SIEM Rules Logo

Pricing

Simple pricing. No translations needed.

  • Basic

  • 1 user
  • Unlimited public rules
  • Unlimited private rules
  • All supported conversions
  • No data export
  • No integrations
  • $0
  • /forever
  • GET STARTED →

  • Premium

  • Up to 4 users
  • Unlimited public rules
  • Unlimited private rules
  • All supported conversions
  • No data export
  • No integrations
  • $179
  • /month
  • UPGRADE NOW →

  • Enterprise

  • Up to 12 users
  • Unlimited public rules
  • Unlimited private rules
  • All supported conversions
  • Data export (STIX 2.1)
  • Integrations API
  • $199
  • /month
  • UPGRADE NOW →

  • Bundle

  • Vulmatch Enterprise Plan
  • SIEM Rules Enterprise Plan
  • Stixify Enterprise Plan
  • Vulmatch Enterprise Plan
  • Save $397
  • Limited time offer
  • $399
  • /month
  • UPGRADE NOW →

FAQ

What is a rule?
A rule is designed to detect malicious security events. Our rules follow the Sigma Rule standard. Sigma is a generic and open signature format that allows you to describe relevant log events in a straightforward manner. Sigma is for log files what Snort is for network traffic and YARA is for files.
What SIEM's do you support Sigma Rule translations for?
Our translations of Sigma Rules to rule formats used by major security tools (e.g. Splunk SPL) continually evolve. Please check the app itself for the latest list of supported translations available.
Do you integrate with product X,Y,Z?
Many security tools now support the STIX 2.1 data format natively. If not, you can use our flexible REST API to build one.
Do you offer free trials of your paid plans?
No. Almost all features are covered under the free plan (although restricted). If you want to see more about these functions before upgrading, you can see full information and screenshots in our documentation.
Can you show me what your API looks like before I upgrade?
Yes! You can view our full API documentation before you upgrade here.
Can we invite users outside of our company?
For our standard plans, all users in a group must share the same email domain. You will need to purchase a community license (not shown above) if you want to create groups containing users from different organisations. Please contact us to discuss.