Simple and Transparent Plans

Choose the plan that best fits your SOC. Free plan includes whitelist intelligence. Pro+ plans unlock enrichment data, VPN/Tor detection, and advanced features.

Free

$0/month

Perfect for evaluation and testing

  • 100 queries/day
  • 5 indicators per request
  • 20 requests per minute
  • Whitelist intelligence only (180+ sources)
  • Basic confidence level (high/medium/low)
  • Short risk context labels
  • Verified TLD detection
  • REST API access
  • Community support

Limitations:

  • No enrichment data (upgrade required)
  • No provider detection or verdicts
  • No recommendations (action/false positive)
  • No VPN/Tor/Proxy detection flags
  • No detailed risk descriptions
Start Free

Pro

$79/month

💰 Full features unlocked

For small SOCs and security teams

  • 20,000 queries/day
  • 20 indicators per request
  • 120 requests per minute
  • Whitelist + Enrichment data (full 180+ sources)
  • Provider Detection (50+ providers: CDN, Cloud, VPN)
  • Actionable Verdicts (likely_benign, investigate, malicious)
  • Smart Recommendations (action + false positive likelihood)
  • Full confidence scoring (0-100)
  • Detailed risk descriptions
  • VPN/Tor/Proxy detection flags
  • Usage analytics dashboard
  • Email support
Get Started
Best Value

Team

$249/month

💰 Most popular

For medium SOCs and growing teams

  • 100,000 queries/day
  • 50 indicators per request
  • 300 requests per minute
  • All Pro features
  • Priority email support
  • Higher throughput
  • Extended rate limits
  • Team collaboration features
Get Started

Enterprise

Custom

💰 Contact sales for pricing

For large SOCs and custom requirements

  • Unlimited queries
  • 100 indicators per request
  • 1,000+ requests per minute
  • All Team features
  • Custom rate limits
  • Dedicated support
  • Custom SLAs available
  • Volume discounts
  • Invoiced billing
Contact Sales

What Makes Reput.io Different

Purpose-built for reducing false positives in SOC environments

Two Types of Intelligence

Whitelist: Verified safe sources (FAANG, banks, governments) - auto-allow
Enrichment: Contextual data (CDNs, VPNs, cloud) - analyst review

Confidence Scoring

Every indicator gets a 0-100 confidence score based on source trust tier, corroboration, and institutional recognition. Not just "good" or "bad".

Risk Context

Human-readable explanations: "Verified Google infrastructure - safe to allow" or "Dynamic DNS provider - commonly abused for C2".

180+ Authoritative Sources

MISP warninglists, Cisco Umbrella, Tranco, AWS/GCP/Azure ranges, government registries, ASN providers, and curated institutional data.

Frequently Asked Questions

What is the difference between Whitelist and Enrichment?â–¼
Whitelist indicators (status: "whitelisted") are from verified institutional sources like FAANG, banks, government domains - safe to auto-allow. Enrichment indicators (status: "enrichment") provide context about infrastructure like CDNs, cloud providers, or VPNs that may require analyst review.
Can I change my plan at any time?â–¼
Yes, you can upgrade or downgrade your plan at any time. Changes will be reflected in your next billing cycle.
What payment methods do you accept?â–¼
We currently accept credit cards. Enterprise customers can request invoiced billing.
What happens if I exceed my query limit?â–¼
Additional queries will be blocked until the next day (daily limits reset at midnight UTC). We recommend upgrading your plan if you consistently need more capacity.
What is an "indicator per request"?â–¼
Each API request can include multiple indicators (IPs, domains, URLs). For example, the Free plan allows up to 5 indicators per request, Pro up to 20, Team up to 50, and Enterprise up to 100.
How does confidence scoring work?â–¼
Confidence scores (0-100) are calculated based on: source type (whitelist vs enrichment), category trust tier, number of corroborating sources, verified TLD status, and institutional recognition. Higher scores indicate higher certainty in the classification.