Im on Tier 4 (unlimited websites). Plugin works great, it replaces plugins like malware scanner, firewall and limit login attempts. All in one solution. For this part - 5 tacos.

Main problems that I can see when I want to protect my customers websites. Someone noticed the same issues like me, here, in other reviews:
1. to see websites in the WP Security Ninja Admin Dashboard (Websites tab) this website MUST have the same email address as you registered as a WPSN customer/login. If your customers (their websites) will have own email in the WP settings (which is most obvious scenario) this customer's website wont be visible here, so you can't manage (activate/deactivate) license usage on that website.
2. you have only one license code for unlimited websites, when you click in - you will see how many websites in fact uses that license code. With point #1 it may give you different results - on Websites tab you will se 10 websites (that have your email address in WP settings) and here, in license details you may see 100 sites (because your customers copied license code and used it in other owned websites without your knowledge)
3. yes, it is possible to copy license code because your customer seeing "Account" tab in their WP Dashboard and may copy license code and use it elsewhere. To avoid that situation you should go to your license, set option "This license is activated on my client site" AND use "restrict sites" to whitelabel all websites that belongs to your clients that paid for license access. Then, account tab will switch to the mode where your details (and license code) is hidden/asterisked.
Much easier would be if one license is per one website, no matter what was email address associated with that site. You just generate new license for each new website or deactivate license when customer not paying.

4. last but not least - whitelabel option is... complicated and confusing. When you install plugin on your customer website, after plugin and license activation you must go to the "Whitelabel" tab (in customer's WP Admin) and turn on this feature (and hange names, logo etc). It means that your customers must give you admin rights to its website. It means also that you must replicate this procedure with every customer. Other plugins works like this - I can personalize/whitelabel plugin details in plugin account dashboard and when I download it (or my customer downloads it) it is already whitelabeled.

And because of that complications -1 taco so total score is 4 tacos.