Passive checkers across DNS, TLS, web headers, email authentication, quality, etc...
Letter grade A+ to F, remediations, compliance mapping (PCI / ISO 27001 / SOC 2 / NIS 2 / GDPR).
One score, five axes, dozens of remediations. From a freelance audit to continuous SOC monitoring.
Weighted score on 100 across DNS / TLS / Web / Email / Quality, with letter grade A+ → F. A live slot-machine score updates as checkers complete; a delta card shows what changed since the last scan with point attribution and curated narrative.
External Attack Surface Management profile — discovers subdomains via Certificate Transparency logs, enriches IPs with ASN/geo (MaxMind), probes public S3/GCS/Azure buckets, indexes GitHub repos referencing your domain. Inventory output, persisted across scans for diff alerting.
Fetches public GitHub files mentioning your domain, regex-matches against 38 curated patterns (AWS / GitHub / Stripe / OpenAI / Anthropic / PEM / DB URLs). Values are immutably redacted server-side — we never store the raw secret. Instant alerting on new leaks.
Daily / weekly / monthly schedules. Alerts on score drop, new critical finding, new typosquat, new TLS certificate observed in CT logs, new secret leak. Email, webhook (HMAC-SHA256 signed) or Slack — with a forensic audit trail.
~75 finding slugs mapped to PCI-DSS 4.0, ISO/IEC 27001:2022, SOC 2, NIS 2 and GDPR controls. Compliance-ready reports embedded in JSON exports. Effort estimate and risk-if-ignored on every finding.
shields.io-style SVG badge for your README, consent-gated (only domains that have been verified expose a badge). Tier color matches the brand palette: A+/A green, B blue, C orange, D red, F violet.
Three steps from sign-up to your first scored audit
Create your free account in seconds, or sign in with UnveilPass (OIDC). Email verification gates Extended scans. Basic scans on any domain you want, with login — same passivity level as a browser visit.
For Extended / Probe / Recon profiles, prove ownership via a DNS TXT record or a /.well-known/ file. Re-verification runs automatically every 24 hours so a stolen domain auto-revokes.
Launch a scan from the console, the CLI or your CI (GitHub Action provided). Get a score on 100, copy-paste remediations, then re-check individual checkers as you fix them — without re-running the full scan.
Strictly passive on Basic and Extended — DNS, TLS handshake, HTTP GETs on standard endpoints, public sources only.
Triple-gated Probe profile: ownership + ack flag + non-destructive detection-only payloads. No fuzzing, no brute-force, no exploitation.
Independently operated by Unveil Technology — no Shodan, no SecurityTrails, no opaque US vendor in the data path.
From a one-off freelance audit to a SOC running continuous monitoring on hundreds of domains
Free Basic on every domain, plus 3 free Extended scans/month. When you need more, $299 buys 5 pinned domains for a full year — copy-paste remediations included, no five-figure pentest required.
ANSSI-aligned audit report (French) for client hand-off, custom HTML/PDF, multi-domain dashboard with tags by client. $539 buys 10 pinned domains for a year — stackable if your portfolio grows.
Daily / weekly schedules with alerting on score drops, new criticals, new typosquats. Compliance mapping (PCI / ISO / NIS 2 / GDPR) embedded in the JSON export — one audit, multiple frameworks satisfied.
Recon EASM with continuous diff, CT log watching, secret leak scanning on public repos, webhook HMAC integration into your SIEM. Forensic append-only audit log, 2FA org-wide.
The market: free single-shot tools (SSL Labs, Mozilla Observatory) vs opaque enterprise EASM ($15–100k/yr) vs monthly subscription products. UnveilScan sits between with transparent pay-once 365-day licenses, no auto-renewal.
| Capability | UnveilScan | SSL Labs / Observatory | HostedScan | Detectify EASM | UpGuard / Bitsight |
|---|---|---|---|---|---|
| Multi-axis unified score on 100 (DNS / TLS / Web / Email / Quality) | YES | NO (per silo) | partial | YES | YES |
| Live score during scan (slot-machine ring + per-checker save) | YES | batch | batch | batch | batch |
| Delta card «what changed since last scan» (point attribution + narrative) | YES | NO | NO | partial | partial |
| Effort & risk on every finding (effort_human, risk_categories) | YES | NO | NO | partial | partial |
| Strict scoring vs PCI 4.0 / ANSSI Reco-TLS R1 / RFC 8996 | YES | A+ on legacy | NO | NO | NO |
| Sectoral benchmark vs Top 1000 (percentile + median + average) | YES | NO | NO | NO | partial |
| Public consent-gated badge SVG (free tier) | YES | SSL Labs only | NO | NO | NO |
| Continuous monitoring + multi-channel alerting (email / webhook HMAC / Slack) | YES | NO | YES | YES | YES |
| CT log watching (alert on new certificate observed) | YES | NO | NO | partial | enterprise |
| Brand protection — typosquat enumeration + alert on new look-alike | YES | NO | NO | partial | enterprise |
| Recon EASM (CT logs / DNS resolution / cloud buckets / GitHub code search) | YES | NO | NO | YES | YES |
| Secret leak scanning on public GitHub (38 curated patterns, in free tier) | YES | NO | NO | enterprise only | enterprise only |
| No active validation of leaked secrets (passive detection only) | YES | N/A | N/A | probes provider APIs | probes provider APIs |
| Re-check per checker (Fixed state persisted, no full re-scan) | YES | NO | NO | NO | NO |
| Compare scans side-by-side (delta diff, +new / -resolved / =persistent) | YES | NO | partial | partial | partial |
| ANSSI-aligned audit report (French only — ANSSI publishes guidance in FR) | YES | NO | NO | NO | NO |
| OpenAPI 3.1 + CLI + GitHub Action | YES | SSL Labs API | YES | YES | YES |
| OIDC SSO (Sign in with UnveilPass) + 2FA TOTP | YES | NO | 2FA only | enterprise | enterprise |
| HTML / JSON / CSV / PDF exports | YES | HTML only | partial | YES | YES |
| Compliance mapping (PCI 4.0 / ISO 27001:2022 / SOC 2 / NIS 2 / GDPR) | YES | NO | partial | partial | YES |
| 100% passive on Basic + Extended (no fuzzing, no brute-force, no exploitation) | YES | YES | partial | active probes | active probes |
| Probe profile triple-gated (ownership + ack flag + non-destructive payloads) | YES | N/A | NO | NO | NO |
| Append-only forensic audit log + CSV export | YES | NO | partial | YES | YES |
| Pay-once 365-day license (no subscription / no auto-renewal) | YES | N/A (free) | monthly only | annual contract | annual contract |
| Entry-level annual cost | $0 free / $299 once for 5 domains | free | $49/mo ≈ $588/yr | $15–30k/yr | $1750/mo ≈ $21k/yr |
Basic scans are free, forever, on every domain. For deeper audits — Extended (full passive deep-dive suite) and Probe (crafted CVE probes under triple-gate consent) — buy a license that covers your domains for 365 days. No subscription, no auto-renewal.
For one-off audits and personal sites
Freelancers, solo devs, small teams
Stripe · cards, Apple Pay, Google Pay, SEPA
Agencies, in-house security teams
Stripe · cards, Apple Pay, Google Pay, SEPA
Stackable licenses — buy a second license to add another 5 or 10 slots (e.g. 5+5=10 simultaneous, 5+10=15). Each license has its own 365-day clock.
Free Basic scan in 30 seconds. No credit card. Verified ownership unlocks Extended.
Start Scanning Free