Pricing

One-time license for the app itself. Optional subscription tiers for daily CVE feed updates and team features. Free tier available — no credit card.

Free

$0

  • 3 hosts
  • Manual scans
  • Snapshot CVE feed (per release)
  • Community support
Download free

Free, no credit card. macOS 26+, signed and notarised.

Noxen 1.x

$79 one-time

  • 25 hosts
  • Scheduled nightly scans
  • Snapshot CVE feed
  • 14-day full-feature trial · 1 year updates included

Most homelabs run 5–15 hosts. 25 covers all of them with headroom.

Live Feed

$19 /month

  • 100 hosts
  • Daily CVE feed updates
  • Same-day coverage of newly-disclosed CVEs
  • Slack / Discord / Teams webhooks
  • Includes everything in Noxen 1.x

For people who want same-day coverage of new CVEs.

MSP / Team

$149 /month

  • 500 hosts
  • Multi-tenant host catalogs
  • SIEM export (Wazuh / Splunk / ELK / Loki)
  • Compliance mapping (CIS v8, SOC 2, ISO 27001)
  • Includes everything in Live Feed

For consultants managing multiple client fleets.

Year-2+ maintenance: $39/year, optional. The app keeps running if you skip it — you just stop getting new feature releases and feed-format bumps.

Side-by-side

Compare tiers

What you get in each tier, in one row-per-feature view.

  Free Noxen 1.x Live Feed MSP / Team
Price $0 $79 one-time $19/month $149/month
Host cap 3 25 100 500
Scheduled scans Manual only Nightly Nightly Nightly
CVE feed cadence Per-release snapshot Per-release snapshot Daily Daily
Slack / Discord / Teams webhooks Yes Yes
SIEM export (Wazuh / Splunk / ELK / Loki) Yes
Compliance mapping (CIS v8, SOC 2, ISO 27001) Yes
Multi-tenant host catalogs Yes
Support Community Email, business-day reply Email, business-day reply Email, business-day reply

Maintenance ($39/year, optional) applies to year-2+ continuation of any one-time license — it sits alongside the table rather than as its own column.

Frequently asked questions

Is the $79 a one-time purchase or a subscription?

One-time. Buy Noxen 1.x once, use it forever on the version you bought. Year 1 of updates is included. After that, maintenance updates are an optional $39/year; if you skip them, the app keeps running — you just don't get new features or feed-format bumps.

What's the difference between Noxen 1.x and Live Feed?

Noxen 1.x ($79) ships with a snapshot CVE feed that refreshes per release — typically every few weeks. Live Feed ($19/month) swaps that for a daily-updated feed, raises the host cap to 100, and adds Slack / Discord / Teams webhooks. If you need same-day coverage of fresh CVEs or more than 25 hosts, Live Feed is the right tier.

Is there a free trial?

Yes. Every 1.x license includes a 14-day full-feature trial — the app starts in trial mode on first launch and prompts you to activate at the end of the window. The Free tier (3 hosts, manual scans, snapshot feed) is not time-limited.

Do I need to run anything on my remote hosts?

No. Noxen is agentless — it connects over SSH using a key you already have and reads package inventory, sshd_config, authorized_keys, and a few other inspection points. No agent to install, update, or worry about when a host is decommissioned.

Does Noxen send my data anywhere?

No. Scan results live in your local SwiftData store on your Mac. Nothing is uploaded to Noxen servers — the only outbound traffic from the app is the signed CVE feed download and (if enabled) webhook deliveries to endpoints you configure. There is no shared dashboard URL, no public link, no telemetry on what you scan or find.

Why Developer ID rather than the Mac App Store?

The App Sandbox blocks access to ~/.ssh/config and raw sockets, both of which Noxen needs. Developer ID notarisation gives us the same Gatekeeper trust model without the sandbox limits. More detail here.