Welcome to Hardenize!

Thanks for stopping by. We'd like to show a preview of a new tool we're working on. As you're playing with it, please remember this:

  • There may be bugs in our code. As this is a preview, we're still improving our code and deciding exactly how we should be presenting the available information.
  • This is work in progress. We already provide a very good coverage of various technologies out there, but we still have a lot to do.
  • This is just our public report; our commercial product will reuse the core technology, but it will focus on continuous assessment and collaborative features.

The problem we want to solve is this...

Less than 1% of all
web sites use modern
security features

Whichever way you look at it, there are many effective security technologies that we can use today, and yet only a small number of deployments do.

WHOIS, DNS, DNSSEC, DANE, CAA, SMTP, STARTTLS, CAs, X.509, SPF, DKIM, DMARC, IPv4, IPv6, HTTP/2, SSL, TLS, HSTS, CSP, HPKP, RC4, SHA, cookies, mixed content, SRI, privacy, ...

As it stands today,
security is too complex

Virtually no one has enough time to learn everything they need to achieve their security goals. It's too much work.

But, ironically, we often spend a lot of time trying to our secure systems after they have been deployed. This approach is not only inefficient, but also doesn't work very well.

Hardenize helps organizations deploy the security they need

Our goal is to build security in, engage developers and
system administrators from the start, and make security fun.

Thank you!

We hope Hardenize will help
you improve your security.

Blog

Welcome to the Hardenize blog. This is where we will document our journey on making the Internet a more secure place and have some fun and excitement along the way.

15 Aug
2017

Monitoring of Symantec certificates

by Ivan Ristić

Google and Mozilla are planning to deprecate all existing Symantec certificates, cutting short their lifetime. This causes a significant operational problem for many organizations who will need to identify all affected certificates and then replace them before they are made invalid. To assist with this process, in Hardenize we’ve added detection of Symantec certificates (all brands) and we now present effective expiration dates.   READ MORE »

29 Jun
2017

Introducing Hardenize dashboards

by Ivan Ristić

Today we’re introducing a great new Hardenize feature—public dashboards. They are a great way to apply Hardenize’s complete assessment capabilities to a group of hosts and get a good understanding (quickly!) of what their security is like. We provide a summary page that shows the most important data points, but we also include the complete results for each of the participating sites individually.   READ MORE »

Preview