Free Domain Security Audit: What VP Pulse Checks in Under 10 Seconds
VP Pulse's domain scan runs 8 security checks — TLS grade, DMARC, SPF, DKIM, DNSSEC, IPv6, security headers, and CDN fingerprint — for any UK domain in under 10 seconds.
Why Domain Security Audits Matter
A domain is more than a web address — it is the root identity of your organisation's digital presence. Email flows from it. Certificates are issued to it. Brand credibility depends on it. Yet many UK organisations have never run a comprehensive security audit of their domain.
VP Pulse's free domain scan checks eight critical security properties in parallel, returning results in under 10 seconds with no login required.
The 8 Checks
1. TLS/SSL Grade (SSL Labs)
Checks your HTTPS configuration against SSL Labs' industry-standard rubric. Reports the letter grade (A+ to F), certificate expiry date, supported protocol versions, cipher suite strength, and any known vulnerabilities. An expired or F-grade TLS configuration puts users at risk and damages trust.
2. DMARC Policy
Checks whether your domain has a DMARC record and what policy level it enforces. Policy levels: none (monitoring only), quarantine (spam folder), reject (blocked). Most UK businesses at risk have p=none — providing no actual protection against spoofing.
3. SPF Strength
Checks whether your SPF record exists and whether the final qualifier is -all (hard fail, strongest) or ~all (soft fail, weaker). Domains with no SPF record or ~all are more vulnerable to email spoofing.
4. DKIM Coverage
Enumerates common DKIM selectors (google, selector1, selector2, s1, s2, dkim, mail, email, k1, and others) to check which are published. Missing DKIM means emails cannot be cryptographically authenticated and DMARC alignment will fail for DKIM.
5. DNSSEC
Checks whether your domain has DNSSEC (Domain Name System Security Extensions) enabled. DNSSEC adds cryptographic signatures to DNS records, preventing DNS cache poisoning attacks where an attacker returns false DNS responses to redirect traffic.
6. IPv6 Readiness
Checks whether your domain has AAAA (IPv6) records alongside A (IPv4) records. Dual-stack domains are reachable by all users; IPv4-only domains may face access issues as IPv6-only networks expand.
7. Security Headers
Performs a live HTTP check against your domain's security headers: CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy. Returns a composite score and identifies which critical headers are missing.
8. CDN Fingerprint
Identifies which CDN or hosting infrastructure serves your domain — Cloudflare, Vercel, CloudFront, Fastly, Akamai, or origin server. Knowing your CDN provider helps understand which security features are available to you.
Understanding Your Score
VP Pulse generates a composite security score from 0–100. Scores above 80 indicate a well-configured domain. Scores below 50 indicate multiple significant security gaps that should be addressed. Each failed check links to guidance on remediation.
Shareable Results
Scan results are cached for 24 hours and accessible via a permanent URL — making it easy to share with your IT team, external auditors, or a managed security provider. Results include a dynamic Open Graph image for clean sharing in Slack or email.
Run a free security audit on your domain now at pulse.vpnetworks.co.uk/scan.