Pricing

One-time payment. No subscription.

Pay once, get your report. Buy a pack if you have multiple domains or want to re-scan after making fixes. Credits never expire.

Know where you stand

What to fix, ranked by impact

Specific fix for every finding

Full technical evidence

Less than investigating a single phishing email.

Replaces manual DNS checks, certificate audits, and guesswork.

Built for scanning multiple client domains — not just your own.

See exactly what you get → Full sample report, before you buy
$29
Single Report
  • 1 scan
  • Credits never expire
  • Six exposure categories: email, certificates, DNS, HTTP security, open ports, domain intel
  • Plain-language report with specific remediation steps
  • Permanent shareable link — send the report directly to clients

No credentials required · No setup · Results typically under a minute

$69
save 21%
3-Report Pack
  • 3 scans
  • Credits never expire
  • Six exposure categories: email, certificates, DNS, HTTP security, open ports, domain intel
  • Plain-language report with specific remediation steps
  • Permanent shareable link — send the report directly to clients

No credentials required · No setup · Results typically under a minute

$179
save 38%
10-Report Pack
Popular with MSPs & Consultants

Scan multiple client domains or re-scan after fixes. Send report links directly to clients.

  • 10 scans
  • Credits never expire
  • Six exposure categories: email, certificates, DNS, HTTP security, open ports, domain intel
  • Plain-language report with specific remediation steps
  • Permanent shareable link — send the report directly to clients

No credentials required · No setup · Results typically under a minute

Managing 10+ domains? Ask about team licensing →

Already purchased?

Enter the email you used at checkout to go straight to scanning.

FAQ

Common questions

Does this require installing anything?

No credentials, no agent, no access to your systems. We scan only what is publicly visible — the same signals an attacker would read before deciding whether to proceed.

Can I scan a client's domain?

Yes. Packs are designed for exactly that — scan multiple domains or re-scan after fixes without buying a new single report each time.

What data do you store?

We store your email address (to deliver credits) and your report (accessible via your permanent shareable link). We do not store payment details — Stripe handles that entirely.

What if I disagree with a finding?

Findings are based on publicly observable signals and may not account for your specific context. See our Refund Policy for details.

Is this the same as a penetration test?

No. Surface Sentinel reads only publicly visible signals. It will not find application vulnerabilities or test internal systems. Think of it as seeing your domain the way an attacker does before they decide whether to proceed.

What next?

A one-time scan shows your posture today. Run scans regularly — after fixes, config changes, or on a quarterly cadence — to track changes over time.

Got users reporting suspicious emails? Ephemeral Sentinel automatically analyzes every submission and returns a plain-language verdict to the reporter — no analyst required for routine triage.

Learn about Ephemeral Sentinel

Payments processed securely by Stripe. We never store card details.

Questions? Privacy Policy · Terms of Service · About