Editions & pricing
Pick the edition that fits your team.
Every edition covers NIS2, ISO 27001 and GDPR readiness. Start on an unlimited Evaluation, then license Community, Professional or Enterprise as you grow.
Community
Core GRC for a small team, self-hosted.
- Control assessments & SoA
- Evidence vault + freshness
- Risk ledger & remediation
- Asset inventory & exposure
- Incident (Art. 23) workspace
- Board reports & audit trail
- AURA AI assistant
- Integrations & API
Professional
For growing security & compliance teams.
- Everything in Community
- Supplier watch (supply chain)
- AURA AI governance assistant
- Integrations: Entra ID, Intune, Defender, Tenable, Jira, Fortinet…
- Webhooks & API tokens
- Custom branding
- SSO / SAML
- MSP multi-tenant portfolio
Enterprise
Unlimited scale, SSO and multi-tenant.
- Everything in Professional
- SSO / SAML & tenant isolation
- MSP portfolio (manage many tenants)
- All connectors & the full API
- Priority support & onboarding
- Data-residency options (EU)
Pricing is tailored to your organisation — request a quote. Prefer to try first? The Evaluation edition runs unlimited with every feature on (clearly labelled unlicensed) so you can pilot before you buy.
Compare editions
Every capability, side by side
| Capability | Community | Professional | Enterprise |
|---|---|---|---|
| Organizations | 1 | 3 | Unlimited |
| Users | 5 | 50 | Unlimited |
| Assets | 100 | 5,000 | Unlimited |
| Control assessments & SoA | ✓ | ✓ | ✓ |
| Evidence vault | ✓ | ✓ | ✓ |
| Risk ledger | ✓ | ✓ | ✓ |
| Remediation hub | ✓ | ✓ | ✓ |
| Asset inventory & exposure | ✓ | ✓ | ✓ |
| Incident (Art. 23) workspace | ✓ | ✓ | ✓ |
| Board reports & audit trail | ✓ | ✓ | ✓ |
| Supplier watch | — | ✓ | ✓ |
| AURA AI assistant | — | ✓ | ✓ |
| Integrations (connectors) | — | ✓ | ✓ |
| Webhooks & API tokens | — | ✓ | ✓ |
| Custom branding | — | ✓ | ✓ |
| SSO / SAML | — | — | ✓ |
| MSP multi-tenant portfolio | — | — | ✓ |
FAQ
Questions, answered
Can I try before buying?
Yes — the Evaluation edition runs unlimited with every feature enabled, clearly labelled as unlicensed, so you can pilot the full platform first.
Is Cerynix self-hostable?
Yes. Cerynix ships as a Docker Compose stack you can run in your own environment, with EU data-residency options for evidence storage.
How are licenses enforced?
By an offline Ed25519-signed key — no phone-home. Limits (users, assets) apply only to the edition you license; there's no external tracking.
Does it guarantee compliance?
No. Cerynix supports your NIS2, ISO 27001 and GDPR readiness — it is not legal advice or a guarantee of compliance or certification.
Which integrations are included?
Professional and Enterprise pull assets & findings from Microsoft Entra ID, Intune, Defender, Tenable, Jira, Zabbix, Splunk, Trend Vision One, VMware, Action1, the Fortinet family and any HTTP/JSON source.
Can we upgrade later?
Yes — apply a new license key to move between editions; your data and configuration carry over.
Ready to operationalize cyber governance?
Tell us about your NIS2, ISO 27001 or GDPR programme and team size, and we'll recommend the right edition and pricing.