Enterprise Overview
Secbez Enterprise — self-hosted deployment, Deep Scan with no caps, BYO-GPU, BYO-models, custom policy, framework hints, scoped per engagement.
Secbez Enterprise is for teams that need the scanner to run inside their own boundary, want to bring their own GPUs and models, or have requirements that don't fit a one-size-fits-all SaaS plan.
What you get with Enterprise
Deep Scan — no caps
Run scans without per-scan limits on files, candidates, LLM calls, graph depth, or time. The pipeline runs to completion at any repository size.
Self-hosted (Secbez-routed models)
Run the Secbez stack inside your VPC. Reasoning calls go to Secbez-managed model providers under our enterprise data-retention agreements — no GPUs to operate on your side.
Fully air-gapped
Bring your own GPUs and run open-source models inside your network. Scans are triggered via the CLI or local upload — no outbound model calls, no external webhooks. We recommend models that work well with our contracts during onboarding.
Bring your own models
Use any major hosted provider, OpenAI-compatible endpoint, or open-source serving stack. Mix per-step.
Customize the deployment
Per-step model routing, custom prompts, custom policy thresholds, custom framework hints, custom budgets, per-tenant configuration. Negotiable.
Security & privacy
Code stays in your boundary, secrets are redacted, audit trail is exportable.
Pricing tiers
Secbez ships in four license tiers. Enterprise is the tier that unlocks Deep Scan, BYO compute, and the customization surface described in this section.
| Tier | Deployment | Caps | Customization |
|---|---|---|---|
| Pilot | SaaS | Strict per-scan caps | Dashboard config only |
| Starter | SaaS | Standard caps | Dashboard config + per-rule policy |
| Growth | SaaS | Higher caps | Per-rule and per-path policy, webhooks |
| Enterprise | SaaS or self-hosted | No caps (Deep Scan) | Full customization, scoped per engagement |
When to choose Enterprise
- You need scans to run inside your own VPC, data center, or air-gapped network.
- You have a monorepo where SaaS budgets would truncate the result.
- You want BYO-key or BYO-model for LLM calls — for cost, data residency, or model-choice reasons.
- You want per-step model routing, custom policy thresholds, or framework hints for an internal framework.
- You need full dataflow on a language we don't yet ship dataflow for by default.
What is not different
Enterprise uses the same core pipeline, the same analysis, the same finding schema, and the same dashboard as SaaS. The difference is where the workloads run and how much you can extend.
Next steps
- Operators — see Deployment and Configuration.
- Security teams — Security & Privacy covers data flow, redaction, and audit.
- Platform / ML teams — BYO Models and BYO GPU.
- Application security teams — Deep Scan.