Pricing
Free to discover. Pay to control.
Every workspace starts on Sentinel (our top tier) free for 14 days. Full platform across browser, desktop, CLI, and the MCP Gateway on every Sentinel and Fleet workspace. After day 14, drop to Beam or subscribe to keep per-user attribution, blocking, audit-ready logs, and MCP coverage.
If you're the IT lead
A 60-person team on Sentinel is roughly $15K a year. Fits in petty cash. Installs in five minutes per laptop.
Read the IT lead page →
If you're the CFO
$15K a year buys you out of a $670K breach surprise. The math is in the IBM 2024 report.
Read the CFO page →
If you're getting audited
Sentinel includes the evidence pack pre-mapped to EU AI Act Article 4, SOC 2 CC6.1, and HIPAA technical safeguards.
Read the audit-prep page →
Sentinel free for 14 days, no card required. Use the full product - per-user view, block, sandbox, audit, export. After day 14, the workspace falls back to Beam: aggregate counts only (no per-user data, no exports, last 7 days), capped at 10 active users, runs for 60 more days. Subscribe any time to lift the caps and unlock who's doing what.
A beam finds the ship in the dark. Pure visibility.
What you keep after the 14-day trial if you don't subscribe. Capped at 10 active users, runs 60 more days.
- Browser, desktop, and CLI coverage
- 24-hour AI Discovery Report
- Aggregate tool inventory + classification
- Severity totals (workspace-level)
- Sensitive-prompt classifier (on device)
- Last 7 days of history
- No per-user attribution (Lighthouse)
- No CSV export (Lighthouse)
- No policy enforcement (Lighthouse)
- No MCP Gateway (Sentinel)
A lighthouse warns and guides. Keeps ships off the rocks.
For SMBs that need to stop the leaks. Cancel any time.
- Browser, desktop, and CLI coverage
- Everything in Beam
- Per-user attribution across all three surfaces
- One-click block / sandbox / allow per tool
- Multi-user invites & RBAC
- Email support
- Audit-ready logs (Sentinel)
- MDM deployment (Sentinel)
- MCP Gateway (Sentinel)
A sentinel stands watch and keeps records. For the auditor.
Free for 14 days, automatically. For SMBs with a SOC 2, HIPAA, or EU AI Act audit on the horizon.
- Browser, desktop, CLI, and MCP coverage
- Everything in Lighthouse
- MCP Gateway: in-path proxy for Claude Desktop, Cursor, Claude Code
- Per-tool allow / warn / block on 10 catalogued MCP servers
- Audit-ready immutable signed logs (all four surfaces)
- SOC 2 evidence pack (one-click export)
- EU AI Act Article 4 evidence
- HIPAA technical-safeguards evidence
- MDM-managed deployment (Intune, Jamf, Kandji)
- Quarterly executive risk-audit report
- API access
- Priority support
A fleet operates many beams together at scale.
For companies under audit that need SAML, SCIM, and SIEM streaming. Starts at $50K annually. Per-seat pricing on request.
- Browser, desktop, CLI, and MCP coverage
- Everything in Sentinel, plus:
- SAML SSO + SCIM (Okta, Entra)
- MDM deployment kits (Jamf, Intune, Kandji)
- SIEM streaming (Splunk HEC, Datadog Logs)
- GRC evidence automation (Vanta, Drata, OneTrust)
- Custom DPA + DPIA support
- 7-year audit log retention
- Annual SOC 2 evidence pack to your auditor
- Dedicated CSM + private Slack channel
- US or EU data residency
- 99.9% uptime SLA + quarterly business review
Identity, SIEM, and GRC integrations delivered as part of your engagement.
Contact sales →Not ready to sign up? See the live demo →
How we compare
Browser, desktop, CLI, MCP - one price, every tier. No add-on modules. No $8K starter contract. No 200-seat minimum.
vs. Strac
Charges modular add-ons for SaaS, Cloud, Endpoint, and MCP coverage. Their MCP DLP is one Microsoft 365 server. Northbeams covers browser, desktop, CLI, and 10 catalogued MCP servers for one per-user price. Compare →
vs. Nightfall AI
Starter contracts run $8,000 to $20,000 a year (Vendr median $24K), browser-only, annual minimum. Northbeams: $0 trial, $15 / user / mo, no annual commitment, full four-surface coverage. Compare →
vs. Teramind
Endpoint employee surveillance: keystroke logging and screen recording. Northbeams is metadata-only AI usage governance. No keystrokes, no screen captures, no prompt content, no MCP argument values. Compare →
vs. Harmonic Security
$163 per seat per year on AWS Marketplace, with a 200-seat minimum: a $32,600 / year floor. Sales-led only, no free trial. Their MCP Gateway is enterprise-only. Northbeams ships an MCP Gateway on Sentinel ($25/seat/mo), self-serve, from team size 1. Compare →
Public pricing as of May 2026. Sources: vendor pricing pages, Vendr marketplace, AWS Marketplace listings. Not a swipe at competitors. We pick a different shape because the SMB IT lead doesn't have time for a procurement cycle.
What's in each tier.
The full breakdown. ✓ included, - not in this tier.
| Feature | Beam$0 | Lighthouse$12 | Sentinel$20 | FleetCustom |
|---|---|---|---|---|
| Discovery & visibility | ||||
| 24-hour AI Discovery Report | ✓ | ✓ | ✓ | ✓ |
| Sensitive-prompt classifier (on device) | ✓ | ✓ | ✓ | ✓ |
| Tool risk scoring & classification | ✓ | ✓ | ✓ | ✓ |
| Severity totals & aggregate counts | ✓ | ✓ | ✓ | ✓ |
| Per-user attribution (who did what) | - | ✓ | ✓ | ✓ |
| Event history | Last 7 days | Unlimited | Unlimited | Unlimited |
| CSV export of incidents | - | ✓ | ✓ | ✓ |
| Active-user limit | Up to 10 | Unlimited | Unlimited | Unlimited |
| How long does it last? | 60 days after trial | As long as you're subscribed | As long as you're subscribed | As long as you're subscribed |
| Governance & enforcement | ||||
| One-click block / sandbox / allow | - | ✓ | ✓ | ✓ |
| Soft-block educational redirects | - | ✓ | ✓ | ✓ |
| Multi-user invites & RBAC | - | ✓ | ✓ | ✓ |
| Per-tool policy library | - | ✓ | ✓ | ✓ |
| MCP Gateway (coding agents) | ||||
| MCP Gateway (in-path proxy for Claude Desktop, Cursor, Claude Code) | - | - | ✓ | ✓ |
| Per-tool allow / warn / block on MCP servers | - | - | ✓ | ✓ |
| 10 catalogued MCP servers with recommended policies | - | - | ✓ | ✓ |
| On-device argument classifier (credentials, PII, source, legal, customer data) | - | - | ✓ | ✓ |
| MDM rollout via NBM_MCP_GATEWAY=1 | - | - | ✓ | ✓ |
| Compliance & audit | ||||
| Audit-ready immutable signed logs | - | - | ✓ | ✓ |
| SOC 2 evidence pack (one-click export) | - | - | ✓ | ✓ |
| EU AI Act Article 4 evidence | - | - | ✓ | ✓ |
| HIPAA technical-safeguards evidence | - | - | ✓ | ✓ |
| Quarterly executive risk-audit report | - | - | ✓ | ✓ |
| MDM deployment (Intune / JAMF) | - | - | ✓ | ✓ |
| API access | - | - | ✓ | ✓ |
| Integrations | ||||
| Identity (Okta, Entra). SAML SSO + SCIM† | - | - | - | Custom |
| Device management (Jamf, Intune, Kandji) | - | - | ✓ | ✓ |
| SIEM streaming (Splunk HEC, Datadog Logs)† | - | - | - | Custom |
| GRC evidence automation (Vanta, Drata, OneTrust)† | - | - | - | Custom |
| Enterprise | ||||
| SSO / SAML | - | - | - | ✓ |
| Custom DPA + DPIA support | - | - | - | ✓ |
| BAA (HIPAA) | - | - | - | ✓ |
| Audit log retention | 7 days | Unlimited | Unlimited | 7-year guarantee |
| Annual SOC 2 evidence pack to your auditor | - | - | - | ✓ |
| Data residency (US or EU) | US | US | US | US or EU |
| Dedicated CSM + private Slack channel | - | - | - | ✓ |
| 99.9% uptime SLA + QBR | - | - | - | ✓ |
| On-prem classifier option | - | - | - | ✓ |
| Support | ||||
| Community support | ✓ | ✓ | ✓ | ✓ |
| Email support | - | ✓ | ✓ | ✓ |
| Priority support | - | - | ✓ | ✓ |
† Fleet integrations delivered as part of your engagement, configured to your existing identity, SIEM, and GRC stack.
$15K / year buys you out of a $670,000 surprise on your next breach.
A 60-person SMB on Sentinel pays roughly $15,000 a year (annual billing). The IBM 2024 report shows breaches involving Shadow AI cost $670,000 more than equivalent breaches without it. Plus $160 per leaked record. That's a 45× return on one prevented incident.
Shadow data breaches take 26.2% longer to identify and contain. Northbeams cuts that detection window to under 24 hours.
Common questions
← Home Calculator Support Resources Contact Privacy Terms What's new