Get a 0-100 hardening score for any Linux server in 60 seconds.
A scored hardening report you can read, share, and act on. Scan from the outside, run a script you can audit yourself, or let us connect — you decide how much access to give. No signup to start.
Scan a server — free See pricingThree ways to scan — pick your comfort level
You stay in control. Start with zero access and go deeper only when you trust us. The on-box options return the same full 25-check report — the only difference is whether we ever touch your server.
External
No access needed
- You give just a hostname or IP
- We probe your public surface: open ports, exposed services, TLS & SSH ciphers, HTTP headers
- Nothing installed, nothing handed over
Run & upload
You keep the keys
- Download a short, read-only script for your OS — read every line before you run it
- Run it; results come back (auto-upload optional)
- We get the data, never access to your box
- Full 25-check report
Let us connect
Hands-off
- Grant a read-only SSH key
- We connect from our servers and run all 25 checks
- Nothing for you to install or run
- Full 25-check report
How it works
- Point it at a server. Give us a host (and, for the hands-off option, an SSH user and key). We read configs and run 25 hardening checks. We never store your credentials.
- Get a 0–100 score. Weighted by severity. Every deduction is named, evidenced, and remediated. Coverage is shown alongside the number.
- Share the report. Public scrubbed URL (target redacted) you can drop in a PR or Slack. $5 makes it permanent + adds a PDF.
Scan from outside — no access needed
Give us a hostname or IP and we probe its public surface from our servers — open ports, exposed data stores, TLS & SSH ciphers, HTTP headers. Nothing to install, no credentials. Only scan hosts you're authorized to test.
Scan now — we connect (hands-off)
The managed option. Paste a read-only SSH key; we connect from our servers, run the checks, and discard the credentials when the scan finishes — they're never persisted to disk.