Pricing

One platform for STIGs and cyber regulation

The public STIG catalog stays free for everyone. Upgrade when you are ready to act on it. Build custom lists, export to your toolchain, drive your own automation through the API, and track US cyber regulation alongside your STIGs.

Choose your plan

Every paid plan includes the Combined Role Library and full API access. Annual commitment, billed quarterly. The public STIG catalog remains free for everyone.

Not sure which plan? Start Free, no credit card, and upgrade anytime from your account page. Your org, teammates, and saved lists come with you.

No Cost

Free

$0/forever

STIG library, Dashboard, O*NET, NICE, and default save lists. View everything, no credit card.

  • STIG Library + Dashboard
  • O*NET Role viewing
  • NICE Work Role viewing
  • Default save lists (My STIGs, My Roles)
  • Org & teammate invites
  • STIG-update email alerts
Start free →

STIGViewer

$1,500/year (billed quarterly at $375)

STIG Library, custom lists, exports, and API access

  • STIG Library
  • Combined Role Library
  • API Access
Upgrade →

RegGenome US-Cyber

$2,500/year (billed quarterly at $625)

Cyber regulatory intelligence from US agencies

  • RegGenome US-Cyber
  • Combined Role Library
  • API Access
Upgrade →
Best Value

OpenControls Complete

$3,500/year (billed quarterly at $875)

Everything: STIGs, RegGenome, and O*NET

  • STIG Library
  • RegGenome US-Cyber
  • Combined Role Library
  • API Access
Upgrade →
Why upgrade

What a paid plan unlocks

Free is for reading and saving. Paid is for acting: automating, exporting, and tracking regulation across your whole team.

Custom lists & collections

Group STIGs, roles, and controls into named, shareable lists with tags and color coding, beyond the default My STIGs / My Roles you get free.

Excel, JSON & CKLB exports

Take any STIG into your audit workpapers, POA&M templates, or GRC platform in the format your toolchain already speaks.

Full API access

Pull STIG, role, and regulatory data into your CI/CD pipelines, dashboards, and governance tools through documented endpoints with stable IDs.

US cyber regulatory feed

RegGenome ingests FedRAMP, CMMC, NIST, and CISA publications and surfaces the cyber-relevant passages your compliance team actually needs to read.

Framework & signpost mapping

Every regulatory item is cross-mapped to NIST CSF and other frameworks, so you can reconcile new rules against the controls you already run.

Combined Role Library

Map STIGs and regulations to O*NET occupational roles to identify who is responsible for each control before you assign the work.

Questions

Billing, access, and getting started

Is the STIG catalog really free?
Yes. Browsing the full DISA STIG library, viewing findings, the STIG Dashboard, O*NET and NICE role detail, and saving to your default lists are all free, no credit card required. Paid plans add custom lists, exports, the API, and RegGenome regulatory intelligence.
How am I billed?
Paid plans are an annual commitment, invoiced quarterly. The STIGViewer plan, for example, is $1,500/year billed as $375 each quarter. One invoice, one team, one set of credentials.
What does "API access" unlock?
Programmatic access to the same STIG, role, and regulatory data you see in the app (findings, severity, fix text, check content, role mappings) through documented REST endpoints with stable IDs, ready to wire into your pipelines and dashboards.
Can I upgrade later without losing my work?
Yes. Start Free, create your org, invite teammates, and save what you find. Upgrade anytime from your account page and everything you have built carries over. Nothing is lost on the way up.
Why is OpenControls Complete the best value?
Complete bundles the full STIGViewer plan and RegGenome US-Cyber into a single $3,500/year subscription. Bought separately the two plans total $4,000/year, so Complete saves $500 a year and consolidates everything onto one invoice.

Ready to get started?

Create your account, choose a plan, and start building your compliance library in minutes. Or keep browsing the catalog free, no sign-in required.