand, we will reevaluate. Today's data says: do not build it.
Still evaluating?
GRC procurement questions · on-prem architecture · compliance mapping specifics · F500 logo program — email us, 48h response.