SaaSFort
Product Hunt launch external security scanner NIS2 founding member B2B SaaS

SaaSFort is live on Product Hunt: an external security scanner that grades any domain A-F in 60 seconds

SaaSFort runs 60 external security checks on your domain and returns an A-F grade plus an auditor-ready PDF in 60 seconds. Today we launch on Product Hunt with a founding-member offer.

S
SaaSFort
· 4 Min. Lesezeit

Today SaaSFort launches on Product Hunt. If you found this post from there, welcome. Here is exactly what the tool does, what it costs, and the offer for the first people who sign up.

Run a free scan on your domain right now. No account, no card, about 60 seconds.

What SaaSFort does

You type a domain. SaaSFort runs 60 deterministic checks against it from the outside, the same surface an attacker or an auditor sees, and returns an A-F grade plus a per-check breakdown. The first scan is free and needs no signup.

The 60 checks cover 21 categories:

  • TLS chain completeness and protocol version
  • Security headers: Content-Security-Policy, HSTS, X-Frame-Options, referrer policy
  • DNS records: DMARC enforcement, SPF, DKIM, DNSSEC, CAA
  • Certificate transparency logs and certificate expiry
  • Cookie flags, mixed content, source map exposure
  • Exposed admin and debug surfaces
  • JavaScript libraries checked against known CVEs

Every check is deterministic. It observes a condition and returns pass or fail. There is no machine-learning guesswork, so there is no pile of false positives to triage. A finding is a finding.

The grade is a published formula, not a black box

The grade is passed checks over total checks, rounded to a letter. Run the scan twice and you get the same grade. The pass and fail criteria for every check live in an open spec repository under an MIT license, so you can read the methodology and disagree with it instead of trusting a vendor’s word.

That matters because the output is meant to be handed to someone else. Which brings us to the reason most people use it.

Why we built it

Every B2B SaaS team selling into larger customers hits the same wall. An enterprise buyer sends a 200-question security questionnaire. A NIS2 supply-chain review books a 45-minute audit call. Suddenly the deal depends on proving your security posture, and the options are bad: pay €10k for a pentest the auditor did not actually ask for, buy a €5,000 to €50,000 per year GRC platform that documents internal controls but not external posture, or skip it and lose the deal.

The cheap, fast, external-posture slot was empty. SaaSFort fills it. Each finding maps to a control in NIS2 Article 21, ISO 27001 Annex A, OWASP, BSI IT-Grundschutz, CIS v8, and DORA. That mapping is what turns a vulnerability list into a document procurement and auditors accept. You scan, you download the PDF, you attach it to the questionnaire. For German companies in NIS2 scope, the same PDF is the external-posture evidence a BSI auditor asks for first.

If you want the longer walkthrough, we wrote one on answering a security questionnaire in an hour instead of a week.

How it is built

For the technically curious who came over from the Show HN thread:

  • The scanner is written in Go, with concurrent check execution per target and a hard timeout on every outbound probe so no single check can hang a run.
  • Results stream over Server-Sent Events. You watch each check resolve live instead of staring at a spinner for a 60-second job.
  • The frontend is Astro and Svelte. The backend runs on Kubernetes. Scan history lives in Postgres.
  • Output is the live grade, a downloadable PDF, and JSON and CSV exports.

What it costs

  • Free anonymous scan, one per day per IP, no account.
  • Starter, €9 per month, 10 scans.
  • Growth, €19 per month, 50 scans and multi-domain monitoring.
  • Scale, €29 per month, unlimited scans.
  • One-time audit pack, €149, if you only need a single report and not a subscription.

New signups get 14 days of the Growth plan with no card required, so you can run the full report and hand it to an auditor before paying anything.

The founding-member offer (launch day)

Be one of 10 founding members. The deal is simple: €149 once, and you get 24 months of SaaSFort Growth access. That works out to about €6 a month for unlimited scans, multi-domain monitoring, and the full NIS2, ISO 27001, and BSI Annex A control mapping.

One charge. No annual renewal trap, no surprise price-change email. In month 25 you decide what happens next: move to monthly Growth at €19, drop to Starter at €9, or stop. We email you 30 days before, nothing renews on its own.

Only 10 seats. When they are gone, the offer closes. See the founding-member details here.

Try it in the next minute

The fastest way to understand SaaSFort is to point it at your own domain.

Run your free scan. Read the grade. Download the PDF. If it shows you something worth fixing or worth proving to a customer, the pricing starts at €9 per month, and the founding-member offer is open today.

If you are on Product Hunt, an upvote and an honest comment genuinely help a two-person launch. Thank you for reading this far.

Artikel teilen
LinkedIn Post

Von der Theorie zur Praxis

Scannen Sie Ihre Domain kostenlos. Erste Ergebnisse in unter 10 Sekunden — ohne Registrierung.

Kostenlosen Scan starten

Weiterlesen

RGPDNIS2

RGPD + NIS2 pour le B2B SaaS : recoupements, divergences et plan d'action

Le RGPD protège les données personnelles. NIS2 protège la continuité des services. Le recoupement est réel, mais les traiter comme équivalents est l'une des erreurs de conformité les plus fréquentes en B2B SaaS en 2026.

Artikel lesen
GDPRNIS2

GDPR + NIS2 for B2B SaaS: Where They Overlap, Where They Differ

GDPR is about personal data. NIS2 is about service availability. They overlap on security and notification, diverge everywhere else. The B2B SaaS map.

Artikel lesen
NIS2B2B SaaS

NIS2 for B2B SaaS Vendors: The Supply Chain Cascade

Your B2B SaaS isn't directly NIS2-scoped. But your enterprise customers are — and Article 21(2)(d) cascades the burden to you. Here's how to handle it.

Artikel lesen
Zurück zu allen Artikeln