Pricing for every stage of your device's lifecycle.
One price per device. Unlimited SBOMs. No seat fees.
SBOM documentation typically costs $3,000–$6,000 per submission. Threat Detective keeps it current, continuously, for a fraction of the cost.
Pricing
Stay cleared
$209 /month
per device · billed annually ($2,508/yr)
Save 16%For cleared devices that need continuous monitoring. Everything in Pre-Market, plus ongoing vulnerability surveillance and regulatory reporting.
Get early access.
Get cleared
$159 /month
per device · billed annually ($1,908/yr)
Save 16%For teams preparing a 510(k), De Novo, or PMA submission. Upload your SBOM, identify vulnerabilities, and produce eSTAR-ready documentation.
Get early access.
Full control
From $1,245 /year
12-month contract. 5 devices included.
Private deployment, SSO, and data residency. For growing manufacturers managing multiple devices.
12-month contract. 5 devices included.
Need more than one device?
Each additional device is 75% of your base fee. Unlimited SBOMs per device.
Pre-Market · 1 device · billed annually
$159/month
$1,908/yr
Comparable alternatives
Consultant (1 submission)
$3,000–$6,000
One-time report per submission; content may become outdated over time
Snyk Ignite (5 developers)
$6,300/yr
Per-developer pricing; does not produce FDA-ready documentation
“I built Threat Detective so medical device teams have a tool that keeps their SBOM documentation current, not just at submission but continuously. Pre-Market gets you through clearance. Post-Market keeps you covered.”
What's included.
Pre-Market
SBOM and vulnerability management
- IncludedUpload and manage your SBOM
- IncludedAutomatic vulnerability scanning across three databases
- IncludedPrioritise findings by risk
- IncludedDocument vulnerability decisions with audit-ready evidence
- IncludedGenerate submission-ready documentation (FDA eSTAR format)
Support and guidance
- IncludedStep-by-step guides and knowledge base
- IncludedEmail support
Infrastructure
- IncludedMedical devices included: 1
- IncludedTeam members: Unlimited
- IncludedData hosting: EU
Post-Market
SBOM and vulnerability management
- IncludedUpload and manage your SBOM
- IncludedAutomatic vulnerability scanning across three databases
- IncludedPrioritise findings by risk
- IncludedDocument vulnerability decisions with audit-ready evidence
- IncludedGenerate submission-ready documentation (FDA eSTAR format)
- IncludedContinuous monitoring for new vulnerabilities after clearance
- IncludedPost-market surveillance reports
- IncludedVEX generation and publishing
- IncludedHosted SBOM portal for customers and regulators
Support and guidance
- IncludedStep-by-step guides and knowledge base
- IncludedEmail support
Infrastructure
- IncludedMedical devices included: 1
- IncludedTeam members: Unlimited
- IncludedData hosting: EU
Private Cloud
SBOM and vulnerability management
- IncludedUpload and manage your SBOM
- IncludedAutomatic vulnerability scanning across three databases
- IncludedPrioritise findings by risk
- IncludedDocument vulnerability decisions with audit-ready evidence
- IncludedGenerate submission-ready documentation (FDA eSTAR format)
- IncludedContinuous monitoring for new vulnerabilities after clearance
- IncludedPost-market surveillance reports
- IncludedVEX generation and publishing
- IncludedHosted SBOM portal for customers and regulators
Support and guidance
- IncludedStep-by-step guides and knowledge base
- IncludedEmail support
- IncludedDedicated account manager
- IncludedPriority support with guaranteed response times
Infrastructure
- IncludedMedical devices included: 5
- IncludedTeam members: Unlimited
- IncludedData hosting: EU, US, or UK
- IncludedPrivate dedicated deployment
- IncludedConnect to your existing QMS tools via API
How Threat Detective compares.
Most teams manage SBOM documentation using spreadsheets, consultants, or enterprise security platforms not designed for regulatory submissions. Here is how Threat Detective is different.
vs. Spreadsheets
Spreadsheets can store vulnerability data, but they cannot scan databases automatically, validate SBOM formats, generate eSTAR sections, or track changes over time. Threat Detective does the scanning, matching, and documentation automatically.
vs. Consultants
A cybersecurity consultant produces a point-in-time report for a single submission. When a new vulnerability is disclosed the next week, that report is already out of date. Threat Detective gives you continuous monitoring and documentation that stays current.
vs. Enterprise Security Platforms
Tools like Snyk and Dependabot are built for developers, not regulatory submissions. They scan code but do not produce eSTAR documentation or the evidence format FDA and EU reviewers require.
Common questions.
What’s the difference between Pre-Market and Post-Market?
Pre-Market gives you everything you need for your FDA submission: SBOM management, vulnerability scanning, and eSTAR-ready documentation. Post-Market adds continuous monitoring, so after clearance you’re alerted to new vulnerabilities, can generate VEX documents, and produce post-market surveillance reports. The platform is the same — Post-Market unlocks the ongoing monitoring capabilities.
Can I start with Pre-Market and upgrade later?
Yes. Most teams start with Pre-Market for their submission, then upgrade to Post-Market once they receive clearance. Your SBOM data, vulnerability history, and documentation carry over — you just unlock continuous monitoring and post-market capabilities.
How does this work alongside a consultant?
Many teams use Threat Detective alongside their regulatory consultant. The platform handles the ongoing work — SBOM management, vulnerability monitoring, and keeping documentation current as new CVEs are disclosed — so your consultant can focus on regulatory strategy rather than manual documentation updates.
What counts as a “device”?
A device is one medical device project associated with one regulatory submission pathway. Each project can contain multiple SBOMs — for example, separate SBOMs for your firmware, application software, and a companion mobile app. Structure your SBOMs the way that makes sense for your architecture, not to fit the billing. If it’s one device going through one submission, it’s one project. We price per device because each one carries its own regulatory obligations — your cost scales with the work Threat Detective does for you, not with team size or data volume.
What if I have more than one medical device project?
Each Pre-Market and Post-Market subscription includes one medical device project (with as many SBOMs as that project needs). Additional projects are 75% of the base platform fee. Private Cloud includes five projects in the annual contract.
How do I get access?
Threat Detective is currently in private beta. Join the waitlist to request early access. We’re onboarding teams on a rolling basis and will reach out to discuss your submission timeline and requirements.
Can I cancel at any time?
The platform subscription is month-to-month with no long-term contract (unless you choose annual billing). Private Cloud requires a 12-month commitment. Your data remains accessible for export on all tiers.
What happens to my data if I cancel?
Your SBOM data, vulnerability history, and documentation remain accessible for export for 30 days after cancellation. We do not delete your data without notice — you will always have time to retrieve it.
Where is my data hosted?
Pre-Market and Post-Market data is hosted in the EU. Private Cloud customers can choose EU, US, or UK data residency. All data is encrypted at rest and in transit. Threat Detective does not process or store protected health information (PHI).
Is Threat Detective suitable for startups?
Yes. We designed the pricing and the product to work for teams of every size. Per-device pricing means you pay only for what you are submitting, with no seat fees or minimum commitments. Most startups begin on Pre-Market with a single device and scale from there.
Ready to get started?
Join the waitlist for early access, or talk to an expert about your submission.