Don't ship until you're sekrd.
Start free. Pay once for launch. Stay covered with continuous monitoring.
Free
Quick check before you ship
- ✓5 scans/day signed in (90/month) · 3/day anon
- ✓Security score (A–F) + Ship/Block verdict
- ✓Surface findings: which categories failed
- ✓Sekrd Verified badge if you pass
- ✓MCP server for Cursor / Claude Code
- ✓Telegram /scan command
Pre-Launch Audit
Ship with confidence
- ✓Everything in Free, plus:
- ✓Deep scan: 15 checks (RLS, secrets, DAST, OSV CVE...)
- ✓Full findings with file paths + line numbers
- ✓AI fix prompts (paste into Cursor / Claude Code)
- ✓48-citation compliance review across EU GDPR / UK GDPR / CCPA / CPRA / LGPD
- ✓Generated privacy policy template
- ✓Generated Terms of Service template
- ✓App Store Privacy Manifest checklist
- ✓Google Play Data Safety form guide
- ✓Site Crawler — full attack surface
- ✓PDF report (App Store, due diligence)
- ✓7 days of unlimited re-scans
One-time. No subscription.
Continuous Pro
Sleep at night
$288/year (save $60)
- ✓Everything in Pre-Launch, plus:
- ✓Daily automated re-scans
- ✓Drift alerts: new CVE, new endpoint, TLS expiring
- ✓Compliance drift monitoring
- ✓Vercel Deploy Gate — auto-block bad deploys
- ✓GitHub Action included
- ✓Telegram + email alerts
- ✓Site Crawler (full domain) on every scan
- ✓AI security review (100/mo)
- ✓Live verdict badge
- ✓Up to 10 projects
Cancel anytime.
Frequently asked
Why one-time vs subscription?⌃
Most apps need a deep audit before launch. After that, monthly monitoring catches drift. Pick the one that fits, or both — Continuous Pro includes everything in Pre-Launch.
Do I need both?⌃
Pre-Launch is one-time, ideal before App Store / Product Hunt / HN Show submission. Continuous is for ongoing protection. Many users buy Pre-Launch first, then upgrade to Continuous after launch.
Is the PDF report legally binding?⌃
No. Sekrd is not a certified auditor. The report documents findings at a point in time and maps them to regulation text. Useful for App Store submission, investor due diligence, internal compliance — not a substitute for legal counsel.
What if my app is on Bolt / Lovable / Replit / v0?⌃
All supported. Sekrd works on the deployed URL regardless of how it was built. We don't require account access to your build platform.
Refund policy?⌃
If the audit fails to run or returns empty results, full refund — email support@sekrd.com with the audit ID. Otherwise no — the audit consumes real LLM compute and external scan API calls.
Where's my data?⌃
Audit results stored encrypted in our DB during your plan period for re-scans. Source HTML / JS / response headers retained 7 days for the Continuous drift comparison. Delete anytime from /dashboard/settings. We don't track you across the web.
Want to see what you get? Run a free scan and preview the report format. Pre-Launch unlocks file paths, line numbers, fix prompts, and the PDF report.
Payments processed securely by Paddle.com (Merchant of Record). Paddle handles billing, taxes, and invoicing.
What makes Sekrd different?
Others scan from outside
HTTP headers, DOM, basic checks. They see RLS: enabledand say you're safe.
Sekrd connects to your backend
We read the actual RLS policy SQL. USING(true) = database wide open. Nobody else catches this.