Security Assessments
Two proprietary assessment tools built in-house by Ridgepoint Technologies. Ridgepoint Spotter shows what attackers can see from the outside — 14 professional-grade reconnaissance tools including port scanning, TLS analysis, and OSINT. The Ridgepoint Scout Sensor reveals what is hiding inside your network. Together, they give you the complete picture.
Tool #1
ComplimentaryYour organization has an external footprint — exposed services, leaked credentials, misconfigured email authentication, forgotten subdomains, open ports. Ridgepoint Spotter uses 14 professional-grade reconnaissance tools — including active scanning with nmap, testssl.sh, and exposed file probing — to show you exactly what attackers can see, before they use it against you.
No credentials required. No network access needed. Just your domain name. Quick Scan in under 2 minutes. Full Scan in under 5.
Live nmap scanning identifies open ports, running services, OS fingerprinting, and known CVEs across your public infrastructure.
testssl.sh cipher suite analysis, protocol version checks, and vulnerability detection for Heartbleed, POODLE, BEAST, and more.
Checks for Content-Security-Policy, HSTS, X-Frame-Options, and other critical headers that most websites are missing.
Probes for accidentally exposed .git directories, .env files, database backups, admin panels, and other sensitive paths.
Identifies your CMS, web server version, JavaScript frameworks, and other technologies — flagging outdated or vulnerable versions.
Detects whether a Web Application Firewall is protecting your web applications and identifies the specific product.
Discovers subdomains via Certificate Transparency logs and passive OSINT — finding forgotten dev, staging, and admin portals.
Harvests publicly exposed email addresses and employee names from search engines, certificates, and DNS records.
Checks your domain against breach databases to identify compromised credentials associated with your organization.
Validates SPF, DMARC, DKIM, MTA-STS, and BIMI configuration to assess email spoofing and phishing resistance.
WHOIS registration, DNS record analysis, DNSSEC validation, and zone transfer testing.
Checks your domain against DNS blocklists, URLhaus malware databases, and abuse databases.
Evaluates cookie flags — Secure, HttpOnly, SameSite — and analyzes robots.txt for intelligence on hidden paths.
Certificate chain validation, expiration monitoring, issuer verification, and HSTS preload status.
Tool #2
$2,500Spotter looks at you from the outside. The Ridgepoint Scout Sensor looks from the inside. It is a proprietary hardware device deployed directly on your network for 24–48 hours, performing comprehensive device discovery, vulnerability mapping, and compliance scoring against three major frameworks.
Included at no additional cost in all vCISO Plus engagements. Standalone assessment: $2,500.
Category-level scoring across all six NIST functions: Govern, Identify, Protect, Detect, Respond, and Recover.
Safeguard-level mapping against the 18 CIS Critical Security Controls with weighted compliance scoring.
Requirement-by-requirement readiness assessment aligned to Ohio Revised Code § 9.64 mandates.
A concise, leadership-ready summary — overall security score, top findings, compliance alignment snapshot, and prioritized next steps. Designed for board presentations and executive decision-making.
The full picture — device inventory, vulnerability findings, severity ratings, port analysis, certificate health, and detailed remediation guidance for each finding. Built for your IT team or MSP.
Framework-by-framework scoring against NIST CSF 2.0, CIS Controls v8, and Ohio HB96. Includes cross-reference matrices showing exactly which findings impact which compliance requirements.
Frequently Asked Questions
The Ridgepoint Spotter scan is complimentary. 14 professional-grade tools. Branded PDF report with letter grades.
Run Your Free Spotter Scan