The platform — every line of code, every adapter, every AI agent — is and stays MIT-licensed. You never pay for features. What you pay for is the guarantee that a human is on the other end of an SLA when something breaks at 2am and your customer's compliance posture goes red.
Pick the tier that matches your blast radius. Upgrade or downgrade at any monthly renewal.
Every paid tier gets the same product as Community. No feature gates, no per-seat charges on the OSS.
Support contracts cover the response side. The platform stays local-first, air-gap-ready, BYO-AI. We never ask for your configs.
Response times are contractual. If we miss an SLA, you get a credit on the next month — not just an apology.
Monthly billing, no annual lock-in. The OSS keeps working with or without us.
Side-by-side, no surprises.
| Feature | Community | Starter | Business | Enterprise | Mission-critical |
|---|---|---|---|---|---|
| Full MIT product | ✓ | ✓ | ✓ | ✓ | ✓ |
| GitHub issues | ✓ | ✓ | ✓ | ✓ | ✓ |
| Community chat | ✓ | ✓ | ✓ | ✓ | ✓ |
| Email support | — | ✓ | ✓ | ✓ | ✓ |
| Response SLA | Best effort | 1 bus day | 4 weekday hrs | 1 hr critical | Custom |
| Private Slack channel | — | — | ✓ | ✓ | ✓ |
| Quarterly review call | — | — | ✓ | ✓ | ✓ |
| 24/7 phone | — | — | — | ✓ | ✓ |
| Named escalation path | — | — | — | ✓ | ✓ |
| Custom adapter / rule pack development | — | — | — | ✓ | ✓ |
| Dedicated engineer | — | — | — | — | ✓ |
| On-site response (when feasible) | — | — | — | Quarterly | ✓ |
| Regulatory-spec SLA writing | — | — | — | — | ✓ |
| Cancel anytime | ✓ | ✓ | ✓ | ✓ | ✓ |
Because at 2am on a Sunday when your customer's firewall is fighting itself, "best-effort community response" isn't an acceptable answer. Paid tiers exist specifically for teams where downtime has a contractual or compliance cost. If best-effort works for you, stay on Community — that's the deal.
No. The product stays MIT, end-to-end, forever. The commitment is in the LICENSE and the company is structured to honor it. Pricing tiers cover response time, named contacts, custom adapter development, and audit-spec work — never product features.
No. Support contracts are entirely a response-side service. Your install never sends configs, scan data, or customer data to us. When you file a support ticket, you choose what to share. Local-first stays local-first regardless of tier.
SLA misses convert to credit on the next month's invoice. The exact credit formula is in the contract. We don't promise the impossible — but we contract for what we deliver.
Federal customers, defense contractors, regulated-finance buyers, and large healthcare deployments where regulatory SLAs (DFARS, FedRAMP, NIST 800-171, HITRUST) require a contractual response time we can hold. It's quote-based because every customer's spec is different. Email us and we'll work backwards from your requirement.
In partnership with QSA-licensed firms — coming with the v13 release. See the Services page for the timeline.
Yes — GitHub Sponsors works at any level. Companies sponsoring at $500+/month get logo placement on the README. Sponsorship is patronage, not support — there's no SLA attached.
Email hello@safecadence.com with the tier you want. We'll send a contract within 1 business day.
hello@safecadence.com →