Configuration Monitoring as a Service

Hardenize provides a managed service that combines host and web site discovery, network and security configuration analysis, and certificate monitoring in one package.

Request a Test Drive

Web site discovery and inventory

Quickly find your properties and start monitoring them immediately

Get up and running quickly

No one wants to spend their time populating databases. We draw from multiple sources of information to maintain a search engine that can help you find your web sites. We rely on this search engine initially during the onboarding process so that you can get results quickly. Later, as you continue to use Hardenize, we search in the background to find new properties that belong to you and automatically add them to your inventory.

Our public certificate database

We have built a database that contains essentially all public certificates issued worldwide. This database, which draws from real-time monitoring of all Certificate Transparency logs, is our main source of information for host discovery. Using this source alone, if we know your domain names, we can find all your certificates and subdomains in seconds.

Comprehensive network and security standard coverage

We focus on being experts in our field so that you can focus on being experts in yours

Standards coverage

Today, unlike maybe a decade ago, we have the standards we need to properly secure our properties. However, keeping up with the developments and learning how to use all available and necessary technologies correctly is proving difficult. We've made it our job to understand all the network and security standards so that you don't have to.

Deep analysis

We have a decade of experience building tools for deep analysis of security and network configuration. Our approach is to evaluate service properties in context and as a whole, and looking at how everything fits together. In other words, we build tools that work like humans. Crucially, we don't look for bad things. Instead, we answer the question if something is correctly and securely configured.

Continuous monitoring

Even when you're an expert, analysing network and security configuration can take a prohibitively long time. Our platform is fully automated so that we can scale it and you can have a full picture of all your properties at once.

Certificate inventory and monitoring

Unified view of your certificates, combining network monitoring with Certificate Transparency

Certificate analysis

Ironically, it's never been more difficult to deploy certificates correctly. Today, you can have a certificate that's valid on the surface, but can fail due to external factors, for example deprecation of Symantec certificates. We understand these problems and correctly alert to certificate configuration problems.

Expiration notifications

We monitor your certificates and notify you if they're about to expire, avoiding downtime. Crucially, we also monitor the certificates of third-party services your sites rely on, helping you avoid problems via dependencies and services you don't control directly.

Certificate Transparency monitoring

Via Certificate Transparency, we observe all the world's certificates as they are issued in real time. We detect those that belong to you and we pull them into your account. We automate analysis of these discoveries so that you can ignore those that are known and compliant, but focus your attention on misissued certificates.

Product features in detail

A network flight recorder for everyone

Nothing to install

Hardenize is provided as a service running in the cloud. There's nothing to install or manage, which means that you can start using our product in minutes and always have the latest version of our software.

Teams and dashboards

Categorize hosts into groups and create multiple dashboards. Create multiple user accounts with different access levels and assign them to teams. Then assign host groups to teams to indicate responsibility.

SSL and TLS protocols

Check for all known SSL and TLS protocols, cipher suites, named groups, and other cryptographic primitives. Simulate connections from popular clients to understand what they will negotiate with your sites.

PKI and certificates

Ensure your certificates work in major trust stores. Receive expiration notifications. Find deprecated Symantec certificates. Use CAA to control who can issue certificates.

Certificate Transparency

Monitor certificates issued for your properties worldwide, in real-time. Automatically handle routine discoveries, but highlight policy violations and misissued certificates.

Application security

Deploy all the relevant standards, such as HSTS, CSP, SRI, Expect-CT, and others. Use secure cookies, including name prefixes and same-site cookies. Prevent mixed content.

SMTP security configuration

Check for STARTTLS and correct TLS and PKI configuration. Deploy SPF and DMARC with confidence. Prepare for new standards, such as MTA-STS and TLSRPT.

IPv4, IPv6, DNS, and DNSSEC

Monitor your DNS and DNSSEC configuration across IPv4 and IPv6 networks. Find all IP addresses that provide a service. Deploy and validate DANE.


Use our APIs to programmatically manage your account. Integrate with our events subsystem to receive real-time notifications.