Three tiers. No subscriptions.

One-time fee per scan. You own the report — no vendor lock-in, no monthly fees.

Free Scan

SEK 0 · per domain

Quick DNS and header check. Produces a teaser report showing basic hygiene.

  • SPF, DKIM, DMARC check
  • HTTP headers (HSTS, CSP etc.)
  • Summary by severity level
  • Compliance overview (without details)
  • Cached for 30 days per domain
Start free
Most popular

Premium Scan

SEK 15,000 · one-time

Full attack surface + GitHub repo scan. 12-section report with action plan.

  • Everything in Free Scan
  • External ports + TLS + CVE correlation
  • GitHub audit: secrets, branch protection, 2FA
  • SAST (semgrep), IaC (checkov), gitleaks
  • Compliance details per requirement (4 frameworks)
  • Remediation per finding (can you DIY?)
  • "Questions for your security consultant" (section 10)
  • Prioritised action plan (P1/P2/P3)
Buy Premium Scan

Internal scan

SEK 25,000 · one-time

Docker agent you run in your own VLAN. Scans the local network — no data leaves your environment until you review and submit.

  • ARP discovery + port scan on local network
  • Active Directory / LDAP enumeration
  • Cross-VLAN segmentation testing
  • SNMP / SMB / patch level audit
  • JSON output you review locally
  • Air-gap safe / GDPR friendly
  • Append-only audit trail for auditors
Buy Internal scan

RAG add-on

+SEK 10,000 · with Premium

We run AI document analysis on your policies — multi-layer RAG with per-evidence verification.

  • Everything in Premium Scan
  • Upload policies (PDF, DOCX, MD)
  • Layer 2 vision enrichment (approvals, signatures)
  • Layer 7 per-chunk LLM verification
  • Document evidence per requirement (section 9)
  • Mapping: Match / Partial / Gap
  • Confidence score per assessment
Add RAG

Frequently asked questions

Is this a replacement for a security firm?

No. It is a pre-audit. You get the answers BEFORE you pay consultant hours for the same review. The report also includes "Questions for your security consultant" that help you set the right requirements and avoid paying for the wrong things.

Which frameworks are covered?

Focus: ISO 27001, NIS2, SOC 2, GDPR. We also map to PCI DSS and CIS v8 on request. Every finding links to exact control requirements per framework.

How long does it take?

Free scan: 2 minutes. Premium scan: 30-60 minutes depending on number of repos and attack surface. RAG analysis: 5-10 minutes per uploaded document.

Where are we scanned from?

From Swedish servers via a Tailscale network. Your data does not leave the EU. Uploaded policies are deleted after the report is delivered.