Hardn your site.
Continuous security scans for indie devs and small SaaS — with an AI report that explains every risk in plain English and hands you the exact fix for your stack.
Free one-time scan · passive checks only · domain ownership verified before any scan
Hardn produces an automated hardening scan, not a certified security audit.
What Hardn checks
Six passive checks that map your real, externally-visible attack surface. No payloads, no exploitation — Hardn only reads what your site already shows the world.
TLS & cert expiry
Weak protocols, broken ciphers, and certificates about to expire — caught before your visitors hit a browser warning.
Security headers
Missing or weak CSP, HSTS, X-Frame-Options and more — the headers that quietly defend every page.
SPF · DKIM · DMARC
Email authentication gaps that let anyone spoof your domain and land in your customers' inboxes.
Exposed files
Publicly reachable .env, .git, config, and backup files — the fastest way secrets leak.
Dependency CVEs
Known vulnerabilities in your dependencies, scanned from the lockfile you provide.
Bucket misconfig
Public cloud storage buckets that list or serve their contents to anyone — checked passively.
How it works
The scan is the easy part. The report is the product.
Scan
Verify you own the domain with a DNS challenge, then Hardn runs its passive checks and collects the raw findings.
Explain
An AI report scores each finding against your business context and rewrites it in plain English — what it is, and why it matters for your site.
Fix
Every issue comes with a copy-paste fix for your exact stack — nginx, Caddy, Vercel, Cloudflare — plus a command to verify it worked.
Pricing
Start free. Upgrade when you want Hardn watching continuously.
Free one-time scan
- All six checks, one full run
- Complete AI report with fixes
- Business-context risk scoring
- No card required
Continuous monitoring
- Automatic re-scans on a schedule
- Drift alerts when your posture changes
- Change tracking across scans
- Everything in the free scan
Frequently asked questions
What is Hardn?
Hardn is a continuous security scanner for websites and small SaaS. It runs passive checks for TLS, security headers, email authentication, exposed files, dependency CVEs, and public cloud buckets, then generates a plain-English AI report that scores each risk against your business and gives copy-paste fixes for your stack.
How much does Hardn cost?
The first scan and AI report are free. Continuous monitoring — automatic re-scans and alerts when your security posture changes — is $39 per month.
Does Hardn exploit or attack my site?
No. Hardn only performs passive and light-auth checks. It observes what your site already exposes to any visitor and never sends attack payloads, attempts authentication bypass, or causes load. It is an automated hardening scan, not a penetration test.
Who is Hardn for?
Hardn is built for solo founders, bootstrapped SaaS teams, and small agencies — teams under about 20 people with no dedicated security hire who still need to keep their attack surface in check.
What does Hardn check?
TLS configuration and certificate expiry, HTTP security headers (CSP, HSTS, X-Frame-Options and others), SPF/DKIM/DMARC email authentication, publicly exposed files such as .env and .git, dependency CVEs from your lockfile, and passive cloud bucket misconfigurations.
How is Hardn different from a vulnerability scanner or pen test?
Traditional scanners output CVE IDs and severity numbers with little guidance, and pen tests are expensive point-in-time engagements. Hardn is continuous, never exploits, and its product is the report: business-context risk scoring plus copy-paste fixes written for your exact stack.