SaaSFort An external security scan for whatever you are facing
The scan is the same 66 checks across 25 categories. What changes is the situation you need it for. Pick the one that matches yours, or just run the scan and see your grade in 60 seconds.
Vendor questionnaire
External security scan for a vendor questionnaire
A prospect sent a SIG, CAIQ, or custom security questionnaire, and the deal sits until you return it. A large share of the technical rows ask about externally-observable controls: TLS, certificates, headers, DMARC, exposed services. A scan answers those with evidence instead of a self-asserted yes, and gives you a dated PDF to attach so procurement stops the follow-up round.
Read more →SOC 2 prep
External security scan for SOC 2 preparation
A SOC 2 auditor will test your controls against the Trust Service Criteria, and the security criterion includes plenty that is observable from outside your perimeter. Clearing those findings before the observation window starts means fewer exceptions in the report. A scan shows you what an auditor will see and where the easy fixes are.
Read more →NIS2 / BSI
External security scan for NIS2 registration and BSI
If you are an in-scope NIS2 entity, the regulator expects demonstrable progress on the Article 21 measures, not a single perfect snapshot. A scan of your external posture produces a dated, control-mapped artifact you can file alongside your registration or hand over if the BSI asks what you have done. It is the fastest way to put evidence behind your Article 21 claims.
Read more →Enterprise sales
External security scan for enterprise procurement
Enterprise procurement runs a security review before they sign, and the external-posture part is the first thing they check because it is observable without your cooperation. Walking into that review with a clean, dated report removes the back-and-forth that stalls deals. A scan shows you what the buyer will find before they find it.
Read more →M&A diligence
External security scan for M&A due diligence
When diligence asks for security posture, a verbal assurance does not satisfy a careful acquirer or their advisors. A scan of your external surface produces a dated, control-mapped artifact you can drop straight into the data room. It answers the security line item with evidence and signals that the asset has been run with discipline.
Read more →ISO 27001 audit
External security scan for an ISO 27001 audit
An ISO 27001 auditor reviews your Annex A controls, and several of the technological controls (A.8.*) are observable from outside your perimeter. Checking them before a surveillance or recertification audit means fewer minor non-conformities to explain. A scan maps your external posture to the Annex A controls an auditor will look at.
Read more →Cyber insurance
External security scan for a cyber insurance application
Cyber insurers increasingly scan your external surface before they quote, and weak posture means higher premiums or declined coverage. Running the same kind of scan first lets you fix the easy findings before the insurer sees them. A scan shows you the view an underwriter gets and where to improve it.
Read more →Investor diligence
External security scan for pre-funding diligence
When you raise a round, investors and their technical advisors look at security as part of diligence, and external posture is the part they can check without your help. A weak surface raises questions you do not want during a raise. A scan shows you what a technical diligence partner will find, so you can fix it and put a clean, dated report in the data room before anyone asks.
Read more →MSP client audit
External security scan for MSP client audits
If you run managed services, your SMB clients increasingly need NIS2 posture evidence, and you are the one they ask. Auditing each client domain by hand does not scale. A scan checks any client domain in 60 seconds, maps findings to NIS2 Article 21 and ISO 27001 Annex A, and produces a dated report you can hand the client or attach to your own service record.
Read more →Turn any scan into a dated PDF for €39
The free scan shows your grade on screen. The Audit Pack adds the control-mapped PDF, 90 days of re-scans, and a dated attestation you can hand to an auditor, a buyer, or a regulator.