Pricing · pre-launch

Open-source SDK is free forever.
Hosted tiers start at $1,500/month.

The KGE SDK is Apache-2.0 — drop it in, ship audit-stream + vault contracts, never pay us anything. Hosted tiers add the parts a busy B2B SaaS company would rather not run themselves: Decision Card review, vault contract hosting, quarterly Pulse positioning, integration support.

Three tiers · one architecture

All tiers use the same Apache-2.0 SDK. The difference is what's hosted for you and how much of the buyer-facing diligence response we run alongside.

Solo

$1,500/mo · annual

For B2B SaaS doing first SOC 2 readiness, embedding KGE to back the trust-boundary claim.

  • Open-source SDK (Apache-2.0, all versions)
  • Hosted Decision Card validator
  • 1 hosted vault contract surface (read-only)
  • Quarterly Pulse self-score badge
  • No live integration support
  • No custom Decision Card review
  • No RFP / questionnaire response assistance
Get on the waitlist
Team · most chosen

$3,500/mo · annual

For B2B SaaS with active enterprise customers — vault contract hosting + Decision Card review for two product lines.

  • Everything in Solo
  • Up to 5 hosted vault contract surfaces (read + write)
  • Custom Decision Card review (one per quarter)
  • 2-hour integration consult per month
  • Private quarterly Pulse positioning brief
  • No RFP packet assembly
  • No tabletop facilitation
Get on the waitlist
Scale

$7,500/mo · annual

For B2B SaaS embedding into regulated verticals (HealthTech, FinTech, GovTech) where deals stall on security review.

  • Everything in Team
  • Unlimited hosted vault contract surfaces
  • Live integration support (Slack channel)
  • One RFP packet assembly per quarter
  • One AI tabletop facilitation per year
  • White-label Trust Center mirror at your subdomain
  • Quarterly private Pulse vertical brief
Get on the waitlist

Honest ROI math

These numbers come from public industry benchmarks for B2B SaaS in regulated verticals. Your actual numbers will differ. The framing is for executive sponsors who need to defend a $1.5K–$7.5K monthly line item against the alternative — which is usually another consultant retainer plus three internal hours per security questionnaire.

Per quarter (Team tier reference)

24 hrs
Security questionnaire response time saved vs. starting from scratch each cycle
3-5 days
Enterprise deal-cycle compression when buyers can verify trust-boundary claims at signature time
$24K-$60K
SOC 2 audit prep cost reduction in year 1 when audit-stream + vault contracts are already in place

Synthetic but defensible. Public benchmarks: Vanta industry report (questionnaire response time), Bessemer Cloud 100 (deal cycle data), AICPA SOC 2 cost surveys. We'll show you the citations in a discovery call.

→ Run the ROI calculator on YOUR numbers

What's included in every tier

Every tier ships against the same Apache-2.0 SDK. The differences above are about what's hosted and how much of the response work we share, not about the underlying technology.

SDK · always free

kinetic-gain-embedded

TypeScript dual ESM/CJS · zero runtime dependencies · Node 20+ · hash-chained audit · Decision Card vault contract enforcement · ed25519 signing.

View on GitHub →

PROCUREMENT PACKET · always free

17-section starter template

Fill-in template for the security review packet enterprise buyers expect. §8 makes 4 KGE-backed verifiable claims. Aligned with SOC 2 CC9.2 + ISO/IEC 27018 + GDPR Art. 28 vocab — without claiming what you haven't earned.

View on GitHub →

Honest pre-launch framing

What you're getting on the waitlist · what you're not

KGE is pre-commercial. The open-source SDK is production-stable (v1.0-prod). The hosted tiers are not yet purchasable — we're collecting waitlist + first-customer interest signal before opening commercial flow. When you join the waitlist, here's what you're committing to and what we are:

  • You get: early-customer pricing locked at the rates above for 12 months from public launch, monthly product-update emails, priority slot when commercial flow opens.
  • You don't pay: nothing until you choose to opt in to a tier after commercial launch.
  • We won't: oversell, claim SOC 2 we don't have, claim certifications we haven't earned, or pretend the hosted tiers are live until they are.
  • What's blocking commercial launch: EIN → bank → Stripe → invoicing infrastructure (mechanical work, weeks not months).

If you need this productized for a specific deal in flight, say so on the contact form — that's the signal that triggers an out-of-band response.