See what an attacker sees. Free.

An outside-in exposure report on your domain: open services, certificate health, mail security (SPF/DKIM/DMARC), exposed software versions, and a plain-English score. Five minutes. No card. No install.

Preview build. The scanning engine isn't connected to this site yet — submitting the form below demonstrates the verification flow but does not run a scan.

We only scan domains you prove you own. Verification is a hard gate in our platform — read how it works.

Step 2 — Prove you own your domain

Add either of the following, then click verify. Records usually propagate in minutes.

Option A — DNS TXT record

_instantciso-verify.example.com TXT "icv-XXXXXXXX"

Option B — Hosted file

https://example.com/.well-known/instantciso-verify.txt → icv-XXXXXXXX

What the free report covers

External attack surface

Every service your domain exposes to the internet — web, mail, remote access, databases that shouldn't be there.

Certificates & encryption

Expiring or misconfigured TLS, weak protocols, and the things browsers will start warning your customers about.

Mail security

SPF, DKIM and DMARC checked — the difference between your invoices being delivered and being spoofed.

Want it watched continuously, with a real human CISO reviewing it? Plans start at $149/month.