Free TLS assessment
Get a clear report in minutes on your domain's TLS health and the risks worth fixing first. Test certificate expiry.
Scans public HTTPS endpoints and reports TLS posture in real time.
Real scans, anonymized. We refresh this snapshot about once an hour.
Full TLS audit in minutes
Enter a domain and get a structured report covering certificates, protocol versions, cipher suites, forward secrecy, key strength, HSTS, and post-quantum readiness. No setup, no waiting.
Actionable, not just informational
Every finding is prioritized by severity and linked to the affected hosts. Drill into detailed data tables, export to CSV, and hand the results to the team that owns the fix.
See what attackers see
SSLBoard scans your public endpoints the way an outsider would — testing real TLS handshakes across every IP, port, and protocol version. No agents to install, no firewall rules to open.
Post-quantum readiness
Know which of your endpoints already negotiate hybrid key exchange and which ones still need work. PQC migration starts with visibility.
Scored and comparable
Each report produces a weighted TLS score broken down by category, so you can track improvement over time or benchmark against industry peers.
Built for the team, not just the expert
Clean layout, plain-language explanations for every issue, and a table of contents that makes a 1,000-host report navigable. Share the link — anyone can read it.
DNSSEC with NSEC lets attackers walk your entire zone and enumerate every hostname. NSEC3 fixes this. SSLBoard now tests for it, including across CNAME delegations to third parties.
Harden Cloudflare SSL/TLS in five steps: HTTPS redirects, HSTS, TLS 1.2 minimum, TLS 1.3, and Advanced Certificate Manager to eliminate weak ciphers.
Definitions for TLS, SSL, certificates, cipher suites, OCSP, HSTS, CAA, and more. A plain-English reference for understanding SSLBoard reports.