Sudory

7 EU regulations · 1 platform

Compliance tsunami is here.
Are you ready?

See your security gaps and the regulations they break. Free scan, free account for the full answers.

What you'll get ready for

  • Information SecurityISO 27001
  • Trust ServicesSOC 2
  • EU DirectiveNIS2
  • EU ResilienceDORA
  • EU AccessibilityEAA
  • EU Cyber ResilienceCRA Soon
  • EU AIAI Act Soon
“Sudory is well-versed in enterprise software compliance. Without their expertise, we would have struggled to determine what truly applies to us.”
Remotion logo
Mehmet Ademi
Co-founder · Remotion

Example scan

What you'll see in 30 seconds.

Example scan output for yourdomain.com showing ten checks with pass, warn, and fail statuses.
sudory scan · yourdomain.com
$ sudory scan yourdomain.com
Your domain can receive email (MX)PASS
Blocks strangers sending emails as you (SPF)PASS
Blocks fake emails in your name (DMARC)FAIL
Proves your emails are really yours (DKIM)WARN
Email is sent encrypted (MTA-STS)FAIL
Reports when email encryption breaks (TLS-RPT)FAIL
Your website uses modern encryption (TLS 1.3)PASS
Visitors always get a secure connection (HSTS)WARN
Blocks bad scripts on your site (CSP)WARN
Stops scammers wrapping your site (X-Frame-Options)PASS
10 checks·4 pass·3 warn·3 fail
Audit outcome:non-compliantfor SOC 2, ISO 27001, NIS2.

Proof

Try it on a domain you already know.

Real scan pages, live findings. Click any domain below to see what Sudory actually returns. No signup. No cached demo.

Apple logo

Live scan

Apple

apple.com

See scan
GitHub logo

Live scan

GitHub

github.com

See scan
Stripe logo

Live scan

Stripe

stripe.com

See scan

Any scan page is shareable. Paste the URL anywhere.

Coverage

One scan. Six controls. Mapped to ISO 27002, NIS2, and SOC 2.

Twenty-eight signals, each tagged with the ISO 27002:2022 control it affects and the frameworks that reference it. One source of evidence for every audit that references those standards.

28signals checked
6ISO 27002 controls
3frameworks covered
Email
  • 5.14

    Information transfer

    ISO 27002NIS2
    SPFDKIMDMARCMTA-STS
DNS and infrastructure
  • 8.9

    Configuration management

    ISO 27002
    AMXNS
  • 8.20

    Network security

    ISO 27002NIS2
    DNSSECAAAA
Transport and crypto
  • 8.21

    Network services

    ISO 27002SOC 2
    TLSHSTSHTTPS redirect
  • 8.24

    Cryptography

    ISO 27002
    TLS versionDANECAA
Web and headers
  • 8.28

    Secure coding

    ISO 27002SOC 2
    CSPX-Frame-OptionsX-Content-TypeReferrer-PolicyPermissions-Policy

Your turn

Stop reading. Start scanning.

28 signals · 30 seconds · no signup

Before you scan

Four things worth knowing first.

  1. 01

    Is the scan safe? What do you actually check?

    Read-only lookups against public records: DNS (MX, SPF, DKIM, DMARC, DNSSEC, CAA), TLS configuration, HTTP security headers, MTA-STS, TLS-RPT. No credentials, no authenticated calls, nothing intrusive. The same lookups any auditor or researcher can run from their laptop.

  2. 02

    Will you email me or keep my data?

    The scan runs in-process and persists nothing. No signup, no newsletter, no domain list saved on our side.

  3. 03

    How is this different from SSL Labs or internet.nl?

    Same public-standard checks at the base layer. Sudory adds framework mapping to NIS2, ISO 27002, GDPR and SOC 2 per finding, plus remediation notes written for the team who has to fix it. SSL Labs is TLS-only. internet.nl is point-in-time and unbranded.

  4. 04

    Do I need to install agents or share credentials?

    No. Everything runs externally from public DNS, TLS, and HTTP lookups. Nothing to install. Nothing to authenticate.

Something else on your mind? Book a call →

Thirty seconds from now

You'll know.