Pricing

One auditor day,
one month of Kanonik.

Auditor day rates run $1,500 to $3,000. Kanonik Team is $699 per month: less than a single day of fieldwork. Business is $1,999: roughly a day-and-a-half. Anchored on what compliance actually costs you, not on the GRC platform you already pay for.

Founding Customer Program: limited cohort enrolling now.

Twelve-month price protection at the tier you select. Founder-led onboarding. DPA at signing. Three charter spots open this quarter.

Solo
$ 199 / month
Less than two hours of an auditor's time.

For the solo security officer, the founding GRC owner, the early-stage company that needs one framework done right.

Get started
  • 1 framework (your choice)
  • Up to 2 users
  • 1 GRC tool connector
  • 1,000 Verifier proposals / day
  • 200 commits / day
  • Email approvals
  • Audit-log export
  • 20-min self-serve onboarding
  • Best-effort, business-hours support

You'll outgrow Solo when: you add a second framework, a second compliance owner, or you want approvals in Slack as well as email.

Team
$ 699 / month
Less than one day of auditor fieldwork.

For the SMB compliance team, the vCISO with a single engagement, the company adding a second framework.

Get started
  • Up to 3 frameworks
  • Up to 10 users
  • Up to 2 GRC tool connectors
  • 5,000 Verifier proposals / day
  • 1,000 commits / day
  • Email and Slack approvals
  • Audit-log export
  • Public REST API (rate-limited)
  • 30-minute kickoff call
  • 99% uptime target

You'll outgrow Team when: you need the Premium Verifier (Opus) bundled, the Auditor Export included as part of the tier, or unlimited frameworks for a multi-framework programme.

Business
$ 1,999 / month
A day and a half of auditor fieldwork.

For the mid-market compliance team running multiple frameworks and the upcoming Auditor Export bundle for SOC 2 / ISO 27001 cycles.

Get started
  • Unlimited frameworks
  • Up to 25 users
  • Unlimited connectors (as they ship)
  • Premium Verifier (Opus-class) bundled
  • 1 signed Auditor Export bundle per year
  • 20,000 Verifier proposals / day
  • 5,000 commits / day
  • Email, Slack, and webhook approvals
  • Higher REST API rate limits
  • Full onboarding with named contact
  • 99.5% uptime target

Talk to us about Enterprise when: you need EU data residency (eu-frankfurt-1), the FedRAMP-pathway via AWS Bedrock, SAML/OIDC federation, self-hosted single-tenant, or a custom SLA above 99.5%.

Enterprise: Contact us

From $40K/year. Custom SLA, EU data residency, single-tenant or self-hosted installations, dedicated technical account management, custom workflow rules. On the Enterprise roadmap.

Talk to us
Total cost

What's actually new on your invoice

Most prospects expect three new line items. The honest count is one.

Line itemYour costWhat changes
Kanonik Team $699 / month The one new charge. Verifier, audit chain, GRC connector, Verifier LLM cost: all in.
Your GRC platform $0 - $30K / year Unchanged. Eramba is free; Vanta / Drata / Hyperproof contracts unaffected. We do not replace them.
Your AI subscription What you pay today Unchanged. Use the Claude / OpenAI / Bedrock / Gemini / Azure OpenAI account you already have.

What you are not paying for:

Breakeven is roughly four auditor days per year against a typical $1,500 - $3,000 / day rate. Everything beyond that is your team's saved time and your CFO's saved budget.

Model + invoice

Bring your own model: the AI you already have.

Kanonik is MCP-native and model-agnostic. Connect the AI subscription you already have (Claude, OpenAI, Cursor, AWS Bedrock, Google Gemini, or Azure OpenAI) and it works. We do not sell you an AI license, we do not meter your usage, and we never see your conversations.

Two pieces of AI cost sit on different invoices:

What it coversWho pays
Your primary AI session (the prompts you send to your model)You. Pay your AI provider directly. Use the subscription you already have.
The Verifier's internal tier-2 LLM cross-checkWe do. Included in your tier price. Current sub-processor: Anthropic (see DPA).

Single-invoice procurement option. If your procurement requires routing all AI spend through one vendor, the Kanonik-paid Primary AI add-on lets your primary-session usage flow through our account too. One invoice. Most CISOs skip this because they already have a model-provider account.

TierDefault (BYO key)Add-on: single-invoice
SoloYou pay your AI provider directly+$25 / month
TeamYou pay your AI provider directly+$75 / month
BusinessYou pay your AI provider directly+$150 / month

Verifier quality is identical either way. The add-on is a procurement option, not a premium tier.

vCISO and MSP

We are building a per-client pricing structure for vCISOs and managed-service providers who use Kanonik across multiple end-customers. This ships alongside the multi-tenant connector model required to support it cleanly. If you are a vCISO or MSP and want to discuss pilot terms, contact hello@kanonik.ai. See for consultants for the full consultant-side framing, including founding-consultant rate-protection through the transition.

What is not in any tier

Kanonik pricing structure does not include and will not include:

If your buying model requires usage-based AI billing, Kanonik is not the right product for you. We are deliberately structured against that pattern.

What is included in every tier

Frequently asked questions

Can I start on Solo and upgrade later?

Yes. Mid-cycle upgrade is self-serve from the dashboard, with proration. Downgrades take effect at the next billing cycle.

Why anchor pricing on auditor day rates instead of the GRC platform?

Because that's what the customer is actually trading off. Adding Kanonik makes the audit cycle measurably shorter and the findings list measurably shorter. Both are denominated in auditor days. We don't want you comparing $699/month against your $30K Eramba contract. You should compare it against the day of fieldwork it replaces.

What happens to my data if I cancel?

The audit log is preserved according to retention policy. Source-of-truth data is exportable on request. After your confirmation, we crypto-erase your encryption keys. Your encrypted data becomes unrecoverable. Your audit-log chain still verifies; the content becomes unreadable.

Can I bring my own model account?

Yes. "Bring your own model" is the default: Anthropic, OpenAI, Bedrock, Gemini, or Azure OpenAI. You operate your own model-provider account; we never see your model traffic. The Verifier's internal LLM cross-check runs on Kanonik's account, not yours.

Do you offer non-profit or educational discounts?

Talk to us. We are early enough that case-by-case discussion is reasonable.

When do prices become final?

Founding Customer cohort members are price-protected for twelve months at the tier they sign for, regardless of any pricing change we announce later. The tiers on this page are anchored. We may adjust them based on early-customer feedback, but cohort members keep their rate.

What if I want a tier that does not exist on this page?

Talk to us. The published tiers cover the common cases; we are open to discussing variations with serious buyers.

Contact

hello@kanonik.ai for pricing discussions, custom tiers, vCISO/MSP arrangements, or anything else this page does not answer.

Join the founding cohort.

Three charter spots open this quarter. Founder-led onboarding, twelve-month price protection at the tier you select, full DPA reviewed and signed at onboarding.

Apply for the cohort Email sales