Skip to main content
Pricing

Two products. Pick one or both.

Brand Protection monitors for lookalike + typosquat domains. Email Security monitors DMARC, SPF, DKIM, MTA-STS, and TLS-RPT. Buy either on its own, or both together. No contracts.

Build your perimeter

How many domains, which products?

Tell us your domain count and which halves of domain security you want. We will recommend tiers and show the honest total.

1 25 50 75 100
Brand Protection

Starter

$49/mo

Up to 5 domains

Start Brand Protection
Email Security

Pro

$69/mo

Up to 20 domains

Start Email Security
Your total

Both products

$118/mo

Sold separately, no bundle discount

Start free, add both

Both products start with a Free tier (1 domain). No card needed. Recommendations update as you change the slider.

Or compare all tiers below

Product 1 of 2

Brand Protection

Detects typosquat + lookalike domains targeting your brand. Risk-scores them across registrar, DNS, content, and visual signals. Takedown tools, threat feeds, and per-domain alerts.

Free

Try it on one domain. No credit card.

$0 /mo

1 domain

  • Monitoring & detection
  • Monitor 1 domain
  • Lookalike, typosquat & homoglyph detection
  • Risk scoring across registrar, DNS, content & visual signals
  • Daily scans (every 24 hours)
  • Alerts
  • 5 visible alerts per domain
  • Email alerts
  • Response & takedown
  • Basic abuse-report tools
  • Access
  • Access to guides
  • Google sign-in
Get Started Free

Starter

Hourly scans, more domains, REST API.

$49 /mo

5 domains

  • Monitoring & detection
  • Monitor up to 5 domains
  • Lookalike, typosquat & homoglyph detection
  • Hourly scans
  • Certificate Transparency (CT) log monitoring
  • Threat-intelligence feeds
  • Risk scoring across registrar, DNS, content & visual signals
  • Alerts
  • Unlimited alerts
  • Email, Slack & webhook alerts
  • Response & takedown
  • Full abuse-report & phishing takedown tools
  • Access
  • REST API access
Get Started

Pro

Recommended

Site screenshots, visual change detection.

$99 /mo

20 domains

  • Monitoring & detection
  • Monitor up to 20 domains
  • Lookalike, typosquat & homoglyph detection
  • Hourly scans
  • CT log monitoring
  • Threat-intelligence feeds
  • CDN detection
  • Domain availability & pricing checks
  • Visual evidence
  • Site screenshots (headless Chromium)
  • Screenshot history (up to 30 per alert)
  • Daily visual change detection
  • Tracked pages: 5 per domain (login/checkout/account)
  • Alerts
  • Unlimited alerts
  • Email, Slack & webhook alerts
  • Response & takedown
  • Full abuse-report & phishing takedown tools
  • Access & support
  • REST API access
  • Priority support
Get Started

Business

Team access, audit log, compliance-ready.

$499 /mo

100 domains

  • Monitoring & detection
  • Monitor up to 100 domains
  • Lookalike, typosquat & homoglyph detection
  • Hourly scans
  • CT log monitoring
  • Threat-intelligence feeds
  • CDN detection
  • Domain availability & pricing checks
  • Visual evidence
  • Site screenshots (headless Chromium)
  • Screenshot history (up to 30 per alert)
  • Daily visual change detection
  • Tracked pages: 20 per domain
  • Alerts
  • Unlimited alerts
  • Email, Slack & webhook alerts
  • Response & takedown
  • Full abuse-report & phishing takedown tools
  • Access, team & compliance
  • REST API access
  • Team access (up to 10 members)
  • Audit log export
  • Compliance-ready: NIS 2, DORA, HIPAA, PCI DSS 4.0
  • Priority support
Get Started
Product 2 of 2

Email Security

DMARC report ingestion, SPF/DKIM monitoring, MTA-STS + TLS-RPT, and the enforcement wizard. Standalone product. No Brand Protection plan required.

Free

For trying it on one domain

$0 /mo

1 domain

  • Authentication monitoring
  • DMARC, SPF, DKIM, MTA-STS, TLS-RPT & BIMI monitoring
  • Who's sending as you, with ESP attribution
  • Posture & enforcement
  • Enforcement wizard + known senders
  • SPF record builder + flattener
  • Reports
  • Aggregate + forensic (RUF) reports, last 7 days
  • 7-day report + known-sender history
Get Started Free

Starter

For small teams with multiple domains

$20 /mo

5 domains

  • Authentication monitoring
  • Up to 5 monitored domains
  • DMARC, SPF, DKIM, MTA-STS, TLS-RPT & BIMI monitoring
  • Who's sending as you, with ESP attribution
  • Posture & enforcement
  • Enforcement wizard + known senders
  • SPF record builder + flattener
  • Reports & retention
  • Aggregate + forensic (RUF) reports
  • Full forensic history + 365-day reports
  • Detection & AI
  • Anomaly detection (4 classes) + alerts
  • AI DMARC root-cause analysis
Get Starter

Pro

Recommended

For mid-size companies with many sending domains

$69 /mo

20 domains

  • Authentication monitoring
  • Up to 20 monitored domains
  • DMARC, SPF, DKIM, MTA-STS, TLS-RPT & BIMI monitoring
  • Who's sending as you, with ESP attribution
  • Posture & enforcement
  • Enforcement wizard + known senders
  • SPF record builder + flattener
  • Reports & retention
  • Aggregate + forensic (RUF) reports
  • Full forensic history + 365-day reports
  • Higher-volume report ingest
  • Detection & AI
  • Anomaly detection (4 classes) + alerts
  • AI DMARC root-cause analysis
Get Pro

Business

For enterprises and MSPs at scale

$399 /mo

100 domains

  • Authentication monitoring
  • Up to 100 monitored domains
  • DMARC, SPF, DKIM, MTA-STS, TLS-RPT & BIMI monitoring
  • Who's sending as you, with ESP attribution
  • Posture & enforcement
  • Enforcement wizard + known senders
  • SPF record builder + flattener
  • Reports & retention
  • Aggregate + forensic (RUF) reports
  • Full forensic history + 365-day reports
  • Highest-volume report ingest
  • Detection & AI
  • Anomaly detection (4 classes) + alerts
  • AI DMARC root-cause analysis
  • Scale
  • Built for MSPs & high-volume senders
Get Business
Compliance

Helps you meet email-security clauses in NIS 2, DORA, HIPAA, and PCI DSS 4.0

Modern compliance frameworks have explicit requirements for phishing protection, brand impersonation detection, and email authentication. PhishFence delivers the continuous monitoring and evidence trail auditors look for.

EU

NIS 2 Directive

Article 21 requires essential and important entities to implement cybersecurity risk-management measures including "the use of cryptography and authentication" for electronic communications. PhishFence monitors DMARC/SPF/DKIM posture, detects brand impersonation attempts, and produces audit-ready evidence logs.

EU

DORA (Financial sector)

Digital Operational Resilience Act Chapter II mandates ICT risk management for financial entities, including detection of anomalous activities and third-party impersonation. PhishFence covers the phishing-surface side: lookalike domain detection, email-authentication monitoring, and structured incident logs.

US

HIPAA Security Rule

45 CFR 164.308 requires covered entities to guard against malicious software and protect patient data from unauthorised access. Including phishing campaigns targeting clinical staff. PhishFence flags the lookalike domains attackers register before launching those campaigns.

Global

PCI DSS 4.0

Requirement 5.4.1 (effective March 2025) mandates processes and automated mechanisms to detect and protect personnel against phishing attacks. PhishFence delivers the detection layer: continuous lookalike-domain monitoring and DMARC enforcement tracking map directly to the control.

PhishFence is a monitoring tool, not a certification body. Your compliance posture depends on how you operate the tool alongside the rest of your controls. Read our compliance playbooks for specific control mappings.

Frequently Asked Questions

How many domains can each plan monitor?
Brand Protection: Free covers 1 domain, Starter 5, Pro 20, Business 100. Email Security is a separate subscription with its own four tiers. See the Email Security page for the full breakdown.
Is the Free plan really free?
Yes. No credit card required and no time limit. You get 1 monitored domain with daily scans and up to 5 visible alerts. Sign in with Google to get started.
Do you require a credit card to start?
No. The Free plan does not require a credit card. You only enter payment details when you upgrade to a paid plan.
Do you offer annual pricing?
Yes. Toggle 'Annual' on the pricing page above to see the yearly price for each plan; annual billing is ten months' price for twelve months, so two months are free.
What does '5 visible alerts' mean on the Free plan?
PhishFence detects all lookalike domains for your brand, but the Free plan only shows you the top 5 alerts per domain. Upgrade to Starter or Pro to see all detected threats.
Can I change plans later?
Yes. Upgrade or downgrade anytime from your billing page. Changes take effect immediately and are prorated.
What payment methods do you accept?
We accept all major credit cards via Stripe.
Can I cancel anytime?
Absolutely. Cancel from your billing page or the Stripe customer portal. No cancellation fees.
What happens to my data if I cancel?
Your scan history and alerts are retained for 30 days after cancellation. You can export your data at any time.
What is CT log monitoring?
Certificate Transparency log monitoring watches for new SSL certificates issued for domains that look like yours. This catches phishing sites before they even go live, since attackers need a certificate to serve HTTPS.
What threat intelligence feeds are included?
Starter and Pro plans check alerts against URLhaus, Google Safe Browsing, PhishTank, and VirusTotal to enrich risk scores with real-world threat data.
Does the Business plan include Email Security?
No. Brand Protection and Email Security are separate product lines, sold separately at every tier. Brand Protection Business is $499/mo for 100 monitored domains. Email Security has its own four tiers (Free, Starter $20/mo, Pro $69/mo, Business $399/mo) and can be subscribed to independently or alongside any Brand Protection plan.
How is Email Security priced?
Email Security is a separate subscription with its own tiers (Free 1 domain, Starter $20/mo, Pro $69/mo, Business $399/mo). See the Email Security page for the full tier comparison.

Payments processed securely by Stripe.