See your exposure in 90 seconds. Passively. Lawfully. Free.
Enter your business domain. We’ll run a live, public-source review of your DNS, email trust posture, and externally visible signals.
- Passive only. No login attempts, no exploitation, no intrusive scanning.
- Public sources only. Same information any visitor on the internet can see.
- Nothing stored. Results stay in your browser unless you request the PDF.
- No exploit detail, ever. Findings are framed for a leadership reader.
Reviewing โ
Public-source checks are running. Deeper checks are queued for the validation tier — we don’t touch your systems without written authorization.
External Risk Preview — โ
This is a passive preview, not a confirmed finding. Severity estimates reflect what is visible from public sources only. Confirmation requires an authorized validation engagement performed under written scope.
Add a single passive page load — checks the Tier A run cannot reach.
We open your site the way any visitor would, then read what came back: TLS posture, HSTS, Content Security Policy, frame-ancestors, cookie hygiene, information disclosure, mixed content, and a basic technology fingerprint. One page load. No probing. No authentication. No enumeration.
Verification link sent.
We’ve emailed a one-time link to the address you provided. Click it within 30 minutes and the deeper preview will run and appear here, alongside the Tier A results. You can close this tab; the link works from any browser.
Running deeper analysis…
One passive page load, parsing headers and posture signals. Usually 3–6 seconds.
Where should we send the briefing?
We send the PDF to your work email and a short follow-up from a named advisor. Not a sales sequence.
Based on what we saw, this is what we’d recommend next.
Prefer to talk first? Request a 20-minute briefing — no pressure, no follow-up sequence.