.png)
Frameworks, core principles and top case studies for SaaS pricing, learnt and refined over 28+ years of SaaS-monetization experience.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
In today's rapidly changing threat landscape, security software providers are rethinking their pricing strategies to better align with customer value and outcomes. Two models have emerged as particularly significant for security SaaS companies: asset-based pricing and incident response pricing. Understanding these approaches is crucial for both providers looking to optimize revenue and customers seeking the right security investments.
The Evolution of Security SaaS Pricing
Traditional security software pricing has typically followed subscription models based on users or flat rates. However, as security threats become more sophisticated and businesses face varying levels of risk, the industry is shifting toward more nuanced pricing strategies that better reflect both usage patterns and value delivered.
Asset-based and incident response pricing represent this evolution, offering more flexible frameworks that can adapt to different organizational needs while providing clearer ROI metrics for security investments.
Asset-Based Pricing: Aligning Costs with Protection Scope
Asset-based pricing directly connects fees to what's being protected. Under this model, customers pay based on the number and types of assets requiring security monitoring and protection.
How Asset-Based Pricing Works
With asset-based pricing, security SaaS providers charge according to quantifiable elements such as:
- Number of endpoints (servers, workstations, mobile devices)
- Data volume protected or monitored
- Number of applications covered
- Cloud resources secured
According to a 2023 Gartner report, nearly 65% of enterprise security SaaS offerings now incorporate some form of asset-based pricing component, up from just 38% in 2019.
Benefits of Asset-Based Pricing
For customers, this model offers several advantages:
- Predictability: Costs scale in direct proportion to infrastructure
- Fairness: Organizations only pay for what they need protected
- Budgeting clarity: Easier to forecast security costs during growth
- Customization: Can tiered pricing based on asset criticality
For vendors, asset-based models provide stable, predictable revenue that grows with customer expansion.
Challenges of Asset-Based Pricing
Despite its benefits, asset-based pricing presents some challenges:
- Defining what constitutes an "asset" can be complex in hybrid environments
- May create friction during customer growth if pricing jumps significantly
- Can be harder to demonstrate direct value compared to outcome-based models
Incident Response Pricing: Paying for Outcomes
Incident response pricing represents a more outcome-focused approach, where customers pay based on security events requiring intervention or the value delivered when threats are neutralized.
How Incident Response Pricing Works
This model typically involves:
- Base subscription fee for the security platform
- Variable costs based on incidents detected, remediated, or prevented
- Tiering based on incident severity or response complexity
- SLA-based guarantees with financial penalties for missed metrics
A 2023 Forrester analysis found companies using incident response pricing reported 28% higher satisfaction with their security investments, attributing this to clearer value demonstration.
Benefits of Incident Response Pricing
This approach offers compelling advantages:
- Direct value alignment: Costs correlate with actual security outcomes
- ROI clarity: Easier to demonstrate return on security investment
- Shared risk: Vendors have skin in the game for performance
- Scalability during crises: Resources can be surged during major incidents
For vendors with strong capabilities, this model can drive premium pricing while creating stickier customer relationships.
Challenges of Incident Response Pricing
The incident response model isn't without complications:
- May create unpredictable costs for customers during major security events
- Can incentivize over-classification of routine events as incidents
- Requires sophisticated tracking and measurement systems
- May create perverse incentives if not carefully structured
Hybrid Approaches Gaining Traction
Many leading security SaaS providers are now implementing hybrid pricing models that combine elements of both approaches. According to IDC, 47% of enterprise security vendors now offer hybrid pricing options.
A typical hybrid model includes:
- Core asset-based subscription: Covering baseline protection for the entire asset inventory
- Incident response tiers: Additional fees for actual security incidents handled
- Outcome guarantees: SLAs with financial remedies for missed metrics
This balanced approach helps address the limitations of each individual model while providing both predictability and value alignment.
Case Study: CrowdStrike's Evolution
CrowdStrike, a leader in endpoint protection, exemplifies this pricing evolution. Initially using a pure per-endpoint model (asset-based), they've evolved to incorporate incident response components:
- Base per-endpoint subscription for their Falcon platform
- Tiered pricing based on modules and protection levels
- Incident response retainers and professional services
- Breach response guarantees with financial backing
This approach has contributed to their industry-leading retention rates exceeding 98%, according to their 2022 financial reporting.
Selecting the Right Pricing Model for Your Organization
When evaluating security SaaS offerings, organizations should consider several factors to determine which pricing model best fits their needs:
- Asset predictability: Organizations with stable infrastructure may benefit from asset-based models
- Risk profile: High-risk industries might find more value in incident response models
- Budget certainty: Teams requiring predictable spending should lean toward asset-based approaches
- Value demonstration: Organizations needing to justify security investments might prefer outcome-based models
- Growth plans: Fast-growing companies should consider how pricing scales with expansion
The Future of Security SaaS Pricing
Looking ahead, several trends are emerging in security software pricing:
- AI-adjusted pricing: Rates that flex based on AI-predicted risk levels
- Value-sharing models: Vendors taking a percentage of demonstrated security savings
- Zero-trust pricing: Costs aligned with zero-trust architecture implementation
- Compliance-aligned pricing: Fees structured around regulatory requirements
Conclusion: Finding the Right Balance
The evolution of security SaaS pricing reflects a maturing market that increasingly focuses on demonstrable value rather than simply selling features. Whether asset-based, incident-focused, or a hybrid approach, the ideal pricing model should align security costs with business outcomes while providing appropriate incentives for both customer and vendor.
For security professionals evaluating solutions, understanding these pricing models is essential for making informed decisions that not only protect their organizations but also deliver clear return on investment. As threats continue to evolve, expect pricing models to further refine, creating even stronger connections between security investments and the business value they deliver.