Pricing
Free for everyone.
Pro for the full engine.
Full reports and a rate-limited API, free forever — no card, no trial clock. Pro is one flat $149/mo for the full engine — every format, all 66 architectures, firmware — no à-la-carte chipset licensing like IDA Pro or Binary Ninja.
Free
Researchers, students, the curious
No card. Full reports on Windows, Linux, and macOS binaries — uploads join the public corpus.
- Windows · Linux · macOS — PE · ELF · Mach-O
- Behavioral profile + capability map
- Verdict — is it safe to run?
- SBOM — libraries detected in the binary
- Hex viewer · disassembly · function lookup
- Search the public corpus
- REST API — rate-limited
Pro
RE analysts, consultants, security teams
The full engine — every format, every chipset, firmware — kept private, plus the unmetered API.
- Everything in Free — in a private workspace
- Firmware unpacking & analysis
- All 6 formats · all 66 architectures
- Decompile to Rust (99.7% compile)
- CWE findings + full per-CVE detail
- Binary diff & package diff
- Full API · query DSL · MCP server
Cancel anytime · billed through Stripe
Enterprise
CISOs, gov & defense, OEM partners
Fleet · from $25K/yr
Fleet-wide binary intelligence, on your infrastructure.
- Everything in Pro, fleet-wide
- CRA-ready SBOM & firmware reports
- Hosts as first-class entities
- CVE → hosts-impacted rollup
- Release baselines + drift detection
- App inventory + change timeline
- Self-host · air-gapped deploy
No à-la-carte licensing
Every format, every architecture, and firmware — one flat Pro price.
Executable formats
Architectures
Firmware unpackers
Source languages
ATT&CK techniques
Library signatures
EU Cyber Resilience Act
Shipping a device into the EU?
Machine-readable SBOMs become mandatory Dec 11, 2027 — reporting obligations start Sep 11, 2026. We read the shipped firmware itself and produce the SBOM, CVE attribution, and release-over-release diff.
Compare tiers
Questions
On Free, binaries you upload join the public corpus — that's the deal that keeps Free free. On Pro and Enterprise, uploads land in a private workspace and never become public.
Free covers the desktop platforms — Windows, Linux, and macOS binaries (PE, ELF, Mach-O) on common architectures — so you can validate it works on your binaries: full behavioral profile and capability map, the safety verdict, the SBOM (libraries inside the binary), the hex viewer, disassembly, function lookups, corpus search, and a rate-limited REST API. Pro unlocks the full engine — every format, all 66 architectures, and firmware unpacking — plus the deep RE outputs: decompilation to compilable Rust, CWE findings, full per-CVE detail, binary & package diffing, a private workspace, and the unmetered API with the query DSL and MCP server.
Yes. The REST API works on Free with rate limits — send a binary, get the JSON report back: verdict, capabilities, libraries, CVE counts. It's enough to evaluate an integration or run a small project against the public corpus. Pro removes the tight limits and adds the query DSL, JSONL export, and the MCP server for pipelines and agents.
Free opens the desktop platforms — Windows (PE), Linux (ELF), and macOS (Mach-O) — on the common architectures: x86, x86-64, ARM, and AArch64. That's enough to validate openbinary on most binaries. The full set (all 6 formats, all 66 architectures including the embedded and exotic chipsets) and firmware unpacking are Pro.
Yes. Switch the toggle to annual and Pro is two months free — $1,490 per user per year instead of $1,788. Enterprise is quoted annually from the start.
Never. IDA Pro and Binary Ninja sell decompilers and architectures à la carte — a separate license per chipset. We don't. Free covers the mainstream formats so you can try it, and one flat Pro price then unlocks every format, all 66 architectures, and firmware. No per-chipset add-ons, ever.
Never. Analysis is 100% static — no sandbox, no execution, no network required. It's air-gap safe by design.
Free and anonymous use is rate-limited to keep the public service healthy for everyone. Pro and Enterprise run on fair use — generous enough that real work never hits a wall (a 1,000-binary firmware is a single upload, not a thousand), and we warn before we ever throttle. Re-processing a package is the one deliberately tight action, since it re-runs the full analysis.
Any machine a collector reports from — a workstation, a server, or an unpacked firmware image. Fleet rolls every binary up to the hosts that run it, so a single CVE shows exactly how many hosts are impacted.
Self-hosting and on-prem deployment are an Enterprise feature — fleet collectors and the full stack run on your infrastructure. Pro and Free run on our hosted cloud.
Directly. The CRA requires a machine-readable SBOM and documented vulnerability handling for every product with digital elements sold in the EU — reporting obligations start September 11, 2026, and the full obligations apply from December 11, 2027. openbinary reads the shipped artifact itself: unpack the firmware, identify every component even in stripped binaries, attach CVEs, export the SBOM, and diff it release over release. Talk to sales for a CRA readiness report on your firmware.
Still deciding?
Drop a binary — the report is the fastest answer. No account, no card, nothing executes.
Analyze a binary