Teams & tiers
How collaborative team workspaces with RBAC and a shared AI budget relate to the individual and team subscription tiers that govern your limits.
Two dimensions: who and how much
Two related ideas control collaboration and limits on Rank:
- Teams are collaborative workspaces where several people share pentests, agents and budget.
- Tiers are subscription plans that set the limits applied to an individual account or to a team.
They are independent: your personal tier governs what you can do alone, while a team’s tier governs what the team can do together.
Teams
A team is a shared workspace. Pentests, agents and tokens created in a team context belong to the team rather than to a single member, so work survives membership changes.
Roles and permissions (RBAC)
Access inside a team is governed by role-based access control. The owner always has full access; other members are granted roles whose permissions decide what they can do — for example, who can run pentests, manage agents, or triage and assign vulnerabilities. A request is allowed only if the team’s tier includes the feature and the member’s role grants the permission.
Invitations
Members join through invitations sent by the team. The number of members a team can hold is capped by the team’s tier.
Shared AI budget
A team has a single shared AI budget that all members draw from. For a Business team the pool is computed automatically as a per-member allowance multiplied by the member count, and it recalculates whenever the roster changes. Enterprise teams can set the budget manually or run unlimited. When usage exceeds the pool, further operations are blocked unless on-demand spending is enabled.
Tiers
Tiers come in two families. A user is always on an individual tier; a team is always on a team tier.
| Family | Tier | Notes |
|---|---|---|
| Individual | Casual | Free entry tier |
| Individual | Pro | Paid individual plan |
| Individual | Ultra | Top individual plan |
| Team | Business | Standard team plan |
| Team | Enterprise | Custom team plan |
Only Pro and Ultra users can create teams, and user-created teams are always Business; Enterprise is provisioned by Rank. A team’s tier is independent of its owner’s personal tier — if the owner downgrades, the team keeps running on its own plan.
What each tier governs
Tiers set the ceilings on the resources you can use:
| Resource | Casual | Pro | Ultra | Business | Enterprise |
|---|---|---|---|---|---|
| Pentests / month | 5 | 50 | Unlimited | 200 | Unlimited |
| Custom agents | 0 | 5 | Unlimited | 20 | Unlimited |
| API tokens | 0 | 3 | Unlimited | 10 (pool) | Unlimited |
| Members per team | — | — | — | 10 | Unlimited |
| Monthly AI budget | $5 | $50 | $200 | $20 / member (pool) | Custom |
| On-demand spend | No | Yes | Yes | Yes | Yes |
A few consequences worth highlighting:
- Casual cannot create personal API tokens or custom agents — its
0limits mean those features are off. See Authentication & API tokens. - Individual vs team pools are separate. A Pro user in a Business team can hold up to 3 personal tokens and contribute to the team’s pool of 10; neither pool draws from the other.
- Vulnerability collaboration is gated by tier. Assigning findings to members and CI/CD features like bulk triage and quality gates require team tiers (Business or above); webhooks are Enterprise-only.