Skip to content
Cybsis

Pricing

Three combos.
Or assemble exactly what you need.

Cybsis 2.0 is sold as a base plus modules. Pick a combo for a clear price, or use the configurator to build a bundle. Invoice-only — no payment processing on this site.

Essential

€700 / year

For organisations that need the security baseline — and not much else.

Just the baseline (Cybsis Baseline), single instance, Core ISMS stripped to essentials.

Core ISMS
Stripped
Standards included
1
Add-on modules
None
Start with Essential →

Reasonable

€2,950 / year

The full ISMS suite, one standard of choice — same price as Cybsis 1.x.

Full Core ISMS, one standard of choice, one instance.

Core ISMS
Full
Standards included
1
Add-on modules
None — add à la carte
Start with Reasonable →

Complete

€14,950 / year

Everything Cybsis 2.0 does today — and every paid module Cybsis ships tomorrow.

17 paid modules + 3 standards bundled + 3 sub-instances. Every future paid module folds in at no extra charge — that's the load-bearing part.

Core ISMS
Full
Standards included
3
Add-on modules
17 included
Start with Complete →

All prices in EUR, exclusive of VAT. VAT is added on the invoice based on your country. Combo prices are licence-only — pick a hosting option below.

Hosting

Pick where Cybsis runs.

One licence price, three places it can live. RW Hosting is the only option with a fee attached — €300/year flat, regardless of bundle size. The other two are your infrastructure, no incremental charge from us.

RW Hosting · AWS eu-north-1

+€300/yr

We run it on Amazon's Stockholm region. Same-day updates, usage telemetry so support resolves fast, zero runtime ops on your side. Flat fee regardless of size.

Your cloud — AWS / GCP / Azure

No extra charge

Run the Docker image in your tenancy. You own the runtime; you tell us when an update is welcome. Same product, your infrastructure.

On-premise

No extra charge

For high-security customers: your data centre, air-gapped if needed. You get the Docker image and documentation; you run it.

Add-on modules

17 modules above the Core ISMS base. Mix and match — every module is sold individually, the three combos are convenient pre-built bundles.

Open the configurator →

Federation

Platform

Cross-instance read-only reporting. Hub-and-spoke for holdings, groups, and consultancies.

€2,000/yr

Learn more →

Ludwig — AI Security Specialist

AI

A seasoned information-security specialist in chat form. Reads your live data, proposes actions you approve.

€1,500/yr

BYO key
Learn more →

Multi-Instance Framework

Platform

Run multiple legal entities under one tenant. Framework is free; pay €300 per sub-instance per year.

€300 / sub-instance / yr

No framework fee — pay only for sub-instances you use.

Learn more →

Graph

Platform

Walk the relationships between every register — assets, risks, controls, documents, incidents, threats, audits — as a navigable map. Included in every Cybsis instance.

Included in Core ISMS

Learn more →

Monitoring

Platform

Internal ISMS health surface — control-implementation status, evidence freshness, review-cadence visibility. Included in every Cybsis instance.

Included in Core ISMS

Learn more →

Audit Trail

Platform

Every action on every register, attributed, timestamped, searchable. The audit trail that turns "who did what, when" from a question into a query. Included in every Cybsis instance.

Included in Core ISMS

Learn more →

User Activity

Platform

Per-user contribution breakdown across the major registers — who's actually doing the work, in numbers. Sibling view to the Audit Trail. Included in every Cybsis instance.

Included in Core ISMS

Learn more →

AI Watchdog

Platform

Every AI call logged, every Ludwig conversation measured, every euro of inference cost accounted for. Included in every Cybsis instance.

Included in Core ISMS

Learn more →

Internal Audit

Compliance

Plan, run, and document internal audit campaigns — cycles, findings, evidence, meetings, reports.

€900/yr

Learn more →

System Health

Platform

Real-time view of the host server's pulse — CPU, memory, disk, database, backups, integrations, license, AI provider — all on one admin screen. Included in every Cybsis instance.

Included in Core ISMS

Learn more →

System Log

Platform

In-app log viewer for the running container — DEBUG, INFO, WARN, ERROR — filterable and streamed live. Included in every Cybsis instance.

Included in Core ISMS

Learn more →

External Audit

Compliance

Manage external audit campaigns — main audits, follow-ups, evidence packaging, external-auditor collaboration.

€900/yr

Learn more →

AI Assistant

AI

In-workflow AI helper. Sparkle buttons across the product for suggestions, drafts, gap analysis, and next-best-action.

€400/yr

BYO key
Learn more →

AI Documents

AI

AI-generated long-form documents — policies, procedures, risk assessments, BCM plans — drafted from your instance data plus a questionnaire.

€600/yr

BYO key
Learn more →

Ludwig DPO — Data Protection Assistant

AI

Extends Ludwig into an assistant to your data protection officer. GDPR and Estonian data-protection law, answered from a verbatim legal corpus with act and § citations.

€900/yr

BYO key
Learn more →

Service Provider Registry

Compliance

Vendor management with control linking and contract references. NIS2 / GDPR Art. 28 ready.

€700/yr

Learn more →

Audit Questionnaires

Compliance

Targeted questionnaires for unmet prerequisites — manual or AI-generated, with response tracking and prerequisite cross-references.

€600/yr

Learn more →

Processing Activities (RoPA)

Compliance

GDPR Article 30 record of processing activities, linked to your data assets.

€700/yr

Learn more →

JIRA Connector

Workflow

Bidirectional JIRA integration — push incidents, risks, and corrective actions into JIRA; sync status and comments back.

€700/yr

Learn more →

Microsoft 365 Connector

Workflow

SharePoint and OneDrive document linking via Microsoft Graph, with encrypted tenant credentials.

€100/yr

Learn more →

Email Triage / Service Desk

Workflow

Inbound routing rules, create-incident-from-email, watchers and approvals.

€700/yr

Learn more →

Incident Response

Workflow

SLA tracking with business-hours awareness, automation rules, and regulatory-grade exports for incident handling.

€1,000/yr

Learn more →

Automation Rules

Workflow

Event-driven workflows for incidents and tickets — "when X happens, do Y."

€700/yr

Learn more →

Modern Authentication

Authentication

Passkeys (WebAuthn) with hardware-key support, Estonian ID-card via Web eID, and TARA SSO — included in every Cybsis instance.

Included in Core ISMS

Learn more →

Active Directory / LDAP

Authentication

Authenticate against AD or any LDAP directory via LDAP bind — TLS and group-restricted access included.

€100/yr

Learn more →

Standards

A catalogue of 28 frameworks across 9 categories, any number run side-by-side in one installation. Each pack is €600/year; we map any framework in on request, typically in about two weeks. No upper limit on concurrent standards.

Browse the full catalogue →

Need something not in the catalogue?

Industry-specific schemes (ISO 14971, IEC 62443, AS9100, HITRUST CSF, FDA 21 CFR Part 820 …), national variants, or contractual frameworks specific to your customers — mention it in the quote request. Catalogue ingestion, control mapping, and seeding takes about two weeks, after which it joins the catalogue at the same €600/year.

Before you commit

Two things worth knowing.

AI features cost only when enabled

Buying Ludwig, AI Assistant, or AI Documents adds the licence to your bundle, but no AI request leaves the platform until an administrator turns the feature on and attaches a provider key. Bring your own (OpenAI / Anthropic public key, self-hosted endpoint) or have us supply one — either way, runtime token spend is separate from the module fee.

Buyers who want the option without the runtime cost can ship with the modules installed but disabled — feature stays dormant until you flip it on.

Core ISMS is not a stub

Essential at €700 includes the full Cybsis 1.x feature set — assets, risks, controls, documents, incident log, evidence library, monitoring dashboards, modern authentication (passkeys + Estonian ID-card + TARA SSO). It's a working ISMS on day one, before any paid module is added.

The paid catalogue extends Core with things Core deliberately doesn't try to do: full audit campaigns, GDPR Article 30 records, vendor management, AI authoring, federation, sub-instances, and the integrations that hook Cybsis into your existing stack.

How buying works

1. Configure & request
Pick a combo or assemble à la carte in the configurator, then submit the quote form. Six fields — no account, no demo required upfront.
2. We reply within 1 business day
You'll get a quote by email with the configured bundle, the price, applicable VAT for your country, and a proposed invoice schedule.
3. Invoice & onboard
After the invoice is settled, you receive Docker images, a licence, and an onboarding walkthrough. AI features stay off until you turn them on.