Simple, Transparent Pricing

Every plan includes a 14-day free trial. No credit card required to start.

Monthly Annual 2 months free

Essential

For individual engineers
£29 /month
  • Monitor up to 5 vendors
  • Email alerts within 2 hours
  • CVSS scoring & severity
  • CVSS score threshold filter
  • Remediation guidance
  • CISA KEV exploitation flag
  • Alert history dashboard
  • Notes & status tracking on alerts
  • Custom webhook (PagerDuty, Zapier…)
  • Instant or daily digest delivery
Start Free Trial

Professional

For OT security leads
£59 /month
  • Unlimited vendors & products
  • 1-hour alert cycle
  • Weekly digest email
  • Sector filtering
  • KEV priority banner in alerts
  • Slack & Teams webhook alerts
  • Monthly PDF compliance reports
  • REST API access
  • Siemens vendor-native feed
  • Asset inventory — track your OT devices
  • Compliance deadline tracker
  • Shodan exposure indicator
  • Peer benchmarking
  • Everything in Essential
Start Free Trial

Team

For security teams & MSSPs
£99 /month
  • Everything in Professional
  • Up to 5 team email recipients
  • Acknowledgement workflow
  • Full compliance audit trail & CSV export
  • Priority support

Monthly compliance reports suitable for NERC CIP, IEC 62443 & NIS2 documentation.

Start Free Trial

Agency

For MSSPs & consultants
£249 /month
  • Everything in Team
  • Manage up to 50 client accounts
  • One-click client context switching
  • Per-client watchlists, alerts & assets
  • Per-client compliance reporting
  • Dedicated account support
Contact Us
All plans include a 14-day free trial. Cancel any time from your account page.
What You'll Receive

This is what a real alert looks like

Delivered to your inbox within hours of CISA publishing. Filtered to your equipment only.

⚠ KNOWN EXPLOITED IN THE WILD — CISA KEV
CVE-2023-38545 confirmed as actively exploited  ·  Professional & Team plans
🔴 CRITICAL SEVERITY — ICS SECURITY ADVISORY
Siemens SIMATIC S7-1500 Remote Code Execution
ICSA-23-299-01 · Published 26 October 2023
Matched because: Vendor match: Siemens
9.8
CVSS Score
3
CVEs
YES — KEV
Known Exploitation
Affected Products
Vendor Product Versions
Siemens SIMATIC S7-1500 All versions < V3.0.2
What To Do
  • Update to SIMATIC S7-1500 firmware V3.0.2 or later
  • Restrict network access to affected devices
  • Apply defence-in-depth measures per ICS-CERT guidelines
View Full CISA Advisory →
OTWarden · Manage watchlist · Unsubscribe

The red KEV banner is shown on Professional & Team plans when a CVE has confirmed exploitation in the wild.

How does OTWarden compare?

There are three ways to track ICS vulnerabilities. Here's how they stack up.

Manual CISA Checking OTWarden Enterprise Platforms
(Dragos, Claroty)
Cost Free (your time) From £29/mo £50,000+/yr
Alert speed When you remember to check Within 2 hours Real-time
Filtered to your equipment ✗ Every advisory ✓ Your vendors & products ✓ Asset-based
KEV exploitation flags ✗ Manual cross-reference ✓ Automatic ✓ Yes
Vendor-native feeds
(before CISA republishes)		 ✓ Siemens ProductCERT ✓ Multiple
Compliance reports ✗ DIY ✓ Monthly PDF (Pro/Team) ✓ Yes
Asset inventory matching ✓ Pro/Team ✓ Yes
Compliance deadline tracking ✗ Spreadsheet ✓ Built-in ✓ Yes
Multi-client management (MSSP) ✓ Agency — up to 50 clients Varies
Setup time 0 min (bookmark) ✓ 5 minutes Weeks (procurement + onboarding)

FAQ

What happens when my trial ends?
You'll be prompted to choose a plan. Your watchlist and alert history are preserved — you just stop receiving new alerts until you subscribe.
Can I change plans later?
Yes. Upgrade or downgrade any time from your account page. Changes take effect immediately, and billing is prorated.
How do I cancel?
Click "Manage Billing" on your account page. You can cancel your subscription there. You'll keep access until the end of your current billing period.
Is my payment information secure?
We never see your card details. All payments are processed by Stripe, which is PCI Level 1 certified — the highest level of security in the payments industry.
Do you offer annual pricing?
Yes — toggle to Annual at the top of the pricing page to pay yearly and get 2 months free (a 17% saving). Annual billing is billed as a single charge at the start of your subscription year.
Can OTWarden support NERC CIP or IEC 62443 compliance?
Yes. Professional and Team subscribers receive a monthly compliance report (PDF) documenting every advisory matched to their watchlist — including severity, CVE IDs, CVSS scores, and remediation status. You can also set per-alert remediation deadlines and export a full audit trail as CSV. This provides an auditable record of vulnerability awareness and response activity suitable for NERC CIP, IEC 62443, and NIS2 evidence requirements.
What is asset inventory matching?
On Professional and Team plans, you can log your OT/ICS devices (vendor, product, firmware version, and location). When you open an alert detail page, OTWarden automatically highlights which of your specific assets are affected by that advisory — so you know immediately which plant floor equipment needs attention.
Can I use OTWarden to manage multiple sites or clients?
Yes — the Agency plan is built for exactly this. Manage up to 50 client accounts under one subscription, switching between client contexts with one click. Each client has their own isolated watchlist, alert history, and asset inventory. Ideal for MSSPs, OT security consultants, and organisations with multiple operational sites.