Your Website's
Security Rating
Get an instant A–F security grade for any company's domain — the same external rating engine our vendor-risk platform runs. Free, no signup, and you get a shareable link.
SSL/TLS Certificate
Validity, chain, protocol
Security Headers
CSP, HSTS, XFO, and more
Email Security
SPF, DKIM, DMARC records
DNS Hygiene
Nameservers, CAA records
CVE Exposure
Known vulnerabilities (paid)
Attack Surface
Subdomains, dark web (paid)
How the Security Rating Works
What does the rating check?
We run non-intrusive, passive checks on the domain's TLS/certificate configuration, HTTP security headers (CSP, HSTS, X-Frame-Options, and more), DNS hygiene, and email authentication (SPF, DKIM, DMARC). These roll up into a single A–F grade using the same engine that powers Vulnios' vendor-risk platform. For the full picture of how vulnerability scanning works end-to-end, read our 2026 guide to vulnerability scanning.
Is this rating safe to run?
Yes. We only perform external, non-intrusive checks — the same information any browser or email server would see. We don't attempt to exploit vulnerabilities or gain unauthorized access, and internal/private domains are blocked.
What's in the full report?
The free rating shows the grade and a summary. The full report — every finding with severity and evidence, CVE exposure, dark-web exposure, remediation steps, and continuous monitoring — is part of Vulnios VRA.