For large enough enterprises, $1M a month is similarly irrelevant.
Should security pricing only be accessible to businesses over a certain size?
A monthly price floor on services like this is trash. It’s pay-what-you-use, so it should scale evenly down to $0, just like lambda or network transfer usage costs.
To be fair, you are ALWAYS using a security device even if your instance should not be doing anything. You want to know when something malicious is incoming from the internet, or when suddenly that malware calls out to a C2 server. You may think your instances are being quiet, but, that is why you have security tools for the abnormal behaviors and those can happen at anytime.
Similarly, the instance is ALWAYS connected to the internet, but I only have to pay for what I transfer. Same with Lambda and S3 and everything else AWS sells (except a few weird exceptions like this).
Should security pricing only be accessible to businesses over a certain size?
A monthly price floor on services like this is trash. It’s pay-what-you-use, so it should scale evenly down to $0, just like lambda or network transfer usage costs.