Safeguard
FAQ

Safeguard's $1 Starter Plan: FAQ on What You Get for a Dollar

Everything about Safeguard's $1 Starter plan — what one dollar connects, what's included, what's not, and when to upgrade to autonomous remediation and compliance packs.

Safeguard Team
Product
5 min read

Safeguard's $1 Starter plan is the entry tier of the platform: one dollar connects a single repository and turns on core software composition analysis (SCA), a generated SBOM in CycloneDX or SPDX, reachability-based prioritization, and Griffin AI fix suggestions — with no sales call required to start. It is deliberately the most affordable way to run genuine supply-chain security on a real codebase, not a limited trial. This FAQ answers exactly what a dollar buys, what it doesn't, and when upgrading makes sense.

Frequently Asked Questions

What exactly does $1 get me? One dollar connects one repository and activates core SCA, an exportable SBOM (CycloneDX or SPDX), reachability-based prioritization, and Griffin AI fix suggestions. It is a working slice of the full platform scoped to a single project, so you get real detection and prioritization rather than a read-only preview. The current details are on the pricing page.

Is the $1 a monthly charge or one-time? It is the price of the Starter tier — a nominal charge that opens the door to core security on one repository without a sales conversation. The point of the dollar is to make trying the platform frictionless; the real business model lives in the paid tiers you move to when you need scale and automation.

Do I have to talk to sales to start? No. The whole idea of the $1 Starter plan is self-serve: you register, connect a repository, and start scanning. Sales-led pricing only applies at the enterprise level, where scope like reasoning budget, deployment isolation, and compliance requirements genuinely needs a scoped conversation.

What kind of scanning does the Starter plan run? It runs the core SCA engine against your dependency graph and layers reachability analysis on top, so findings are ranked by whether the vulnerable code is actually reachable in your application rather than merely present. That prioritization is the difference between a short, actionable list and a thousand-line report nobody triages.

Does the $1 plan include an SBOM? Yes. Starter generates a software bill of materials you can export in CycloneDX or SPDX, which is the same inventory foundation the rest of the platform builds on. That makes even the cheapest tier useful for compliance-adjacent asks like "give me an SBOM for this service."

Does it include AI-powered fixes? It includes Griffin AI fix suggestions — Griffin tells you which upgrade resolves a finding and explains the reasoning. What Starter does not include is autonomous remediation: opening and auto-merging those fixes without a human is an Auto-Fix capability on the paid tiers.

What is NOT included in the $1 plan? Autonomous auto-merge remediation, more than one project, compliance packs (SOC 2, NIST, PCI-DSS mapping), and isolated deployment are all upgrade features. Starter is scoped to one repository with core detection, prioritization, SBOM, and AI suggestions — it is honestly a starting point, not the entire platform.

Can I secure a whole organization on the $1 plan? Not really, and it is not meant to. One dollar covers one repository, which is ideal for a solo developer, a maintainer, or a single important service. Securing many repos with automation and governance is exactly what the paid tiers exist for.

How is this different from a free trial? A free trial usually runs a clock and then locks you out; the $1 Starter plan gives durable access to core scanning on your real repository for a trivial price. For evaluating whether the platform fits your workflow, running it on real code without a countdown is generally more informative than a two-week sandbox.

Why price it at a dollar instead of making it free? A real (if tiny) payment filters for genuine intent and sets the expectation that this is a product, not an ad-supported freebie whose data terms you have to worry about. It also keeps the relationship honest: you are a customer on day one, and the upgrade path is a straightforward expansion rather than a conversion funnel.

What's the ROI of the Starter plan? The break-even is essentially the first reachable, exploitable finding it surfaces that you would otherwise have shipped or missed in the noise. Cleaning up one such vulnerability in production costs far more than a dollar — and far more than the paid tiers — so the plan pays for itself at the first meaningful result.

When should I upgrade from the $1 plan? Upgrade when you need to cover more than one project, when manually merging fix PRs becomes the bottleneck, or when an auditor asks for a compliance pack. Autonomous auto-merge remediation and multi-project coverage are where teams stop spending time on security plumbing and start getting it done automatically.

How do I activate the $1 Starter plan? Register and connect one repository at app.safeguard.sh/register to turn on the Starter plan. For step-by-step setup and how each included feature works, see the documentation at docs.safeguard.sh.

Never miss an update

Weekly insights on software supply chain security, delivered to your inbox.