Whenever you purchase a ThreatModel publication, we charge a one-time fee. We will provide free updates to the ThreatModel during 90 days (i.e. OverWatch updates). After 90 days, OverWatch will be charged pro rata afterwards (you can opt-out from OverWatch at anytime).
Additionally, if OverWatch is enabled, you have an opt-out option to receive all new Actions for a given publication, as soon we have analyzed it.
We charge on a monthly basis for all the Actions you request us to monitor.
Frequently Asked Question
On month 1, you choose the ThreatModel publication for Amazon S3 (170 Actions, made of 138 API). At the end of the month, you are charged 170 Actions * USD 100 = USD 17,000.
On month 2 and 3, you are charged USD 0 (free OverWatch).
On month 4 onwards (i.e. after 90 days pro rata), you are charged for OverWatch: 170 Actions * USD 2.5 = USD 425 monthly.
On month 7, let’s imagine AWS releases 8 more Actions on S3. Once we update the ThreatModel updated AND you have the appropriate option enabled, you are charged an additional 8 Actions * USD 100 = USD 800 at this end of that month.
From month 10 (7+3, i.e. after the 90 days pro rata), you are charged for OverWatch on the basis of 170+8 = 178 Actions * USD 2.5 = USD 445 monthly.
In this scenario, after 12 months, the charges have been in total USD 21,685, including:
- ThreatModel: 170 Actions * 100 USD = USD 17,000
- OverWatch: 170 Actions * 2.5 USD * 6 months (month 4, 5, 6, 7, 8, 9) = USD 2,550
- ThreatModel (after AWS release): 8 Actions * 100 USD = USD 800
- OverWatch: 178 Actions * 2.5 USD * 3 months (month 10, 11, 12) = USD 1,335
A ThreatModel publication is usually covering one CSP service (e.g. Amazon S3, Google Storage, etc.). However in some cases several CSP services are under the same publication (e.g. AWS IAM and AWS STS) or a CSP service is broken into several publications (e.g. Amazon VPC and Amazon EC2).
The number of Actions per ThreatModel varies from 13 Actions to over 400 Actions. As of May 2021, the average number of Actions per publication is 53.
No, we are analyzing and grouping Actions to make ThreatModel publication and OverWatch comprehensible, and give a complete picture of the threats and associated controls.