Security Posture Scanner
Enter a domain to check its public security hygiene. Plain-language results, no jargon.
Findings mapped to the frameworks above, in plain language. Built by a risk & GRC practitioner. How it works →
We tell you what our scan can and can't see — and why. No vanity scores.
Go deeper
Tiers of depth, entered from here — pick what fits, in any order.
Self-assessment
FreeCheck the practices only you can see — your internal cyber hygiene — against the NIST CSF 2.0 functions.
Start the self-assessment →Cyber Essentials readiness
Free · UKSee whether you'd pass the UK's baseline certification — the five controls in plain English. Sign in and we cross-check your answers against your own scans, flagging the gaps a real assessor would catch.
Check my readiness →Exposure check
Email sign-inSee your site the way an attacker does — which services are reachable from the open internet, and what to do about them.
Sign in to run a check →In-depth vulnerability scan
VerifiedA full nmap + nuclei scan, every finding explained in plain language and mapped to security frameworks. For a website you've verified as your own.
Verify & request a scan →