10 automated security tests running around the clock. Detect vulnerabilities, misconfigurations and exposures before attackers find them.
Every test runs automatically on a fixed schedule — from every 6 hours to daily — with no configuration needed.
Audit CSP, X-Frame-Options, X-Content-Type-Options, HSTS, Permissions-Policy and Referrer-Policy on every page.
Check protocol versions, cipher suites, HSTS preload status and full certificate chain validity for your domains.
Scan all cookies for Secure, HttpOnly and SameSite flags. Identify session cookies exposed to cross-site attacks.
Detect HTTP resources loaded on HTTPS pages that trigger browser warnings and break the security padlock.
Probe for exposed database ports (MySQL, PostgreSQL, Redis, MongoDB), Telnet and other dangerous services.
Query Spamhaus, Spamcop, Barracuda and other DNSBL providers to detect if your IP or domain has been flagged.
Identify CMS platforms, JavaScript libraries and server software. Flag known-vulnerable versions automatically.
Monitor domain expiry dates and detect unexpected registrar or nameserver changes via RDAP lookups.
Validate SPF, DKIM and DMARC records to prevent email spoofing and protect your domain reputation.
Discover subdomains via Certificate Transparency logs and DNS prefix probing. Find forgotten or exposed services.
Free plan includes Security Headers monitoring for 1 site
A single misconfigured header, an expired TLS certificate, or a database port left open to the internet can turn a secure website into a target overnight. Most businesses only discover these vulnerabilities after an incident — a data breach, a blacklisting, or a customer complaint.
PulseStack™ Security Shield runs 10 automated tests against your domains on a continuous schedule. We check everything from security headers and TLS configuration to open ports and DNS authentication records, alerting you the moment something changes or fails.
A valid SSL certificate alone is not enough. Weak cipher suites, outdated protocol versions, missing HSTS headers and incomplete certificate chains all create vulnerabilities that attackers exploit:
Our TLS Config Audit runs every 12 hours, checking all of this automatically.
Exposed database ports are one of the most common attack vectors on the internet. MySQL (3306), PostgreSQL (5432), Redis (6379), MongoDB (27017) and Telnet (23) should never be accessible from the public internet.
PulseStack™ probes 10 commonly attacked ports on each of your domains daily, with a 3-second timeout per port. If a port responds, you get an immediate alert. No complex configuration needed — just add your domain and we start scanning.
Email spoofing remains one of the most effective phishing techniques. Without proper DNS authentication records, anyone can send emails that appear to come from your domain:
Our DNS Security test validates all three records daily, alerting you to missing, misconfigured or overly permissive policies that leave your domain open to impersonation.
Every CMS, JavaScript library and server platform you run is a potential attack surface. Outdated versions of WordPress, jQuery, Apache and nginx have known vulnerabilities that are actively exploited in the wild.
PulseStack™ analyses HTTP headers, HTML source and JavaScript files to identify the technologies running on your sites. When a known-vulnerable version is detected, you get a clear alert with the affected component and version number — so your team can patch before attackers exploit it.
Security Shield is designed for web agencies, MSPs and in-house teams managing security across dozens of domains:
What types of security issues does this detect?
Infrastructure-level vulnerabilities: missing security headers, weak TLS configuration, exposed database ports, blacklisted IPs, outdated software versions, missing email authentication records, mixed content, insecure cookies and unknown subdomains.
Is this a penetration testing tool?
No. PulseStack™ performs non-invasive, passive and semi-passive checks. We read headers, query DNS, check TLS configuration and probe ports — we do not attempt to exploit vulnerabilities or inject payloads.
How often do tests run?
It depends on the test: security headers and cookies are checked every 6 hours, TLS and mixed content every 12 hours, and port scans, tech fingerprinting, domain WHOIS, DNS security and subdomain discovery run daily.
Can I try it for free?
Yes. The free plan includes Security Headers monitoring for 1 site. Upgrade to Starter (£29/mo) for all 10 tests on up to 5 sites.