CleverMoat

CleverMoat Documentation

Everything you need to know about securing your web applications with CleverMoat

Getting Started

Security Scans

Scoring System

API Access

Getting Started

Start securing your web applications in just a few minutes

1

Create Your Account

Sign up for free and get 3 complimentary scans to try CleverMoat.

2

Run Your First Scan

Enter your domain name and choose between Technical Scan or Assessment with questionnaire.

3

Review Your Results

Get a comprehensive security score with actionable remediation steps.

💡 Pro Tip

Start with the Free plan to test CleverMoat with 3 scans. Once you're comfortable, upgrade to a paid plan for unlimited scans and AI-powered recommendations.

What We Scan

CleverMoat performs comprehensive security analysis across multiple categories

SSL/TLS Analysis

Certificate validation and security

  • Certificate validity and expiration
  • Cipher suite strength
  • Protocol version support (TLS 1.2, 1.3)
  • Certificate chain validation
  • OCSP stapling
  • Letter grade (A+ to F) from SSL Labs

DNS & Email Security

Domain and email authentication

  • SPF (Sender Policy Framework) records
  • DMARC (Domain-based Message Authentication)
  • DKIM (DomainKeys Identified Mail)
  • DNSSEC validation
  • MX record configuration
  • DNS record health

Security Headers

HTTP security header verification

  • HSTS (HTTP Strict Transport Security)
  • CSP (Content Security Policy)
  • X-Frame-Options
  • X-Content-Type-Options
  • Referrer-Policy
  • Permissions-Policy

Port Scanning

Network exposure analysis

  • Open ports detection
  • Service identification
  • Vulnerability scanning
  • Exposed services
  • Misconfigured services
  • Attack surface analysis

Understanding Your Score

Learn how we calculate your security score and what each grade means

Grade Scale

A
90-100 points
Excellent security posture
B
80-89 points
Good security with minor improvements needed
C
70-79 points
Adequate security but needs attention
D
60-69 points
Poor security, significant issues found
E
0-59 points
Critical security issues, immediate action required

Finding Severity Levels

CRITICAL

Immediate attention required. Critical vulnerabilities that could lead to severe security breaches.

Expired SSL certificate
No DNSSEC validation
Critical exposed ports

HIGH

Important security issues that should be addressed soon to prevent potential attacks.

Weak cipher suites
Missing DMARC records
Unpatched services

MEDIUM

Security improvements recommended to enhance your overall security posture.

Missing security headers
Incomplete SPF records
Old TLS versions

LOW

Minor issues or best practice recommendations that can be addressed over time.

Optional security headers
Performance optimizations

PASS

Security check passed successfully. No action required.

Valid SSL certificate
Proper HSTS configuration
Secure TLS setup

API Documentation

Integrate CleverMoat into your workflow

Coming Soon

API Access in Development

We're currently building our public API to enable programmatic access to CleverMoat. The API will include:

API Key Authentication
Secure token-based access
RESTful Endpoints
Create and retrieve scans
Webhook Notifications
Real-time scan completion alerts
Rate Limiting
Fair usage protection

Interested in Early Access?

Sign up for our API beta program to get notified when API access becomes available.

Frequently Asked Questions

Common questions about using CleverMoat

Ready to Get Started?

Sign up for free and run your first security scan in minutes