Security checks for your domain
No login. No account. Enter your domain and get results in seconds.
SPF Record Checker
Verify who is authorized to send email from your domain. Prevents email spoofing.
Check SPF →DKIM Checker
Check your email cryptographic signing. Proves emails actually came from you.
Check DKIM →DMARC Checker
Inspect your DMARC policy. Controls what happens when email authentication fails.
Check DMARC →MX Record Lookup
Inspect your mail exchange records, priorities, PTR validation, and misconfigurations.
Lookup MX →Email Blacklist Checker
Check if your domain or IP is on spam blacklists that could block your emails.
Check Blacklists →Domain Expiration Checker
Find out when your domain expires. Expired domains can be hijacked by attackers.
Check Expiration →SSL/TLS Checker
Verify your website certificate is valid, trusted, and not close to expiry.
Check SSL →Open Port Scanner
Find exposed services and risky open ports — RDP, MySQL, FTP — with plain-English risk explanations.
Scan Ports →HTTP Security Headers
Check if your website sets critical security headers that protect visitors.
Check Headers →DNS Health Check
Audit all DNS record types — A, AAAA, MX, TXT, CNAME, NS, SOA. Flags misconfigurations and email security gaps.
Check DNS →Subdomain Exposure Scanner
Discover exposed admin, dev, and staging subdomains via brute-force and certificate transparency logs.
Scan Subdomains →Dark Web Monitoring
Continuous monitoring of dark web forums, paste sites, and breach databases for your domain credentials. Automated alerting when new exposures are found.
Learn More →Exposed Credentials Monitoring
Monitor employee email addresses in credential dumps and breach databases. Get alerted when staff credentials appear in the wild — before attackers use them.
Learn More →M365 Tenant Detection
Confirm if your domain uses Microsoft 365. Checks MX, autodiscover, MS= TXT records, and OpenID config.
Detect M365 →Legacy Auth Exposure Checker
Detect if your M365 tenant allows legacy authentication — a common ransomware vector that bypasses MFA.
Check Legacy Auth →Conditional Access Assessment
8-question assessment of your MFA enforcement, device compliance, and access control policies.
Start Assessment →Admin Audit Assessment
8 questions on admin account hygiene, audit logging, privileged access, and Microsoft Secure Score.
Start Assessment →HIPAA Readiness Assessment
10 questions covering PHI access controls, encryption, audit logging, BAAs, and breach notification.
Start Assessment →SOC2 Gap Assessment
10 questions checking SOC2 Trust Services Criteria — access controls, monitoring, change management, and more.
Start Assessment →Cyber Insurance Readiness
10 questions based on what underwriters actually ask. Know where you stand before you apply.
Start Assessment →Endpoint Security Assessment
Check antivirus coverage, MFA enforcement, encryption, screen lock, and device management. Pass/Warn/Fail.
Start Assessment →Patch Compliance Assessment
8 questions on OS patching, application updates, EOL systems, firmware, and patch management tooling.
Start Assessment →