Is this a penetration test?
No. Launch Auditor runs automated baseline security checks on public URLs — headers, TLS, secret exposure, and crawl surface. Use dedicated pentest for authenticated flows.
Baseline HTTP hardening, secret hygiene, and TLS health — the MUST-fix layer before any launch post, investor link, or production deploy gate.
Production deploys need baseline HTTP hardening before you share the URL.
HSTS enabled with max-age ≥ 6 months on production domain.
Audit check SEC-001 · security
Content-Security-Policy configured for your stack.
Audit check SEC-003 · security
No API keys or secrets in public JavaScript bundles.
Audit check SEC-020 · dns ssl
Valid TLS certificate and chain on all public routes.
Audit check DNS-001 · dns ssl
FAQ
No. Launch Auditor runs automated baseline security checks on public URLs — headers, TLS, secret exposure, and crawl surface. Use dedicated pentest for authenticated flows.
Free tier · No credit card · Create account
Pricing
Start free. Paid plans include a 7-day free trial — card required, cancel anytime.
First flight check
Serious founders shipping weekly
7-day free trial
Start Growth trialFunded teams with monitors & CI
7-day free trial
Start Professional trialAgencies & multi-client launches
7-day free trial
Start Agency trial