Free outside-in domain security
Scan any domain in about 60 seconds. Grades, score, and what to fix first.
Attackers start with public signals. RedScore collects the same outside view and ranks what matters first. No signup.
Free scan · No signup · Results in ~60 seconds
example-corp.com
Scanned just now · ~60s
AI Summary
DMARC enforcement is missing, which leaves spoofing open. SPF is too permissive. Several key web security headers are absent.
Why it matters
DNS, email auth, headers, certificates, and exposure signals are easy to check from the internet. RedScore turns that into a score and a short priority list so you are not the last to know.
Built for operators
Everything you need to see how your domain looks from the outside, without opening ten browser tabs.
Enter a domain and get a public attack-surface view in about 60 seconds. No account required.
DNS, email, web, exposure, certificates, and more rolled into letter grades you can act on.
A short AI summary ranks what failed, why it matters, and what to tackle first.
Verify domain ownership to turn one-off scans into alerts and ongoing posture tracking.
What you get
One scan rolls DNS, email, web, exposure, and related checks into grades you can act on, not a pile of raw tabs.
63 / 100
Grade C
example-corp.com
AI Summary
Cookie settings are weak and server headers reveal stack details. Email spoofing is plausible with incomplete SPF and DMARC.
RedScore Pro
The free scan shows your public score and category grades. Claim the domain to see full findings, then upgrade to Pro when you need monitoring, reporting, and guided fixes over time.
Free accounts include scheduled scans and email alerts. Pro adds the workflows below.
Site-specific fix notes on each finding after scans complete. Priority and sequencing that fit your stack.
Download per-scan PDF reports and request executive summaries for stakeholders and vendor reviews.
Publish a curated trust page that shows what you are doing right for customers and questionnaires.
Track score and finding changes over time to see whether fixes are working.
Set weekly or monthly schedules, pause a domain, and choose which modules run on each scan.
Route scan reports to your team channels alongside email alerts.
The difference
SecurityScorecard and Bitsight are built for enterprise procurement. RedScore gives teams the same outside-in view without a sales cycle.
Enterprise pricing varies by contract. RedScore basic scans stay free.
Go further with Pro
Get finding-specific fix notes and next steps after each scan completes.
Create PDF reports for stakeholders and publish a curated trust page for customers.
Send scan updates to Slack, Discord, webhooks, and email so fixes reach the right team.
Deeper modules
Find exposed services that should be closed, filtered, or reviewed.
Check common public paths for admin panels, backups, and stray files.
Look for tokens, keys, and sensitive config accidentally shipped to the browser.
Match visible software signals against known vulnerability data.
AWS posture, code security, and more checks are on the roadmap.
FAQ
Free scan · No signup · ~60 seconds
