Welcome to Hardenize!

Thanks for stopping by. We'd like to show a preview of a new tool we're working on. As you're playing with it, please remember this:

  • There may be bugs in our code. As this is a preview, we're still improving our code and deciding exactly how we should be presenting the available information.
  • This is work in progress. We already provide a very good coverage of various technologies out there, but we still have a lot to do.
  • This is just our public report; our commercial product will reuse the core technology, but it will focus on continuous assessment and collaborative features.

The problem we want to solve is this...

Less than 1% of all
web sites use modern
security features

Whichever way you look at it, there are many effective security technologies that we can use today, and yet only a small number of deployments do.

WHOIS, DNS, DNSSEC, DANE, CAA, SMTP, STARTTLS, CAs, X.509, SPF, DKIM, DMARC, IPv4, IPv6, HTTP/2, SSL, TLS, HSTS, CSP, HPKP, RC4, SHA, cookies, mixed content, SRI, privacy, ...

As it stands today,
security is too complex

Virtually no one has enough time to learn everything they need to achieve their security goals. It's too much work.

But, ironically, we often spend a lot of time trying to our secure systems after they have been deployed. This approach is not only inefficient, but also doesn't work very well.

Hardenize helps organizations deploy the security they need

Our goal is to build security in, engage developers and
system administrators from the start, and make security fun.

Thank you!

We hope Hardenize will help
you improve your security.


Welcome to the Hardenize blog. This is where we will document our journey on making the Internet a more secure place and have some fun and excitement along the way.

We are delighted to announce Hardenize Certificate Inventory and Monitoring, a significant new feature that we’ve just released. It’s enabled now for all our early customers. Certificate renewal has long been a pain point for organizations of all sizes. It’s rare to find someone who hasn’t had one of their certificates expire before they are replaced. With Hardenize we wish to ensure that never happens to you again. Equally important, we also wish to help you navigate the complex world of PKI.   READ MORE »

15 Aug

Monitoring of Symantec certificates

by Ivan Ristić

Google and Mozilla are planning to deprecate all existing Symantec certificates, cutting short their lifetime. This causes a significant operational problem for many organizations who will need to identify all affected certificates and then replace them before they are made invalid. To assist with this process, in Hardenize we’ve added detection of Symantec certificates (all brands) and we now present effective expiration dates.   READ MORE »

29 Jun

Introducing Hardenize dashboards

by Ivan Ristić

Today we’re introducing a great new Hardenize feature—public dashboards. They are a great way to apply Hardenize’s complete assessment capabilities to a group of hosts and get a good understanding (quickly!) of what their security is like. We provide a summary page that shows the most important data points, but we also include the complete results for each of the participating sites individually.   READ MORE »