Free TLS assessment
Get a clear report in minutes on your domain's TLS health and the risks worth fixing first. Test certificate expiry.
Scans public HTTPS endpoints and reports TLS posture in real time.
Real scans, anonymized. We refresh this snapshot about once an hour.
SSLBoard connects to your infrastructure the same way the internet does. Your firewall stays as-is.
Enter a domain
Type company.com and hit scan. The first report is free, no account required.
Every subdomain gets tested
SSLBoard pulls your subdomains from public certificate transparency logs and runs actual TLS connections against each one, across every IP, port, and protocol version it finds.
Get a scored, actionable report
A TLS score out of 100, findings ranked by severity and tied to specific hosts. Export to CSV or share the link. It's written so non-security people can follow it too.
Full TLS audit in minutes
Enter a domain and get a structured report covering certificates, protocol versions, cipher suites, forward secrecy, key strength, HSTS, and post-quantum readiness. No setup, no waiting.
Results you can act on
Every finding is ranked by severity and linked to the affected hosts. Export to CSV and pass it to whoever owns the fix.
See what attackers see
SSLBoard connects to your public endpoints the way an outsider would, making real TLS connections across every IP, port, and protocol version. Your firewall stays as-is.
Post-quantum readiness
Know which of your endpoints already negotiate hybrid key exchange and which ones still need work. PQC migration starts with knowing where you stand.
Scored and trackable
Each report gives you a weighted TLS score by category. Run it again after making changes to see whether it moved.
Readable without a security background
Every finding comes with a plain-language explanation. Large reports have a table of contents so nothing gets buried. Share the link with whoever needs to see it.
DNSSEC with NSEC lets attackers walk your entire zone and enumerate every hostname. NSEC3 fixes this. SSLBoard now tests for it, including across CNAME delegations to third parties.
Harden Cloudflare SSL/TLS in five steps: HTTPS redirects, HSTS, TLS 1.2 minimum, TLS 1.3, and Advanced Certificate Manager to eliminate weak ciphers.
Definitions for TLS, SSL, certificates, cipher suites, OCSP, HSTS, CAA, and more. A plain-English reference for understanding SSLBoard reports.