SaaSFort SaaSFort’s March 2026 update ships three changes that enterprise buyers and SaaS CTOs have been requesting: a letter-grade scoring system, annual pricing that saves up to 20%, and a scanner that now runs 60 checks across 21 categories in under 15 seconds.
Here’s what changed and why it matters for your next enterprise deal.
A–F Grade Scoring: One Letter That Tells the Story
Enterprise procurement teams don’t want to interpret raw vulnerability counts. They want a verdict.
SaaSFort now assigns every scan an A+ through F letter grade based on a weighted scoring formula. The grade maps directly to how procurement teams evaluate vendor risk:
| Grade | Score Range | What It Means |
|---|---|---|
| A+ | 95–100 | Excellent — exceeds enterprise requirements |
| A | 90–94 | Strong — meets all standard security checks |
| B | 80–89 | Good — minor improvements recommended |
| C | 70–79 | Needs improvement — several gaps to address |
| D | 55–69 | Weak — significant vulnerabilities present |
| F | Below 55 | Critical — immediate remediation required |
How the Score Is Calculated
Each of the 60 checks carries a severity weight: critical findings (10), high (7), medium (4), low (2), and passes (5). Informational findings are excluded. The final score is the ratio of earned weight to total weight, scaled to 100.
A sanity guard prevents impossible scores — if a scan finds 34 passes but reports 0/100, the system flags and rejects it. This guard was added after a transient network issue produced a misleading result during internal testing.
Why This Matters for Enterprise Sales
When your enterprise buyer asks “what’s your security posture?”, you can now answer with a single letter. A Grade B from SaaSFort tells procurement you’ve passed 80%+ of checks covering OWASP Top 10, SSL/TLS, security headers, DNS security, and API hardening — backed by a detailed report they can attach to their vendor assessment.
Compare that to sending a 40-page pen test PDF full of CVSS matrices. The grade is the executive summary that procurement needs; the full report is the evidence that InfoSec reviews.
Annual Pricing: Save Up to 20%
SaaSFort now offers annual billing across all paid tiers:
| Tier | Monthly | Annual | Annual Savings |
|---|---|---|---|
| Starter | €9/mo | €86/yr (€7.17/mo) | 20% |
| Growth | €19/mo | €182/yr (€15.17/mo) | 20% |
| Scale | €29/mo | €278/yr (€23.17/mo) | 20% |
For comparison: a single penetration test costs €5,000–€20,000 and gives you a point-in-time snapshot. SaaSFort Starter at €86/year gives you continuous monitoring with 60 automated checks — 365 days of coverage for less than a team lunch.
The free tier remains unchanged: unlimited scans on one domain with full results and an A–F grade. No credit card required.
Scanner Engine: 60 Checks, 21 Categories, Real-Time Streaming
The scan engine received a major upgrade. Here’s what it covers:
Check Categories
- SSL/TLS — certificate chain validation, cipher suite strength, expiry monitoring, HSTS enforcement, HSTS preload status
- Security Headers — CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, HSTS
- DNS Security — SPF, DMARC, DKIM, DNSSEC, MX validation, nameserver configuration
- Application Security — SQL injection probes, open redirect detection, sensitive file exposure, directory listing, HTTP method restrictions
- Infrastructure — HTTP/2 support, server banner exposure, cookie security flags, cache-control headers, error page information leakage
- Compliance — security.txt (RFC 9116), robots.txt configuration, well-known paths, technology fingerprinting
Real-Time SSE Streaming
Scans now stream progress in real-time via Server-Sent Events. You see 9 progress phases as the scanner works through each category — no more waiting for a blank screen to fill. The progress bar shows exactly which phase is running and the completion percentage.
NIS2 and ISO 27001 Compliance Mapping
Every finding is tagged with its NIS2 Article 21 control mapping and ISO 27001 Annex A reference. The Deal Report groups these by framework, so when an enterprise buyer asks “are you NIS2-compliant?”, you hand them a report that maps each check to the specific NIS2 requirement it addresses.
Mobile Report Improvements
Security reports are now fully responsive on mobile devices. Tables reflow without horizontal scrolling, and the grade visualization scales properly on screens down to 375px width. This matters when your champion shares the report link with their CISO on a phone between meetings.
What’s Next
The roadmap for Q2 2026 includes:
- CI/CD integration — trigger SaaSFort scans from your deployment pipeline
- PDF report download — branded PDF generation for offline sharing
- Multi-domain dashboard — manage all your domains from a single view
- NIS2 audit-ready export — structured evidence package for NIS2 compliance audits
Frequently Asked Questions
How is the A–F grade calculated?
Each check result carries a severity weight (critical=10, high=7, medium=4, low=2, pass=5). The score is the ratio of earned weight to total weight, scaled to 100. Grade bands: A+ ≥95, A ≥90, B ≥80, C ≥70, D ≥55, F below 55. Informational findings don’t affect the score.
What do the 60 checks cover?
The scanner tests SSL/TLS configuration, 6 security headers, DNS records (SPF, DMARC, DKIM, DNSSEC), sensitive file exposure, directory listing, SQL injection vectors, open redirects, HTTP methods, cookie security, server banner leakage, HTTP/2, error pages, cache headers, HSTS preload, security.txt, and technology fingerprinting. Each finding includes NIS2 and ISO 27001 compliance mappings.
Can I share my grade with enterprise buyers?
Yes. The grade is designed for procurement consumption. Share the grade as a quick summary and the full Deal Report as supporting evidence. Learn how to build a complete security evidence package around your scan results.
Is the free tier really free?
The free tier includes unlimited scans on one domain with full A–F grading, all 60 checks, and the complete scan report. No credit card, no trial expiry. Paid tiers add features like scan scheduling, multiple domains, and priority support.
How fast is a scan?
Most scans complete in under 15 seconds. Results stream in real-time via SSE, so you see findings as they’re discovered — not after a 15-second wait. Compare this to 4–8 weeks for a traditional pen test.
See your grade now. Run a free scan — 60 checks, A–F grade, under 15 seconds. No signup required.
Von der Theorie zur Praxis
Scannen Sie Ihre Domain kostenlos. Erste Ergebnisse in unter 10 Sekunden — ohne Registrierung.