Pricing built for your team
Modern security tools shouldn't require a 30-day procurement cycle just to get started. Pick a plan, sign up, and run an exercise today — with audit-ready reports waiting for your next compliance review.
Simple, transparent pricing
Whether you run tabletop exercises once a year or every week, we have a plan for you.
Prices shown are per month when billed monthly.
Starter
Small teams running their first tabletops.
Billed annually · 10% off the monthly rate
- ✓ 3 exercises per month
- ✓ 1 facilitator seat · up to 5 participants
- ✓ Default Breachday scenario templates based on real public breaches
- ✓ Up to 8 custom role seats
- ✓ Lessons learned tracker
- ○ PDF export of after-action reports (not saved to account)
- No CISA CTEP templates, IT asset register, BIA, or crisis communication plans
Plus
Growing programs that need saved reports, CISA templates, and a BC backbone.
Billed annually · 10% off the monthly rate
- ✓ 10 exercises per month
- ✓ 1 facilitator seat · up to 10 participants
- ✓ Default templates + CTEP-based templates
- ✓ Reports saved + branded PDF export
- ✓ Lessons learned tracker
- ✓ IT Asset Register (up to 100) + Business Impact Analysis
- ✓ Crisis Communication Plans (3 templates)
- ✓ API access · Data protection mode*
Pro
Mature programs running production exercises with SSO and unlimited scale.
Billed annually · 10% off the monthly rate
- ✓ 20 exercises per month
- ✓ 2 facilitator seats · unlimited participants
- ✓ Unlimited custom role seats
- ✓ Default templates + CTEP-based templates
- ✓ Unlimited IT assets, BIA, and all crisis communication plan templates
- ✓ SSO (SAML)
- ✓ API access · Data protection mode*
- ✓ Audit-ready reports for SOC 2, PCI DSS 4.0, and SEC disclosure
Enterprise
Everything in Pro, plus self-hosted deployment and dedicated onboarding.
- ✓ Everything in Pro
- ✓ Self-hosted deployment option
- ✓ Custom SCIM provisioning & advanced RBAC
- ✓ Priority onboarding & dedicated CSM
- ✓ Custom DPA, BAA, and security review support
* Data protection mode is included on Plus, Pro, and Enterprise.
Run white-labeled tabletops for your clients. Each client slot is a fully isolated org with the entire Breachday platform — default and CTEP-based templates, IT asset register, BIA, crisis comms, and branded PDF reports — under your name. You set what you charge your clients; we power the platform.
Annual billing only. All plans include a 14-day onboarding period and seed scenarios in every client org.
Number of client slots
10 client slots
$1,700 / client / yr
Total annual cost: $17,000 / yr
- ✓ White-labeled PDF reports with your branding
- ✓ Fully isolated client orgs (data & user separation)
- ✓ Pro-tier features in every client org (CISA CTEP, BIA, comms plans)
- ✓ Partner portal: cross-client member & org management
- ✓ Seed scenarios pre-installed in every client org
- ✓ Priority support & consultant-style template cloning
- ✓ Dedicated CSM (50 slots)
Frequently Asked Questions
Have another question? Reach out to our team.
Do participants need accounts to play?
No. Participants enter a 4-character room code (like 'AB12') on the Breachday join page, pick a display name, and claim a role seat — Incident Commander, Legal, Comms, or any role your org defines. Only facilitators need an account.
What scenarios come with Breachday?
Breachday includes first-party scenarios based on real-world public breaches plus CTEP-style sector templates on Plus and Pro (CISA publishes the Cybersecurity Tabletop Exercise Package—CTEP—materials we align with). You can clone any template or build fully custom scenarios from scratch.
Can these reports be used as compliance evidence?
Yes — that's a core use case. Reports include a chronological timeline, vote tallies, freeform responses, observations, facilitator notes, and the assets and BIA processes exercised. Customers use them as evidence for SOC 2 incident response controls, PCI DSS 4.0 Requirement 12.10.1, and SEC cyber disclosure readiness.
What does the exporting look like?
Starter can export PDF summaries but does not save reports to the workspace. From Plus onward, reports are persisted on your account and exported as branded PDFs (with your logo) plus structured JSON. Crisis communication plans also export to PDF and packet form.
How does onboarding work?
Starter through Pro is self-serve — sign up and run an exercise the same day. Enterprise customers work with our team on deployment, SSO, and procurement. MSP partners get a 14-day onboarding period with seed scenarios pre-installed in every client org.
Is Breachday secure?
Yes. Data is encrypted at rest and in transit. SAML SSO is included on Pro; Plus and Pro offer a data protection mode for sensitive scenarios. Enterprise adds self-hosted deployment, custom DPAs, and security review support.
Still have questions?
Our team is happy to walk through your specific tabletop requirements and ensure Breachday is a fit.
Contact us