What Underwriters Check
The same 6 categories carriers scan during underwriting
41% of cyber liability insurance applications are denied. Most denials happen because businesses don't know what carriers are checking.
Email Authentication
SPF, DKIM, DMARC — the #1 underwriting requirement for BEC prevention.
Encryption (TLS/SSL)
Certificate validity, protocol version, cipher strength — carriers verify this.
Security Headers
HSTS, CSP, X-Frame-Options — indicators of security maturity.
DNS Security
DNSSEC, CAA records, dangling records — attack surface indicators.
Open Ports & Services
Exposed services, default ports, unnecessary attack surface.
Known Vulnerabilities
Outdated software, CVEs, and configurations that carriers flag.
How It Works
Three steps to insurance readiness
Enter your domain
Type your business website. No signup, no installation, no agents to deploy.
We scan externally
We scan your external attack surface in 60 seconds — the same view carriers have.
Get your score + quote
Receive your Cyber Defense Score mapped to underwriting criteria, then get matched with carriers.
Why This Matters
Know your posture before carriers do
41%
of cyber insurance applications denied on first submission
3/4
carriers run their own external scan during underwriting
96%
of carriers require enforced MFA evidence
20-40%
lower premiums for businesses with demonstrated controls
FAQ
Frequently asked questions
Is this really free?
Yes. The Cyber Defense Score and quote matching are completely free. No signup required, no credit card, no obligation.
Do you access my systems?
No. This is an external-only scan based on publicly available data — the same view that cyber insurance carriers have. We never log into, probe, or access your internal systems.
What do you scan?
We check external signals: email authentication (SPF/DKIM/DMARC), TLS/SSL configuration, HTTP security headers, DNS records, and open ports. These are the exact controls cyber insurers verify during underwriting.
How is this different from a penetration test?
A penetration test actively exploits vulnerabilities. We passively scan your external attack surface — no exploitation, no intrusion. Think of it as a pre-flight check before your carrier does their own assessment.
Will this help me get cyber insurance?
Yes. By identifying gaps before you apply, you can remediate issues and apply from a position of strength. After your scan, we can match you with carriers based on your industry, location, and readiness score.