Security you pay more for the moment you're attacked is priced backwards.
Usage-metered tooling bills per API transaction, per query, per analyst seat, so the invoice climbs as your fleet grows and spikes exactly during the incident, when you can least afford to ration a hunt. Against always-on telematics from every machine in the field, a meter is a number you cannot forecast, and farming already carries enough per-acre, per-season line items nobody can predict.
whisper verify --trustless costs nothing and needs no account: our own API is not in the trust path.
A meter that climbs with your fleet, and spikes when you're attacked, isn't a price. It's a risk.
Two curves. One rises with every machine you add, every API call, every query your analysts run chasing a rotating adversary, and peaks precisely during the incident. The other is a flat line you set once and forecast for years.
Per-machine, not per-transaction
Priced to the thing you actually govern, the machine, so a busy season or a noisy incident never moves the invoice. Add a machine line, extend a program, weather an attack: the figure holds.
Attribution is never metered
Run identify, walk, history and Cypher as hard as an incident demands. No per-query tax means your analysts never ration a hunt while a rotating adversary keeps working.
Additive, not another bill
It sits on top of the SOC, SIEM and threat-intel you already own as a feed: no per-analyst-seat licence, no data-egress fee, no new console to staff.
Start keyless and free. Prove it on a slice. Roll it across the fleet, flat the whole way.
POC → pilot → enterprise, exactly the path a security program buys on. Every tier speaks the same address-is-identity primitive; you're only widening how much of the fleet it covers, never re-platforming.
Free, forever
$0
No account. No card. No key.
The keyless half of the platform: trustless and anchored at the IANA root, our API never in the path:
- ✓
whisper verify --trustlessany machine identity - ✓ Resolve and reverse-resolve a /128, read its RDAP
- ✓ Back-trace a suspicious
/128to the machine behind it: reverse-DNS + RDAP, no key
Flat engagement
Fixed scope
A bounded fleet slice, time-boxed, one flat price.
Everything in Verify, keyed to a defined machine count so a program owner can prove value before the board:
- ✓ Provision machine identities from the device key for the slice
- ✓ Full attribution graph: unmetered during the pilot
- ✓ Machine-readable feed into your SIEM: Splunk & Microsoft Sentinel today (STIX 2.1 / TAXII on the roadmap)
- ✓ ISO 24882 / Data Act evidence export · Ag Data Transparent trail
Flat per-machine / year
Fleet quote
One rate, quoted to your fleet size. It doesn't move.
The whole program, all three planes, across every machine: the way a CISO buys defence-in-depth:
- ✓ Identity, attribution graph and agent governance, fleet-wide
- ✓ Unlimited attribution: no per-query meter, ever
- ✓ On-prem or your own tenant: data sovereignty by construction
- ✓ Enterprise support and SLA, supplier interface agreements
Why a quote, not a sticker. A fleet price is one number, but the right number depends on fleet size, on-prem vs tenant, and the standards evidence you need, so we quote it flat and in writing, and it holds for the term. No usage true-ups, no surprise line at renewal. Get a fleet quote →
The same platform, at three widths. Nothing behind the paywall is the security itself.
The keyless verification a farmer, a regulator or a researcher needs to check a machine's identity is free at every tier, on principle. The keyed tiers widen coverage and feed your stack; they never gate the ability to verify.
| Capability | Verify | Pilot | Fleet |
|---|---|---|---|
Trustless verify / resolve / RDAP (whisper verify --trustless) | ✓ | ✓ | ✓ |
| Trace a /128 to the machine behind it (reverse-DNS + RDAP) | ✓ | ✓ | ✓ |
Full attribution graph (identify, origins, walk, history, Cypher) | – | fleet slice | unlimited |
Machine-identity provisioning (register /128, DANE-EE, revoke) | – | fleet slice | fleet-wide |
Agent governance (per-agent /128, policy, op:logs) | – | fleet slice | fleet-wide |
| SIEM feed: Splunk & Microsoft Sentinel connectors today · CEF/ECS | – | ✓ | ✓ |
| ISO 24882 / Data Act evidence · Ag Data Transparent trail | – | ✓ | ✓ |
| On-prem / own tenant (data residency, sovereignty) | – | – | ✓ |
| Enterprise support & SLA · supplier interface agreements | – | pilot support | ✓ |
| Metered by usage (per transaction / query / seat / acre) | never | never | never |
The ROI isn't a promise: it's four costs the flat line takes off your books.
A predictable figure is only half the case. The other half is what it removes: analyst hours, incident blast radius, audit effort, and re-platform risk.
Analyst hours you stop burning
Correlating a rotating, meaningless last IP across Amazon, Google and Azure is manual, and it never converges. The graph collapses the rotation to one operator with a replayable evidence chain: the hours go back to your SOC, and the meter never punishes them for looking harder.
Harvest-window exposure
Agriculture's incidents land on a calendar: a ransomware attack halted an equipment maker's production in planting season 2022, and one processor paid $11M with a fifth of US meat behind it. Catching fleet-scale abuse before it becomes a seasonal outage is the difference between a revoke and a lost window: a flat line item hedges a variable-cost catastrophe.
One revoke, not a fleet lockout
A compromised machine is revoked worldwide at DNS-TTL speed: no fleet-wide credential reset, no dealer-network scramble, and the act is owner-thrown and publicly verifiable, never a covert lockout. The blast radius is one leaf key, never a shared root.
Audit effort you don't repeat
Findings arrive already mapped to ISO 24882 and Data Act evidence, with the per-identity who-accessed-what trail Ag Data Transparent presupposes. The compliance artefact is a byproduct of the tool, not a separate consulting line.
Re-platform risk you avoid
Agtech point solutions fold and strand their fleets. Whisper is real routable address space (AS219419), run by people who ran the internet's regional address registry and operated one of its root DNS servers. Longevity is the cheapest line in any TCO.
No shadow costs at renewal
No per-transaction true-up, no per-seat creep as your SOC grows, no data-egress fee. What you forecast in year one is what you sign in year three: the number a CFO can actually plan around.
A pricing model can be an attack surface. Ours isn't.
If security is metered, an adversary can run up your bill, and a defender rations their own hunt. We priced those failure modes out.
"If attribution is metered, do my analysts have to ration lookups in the middle of an incident?"
Never. The graph is unmetered on the keyed tiers: identify, walk, history and Cypher run as hard as the hunt demands. There is no per-query line for an attacker to inflate and none for a defender to fear.
"Does my bill spike when I'm under attack, or just when my fleet grows?"
Neither. The price is per-machine, set once, for the term. A traffic flood, an enumeration campaign, or adding a machine line moves your risk; it doesn't move the invoice. The meter that would have peaked during the incident simply doesn't exist.
"Is the free tier a real capability or a trap that expires into a sales call?"
Real, and permanent. Keyless verify is anchored at the IANA root: our own API is not in the trust path, so we couldn't gate it if we wanted to. Verifying a machine's identity is a public check, and a farmer's right to check their own machine is exactly the kind of thing that should never carry a price.
Straight answers, before the call.
What exactly is metered?
Nothing by usage. You pay a flat rate per machine, per year. No per-API-transaction charge, no per-query graph fee, no per-analyst seat, no per-acre premium, no data-egress bill. The only variable is how many machines the program covers.
Can I try it without procurement?
Yes: the Verify tier is free and needs no account. Run whisper verify --trustless today; resolve, reverse-resolve and read RDAP for any /128, no key. When you're ready to provision, a Pilot is a fixed, time-boxed engagement on a fleet slice.
What happens when my fleet grows?
The per-machine rate holds; the total scales linearly and predictably with machine count, quoted in writing for the term. No usage true-up, no renewal surprise, no penalty for a busy season or an attacked fleet.
Is this on top of my SIEM cost?
It's a feed into the SIEM and threat-intel you already run: the Splunk and Microsoft Sentinel connectors ship today. Not a replacement and not a second console to staff. It makes the tools you already pay for sharper.
On-prem or hosted?
Either. The Fleet tier runs on-prem or in your own tenant, so the graph and per-agent logs stay where your regulator, and your growers, need them: data residency and sovereignty by construction, at no metered premium.
What if I stop?
Identities are DNSSEC/DANE objects you can verify independently, and evidence exports are open formats (CEF, ECS; STIX on the roadmap). There's no proprietary lock on your own attestations, your growers' access records, or your compliance file.
Flat depth on top of the stack you already run: it doesn't replace a line, it de-risks the whole one.
You already pay for a behavioural SOC, a SIEM, and a threat-intel subscription, and you should keep them: Whisper is additive to all three. Where a rigid module bundle makes you buy packages you don't need and a per-transaction cloud makes the bill unforecastable, a flat per-machine line adds the two layers no one else owns, attribution across rotating clouds and forge-proof identity after auth, without a meter and without a new silo.
| Pricing model | Forecastable? | Meter spikes under attack? |
|---|---|---|
| Per-API-transaction / usage-metered cloud | hard | yes |
| Rigid multi-module bundle (six-figure floor) | partly | n/a: over-scoped |
| Whisper: flat per-machine / year | yes | no |
It makes the Recorded Future, Mandiant and Sentinel investments you already carry sharper, as a machine-readable feed, not a thing they compete with. See the full comparison →
One flat number. Every machine, covered.
Keyless verify is free forever: start there, no account. When you're ready, a fleet quote is one flat per-machine/year figure you can forecast and defend. No meter, no surprise at renewal.
Or run whisper verify --trustless right now: it costs nothing.