Passive IT Risk Report

Get a clear IT security risk score for your company in minutes.

Passive, non-intrusive analysis for email security, TLS configuration and web security headers. No active scanning. Management-ready PDF with prioritized fixes.

Executive Report ($99)

We only use this to share the sample link and product updates.

  • Passive-only checks - no port scans or intrusive probes.
  • Email security (SPF/DMARC) + TLS + web headers in one score.
  • Management-ready PDF with business impact and 30-day actions.

Sample Output

Risk Score 72

Moderate

Passive only

Top Risks

  • - DMARC policy missing (invoice fraud risk)
  • - HTTP not forced to HTTPS
  • - HSTS and CSP headers absent

Email Security

58

Transport

80

Web

70

How it works

3 steps to your risk report

Enter your domain

No login required. We normalize and validate your hostname (IDN-safe).

Passive assessment

DNS, HTTPS/TLS handshake, HTTP headers, and redirects only.

Download PDF

Executive-ready report with prioritized fixes and evidence.

What's inside

Checks we run

  • - Email Security: SPF, DMARC policy, MX presence, DKIM note.
  • - TLS: HTTPS reachability, certificate validity, expiry countdown.
  • - Web Security: HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Server header.
  • - Hygiene: HTTP->HTTPS redirect, www/non-www consistency, homepage status.

Management-ready PDF

Executive summary, category scores, top 3 risks, and a 30-day action plan. Detailed findings include evidence, business impact, and remediation steps.

View pricing

Passive assessment - No port scans - No Shodan

Pricing

Choose your report

Free for top 3 risks; upgrade for full PDF and prioritized fixes.

LemonSqueezy handles payments (Merchant of Record). No company required.

Free

$0

  • - Overall + category scores
  • - Top 3 findings
  • - 24h cache

Executive

Best for mgmt

$99

  • - Executive summary (1 page)
  • - Business impact + evidence
  • - 30-day action plan
  • - Full findings (10-20)
  • - PDF (6-10 pages)

Pro (optional)

$49

  • - Full findings + evidence
  • - Prioritized remediation
  • - PDF (5-8 pages)

Guarantee: If we can't generate a report for your domain, you'll be refunded automatically.

Trust

Designed for teams without a SOC

  • - Passive analysis only - safe to run without approvals.
  • - Clear, management-ready wording for stakeholders.
  • - Cache keeps costs low; 24h reuse on the same domain.
  • - Built for IT Managers, SysAdmins, and founders who need a management-ready summary.

Sample report

See what your leadership will receive: executive summary, category scores, and prioritized remediation.

View sample PDF

FAQ

Is this a penetration test?

No. It is a passive security assessment using public signals only.

Do you scan ports?

No. We only inspect DNS, HTTPS/TLS handshake, HTTP headers, and redirects.

How accurate is it?

Findings reflect best-practice configuration from passive data - no exploitation attempts.

How long does it take?

Typically 10-30 seconds. Paid users get cached results instantly when available.