SaaS product for instant website security insights. Enter a domain to get a detailed security report.
Features
Website Security Insights
Get instant security report cards for websites by entering the domain. It evaluates the security status and provides a score.
Secret Detection Agent
A feature called Securelog is announced, which acts as a secret detection agent.
Security Score
Reflects the overall security strength of a URL based on various security headers and configurations. A high score ensures better security.
Secrets Report
Identifies exposed potential secrets in the web page that might lead to security vulnerabilities.
HTTP Status Report
Checks the returned HTTP status code to ensure successful communication with the server.
Referrer Policy Report
Evaluates the presence or absence of the Referrer Policy header, contributing to potential information leaks.
X Frame Options Report
Assesses the X-Frame Options header, which prevents clickjacking by controlling the site framing.
X XSS Protection Report
Checks for the X-XSS Protection header which helps in protecting against cross-site scripting attacks.
Permissions Policy Report
Evaluates the Permissions Policy header to regulate the usage of features within a document or iframe.
X Content Type Options Report
Reviews the X-Content-Type-Options header, which stops MIME type sniffing to prevent drive-by downloads.
Content Security Policy Report
Examines the Content Security Policy to restrict resources from untrusted sources, mitigating XSS attacks.
Strict Transport Security Report
Assesses the Strict Transport Security header, enhancing security by enforcing HTTPS, mitigating man-in-the-middle attacks.
Security Score
The overall security score for the website is displayed, indicating the likelihood of potential security vulnerabilities.
First Hit Load Time
Measures the time it takes for the first hit to load, providing a performance metric for the website.
First Hit Size
Indicates the size of the first hit in bytes, providing insight into the initial data load.
SSL Report
Shows that the SSL/TLS certificate is outdated or inadequate, highlighting potential vulnerabilities. The report suggests upgrading for enhanced security.
HTTP Status Code
Displays the HTTP status code, which is 200, indicating the website is functioning and accessible.
Security Recommendations
Offers recommendations to improve security, such as implementing X-Frame-Options, Content-Security-Policy, and X-XSS-Protection.
Security Score
Provides an overall security score out of 100 for the website, indicating the site's security level.
Referrer Policy Report
Shows if a Referrer Policy is present, which controls the information sent with Referrer header during requests, enhancing security.
X-Frame Options Report
Indicates whether X-Frame Options are present, which prevents clickjacking by controlling the framing of the site.
X-XSS-Protection Report
Reports if X-XSS-Protection is present, which enhances security by preventing cross-site scripting attacks.
Strict Transport Security Report
Indicates if Strict Transport Security is present, enforcing the use of HTTPS to prevent man-in-the-middle attacks.
Content Security Policy Report
Shows if Content Security Policy is present, which restricts the resources the client can load, mitigating cross-site scripting and data injection attacks.
Secrets Report
Checks and reports on exposed secrets found within the webpage that could be potential vulnerabilities.
HTTP Status Report
Reports the HTTP status code to confirm if the website is responding as expected. A code of 200 indicates the request succeeded.
Permissions Policy Report
Reports the presence of Permissions Policy, which helps control browser features used in the document, potentially enhancing security.
X-Content-Type Options Report
Shows if X-Content-Type Options is present, which helps prevent MIME type sniffing, reducing the risk of drive-by downloads.