ROEN

eINFO Security Audit

secure demo

Evaluare defensiva a expunerii digitale.

eINFO ofera o vedere rapida si controlata asupra semnalelor publice ale unui domeniu autorizat, cu verificari locale, date minime si rezultat temporar. Clientul vede clar ce merita intarit, fara testare intruziva.

Local-firstanaliza in mediu controlat
GDPR-by-designscop autorizat si date minime
Fara profilarerezultat temporar pe ecran
<4sraspuns rapid pe modul
temporarfara baza de date cu rezultate
controlatprotectie pentru teste autorizate
Standard eINFOverificare autorizata, neintruziva, cu rezultat clar pentru decizie
Verificarea are scop defensiv si foloseste date minime: nu se fac exploituri, brute-force, port scan sau parcurgerea automata a paginilor site-ului. Pentru domenii externe este necesara dovada de control.

eINFO methodology

Server scan inspired by HTTP Observatory, Security Headers and SSL Labs practices.

The technical check is limited to public DNS, TLS, HTTPS, HTTP headers, CORS, technical exposure and a GDPR/cookies signal. The score is calculated only from observable results. The usage framework remains lawful: authorized domain, minimal data, temporary result and no intrusive actions.

DNS Checks whether the domain has public A/AAAA addresses and can be found in DNS. active
TLS and certificate Checks the TLS handshake, certificate validity, issuer and remaining days before expiration. active
HTTPS and redirect Checks the HTTPS response and the HTTP-to-HTTPS redirect, without crawling and without port scanning. active
HTTP security headers Checks HSTS, CSP, nosniff, Referrer-Policy and anti-clickjacking protection. active
CORS Checks whether the main response exposes an overly permissive CORS policy. active
Technical exposure Checks whether the response publishes unnecessary platform or server details. active
GDPR and cookies Checks whether the initial response sets cookies and whether they include security attributes. active

Compliance and control

Defensive audit with GDPR-by-design principles.

eINFO checks only owned or authorized domains, uses minimal data and temporary results, with clear limits for defensive testing. The official GDPR reference remains available separately.

Authorized purposeOnly owned or explicitly authorized domains.
Data minimizationPublic signals, temporary result, no visitor profiling.
Secure defaultsNon-intrusive checks and restrictive operational limits.
AccountabilityClear scope, domain-control proof and documented safeguards.
Official GDPR reference

Rezultat

--/100

Executive snapshot

Rezultatul va aparea dupa rularea demo-ului.

Postura-
Impact-
Primul pas-

Prioritati

Observatii

eINFO Security Audit demo. Defensive. Local-first. No exploit. No port scan.