Feature
Every month, we run the full automated pipeline against your domain (or your vendors' domains). If something changes, you'll know.
DMARC, SPF, DKIM, DNSSEC, CAA, MTA-STS, BIMI selectors
Certificate health, expiry, protocol versions (TLS 1.0-1.3), cipher strength, weak ciphers
CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Permissions-Policy, Referrer-Policy
65+ common subdomains checked, Certificate Transparency log enumeration, subdomain takeover detection for 16 providers
.env, .git, package.json, yarn.lock, webpack-stats.json, SSH keys, server configs
Headless Chromium loads your pages, captures all network requests, detects 30+ tracking services firing before consent
CMP detection (Cookiebot, OneTrust, and 10 more), reject option analysis, TCF compliance
SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS detection from trust pages and privacy policies
HIBP breach database check for your domain
Detects whether your public endpoints enforce rate limits
S3, GCS, and Azure blob storage bucket enumeration
Framework detection from error responses, stack trace exposure in production
All of this runs automatically. You don't have to remember to check. If something changes (a new subdomain appears, a header gets removed, a TLS version gets deprecated), you'll see it in your next scan with a clear delta from the previous month.