Enter any SaaS vendor's URL and get an independent assessment of their externally verifiable security signals in under 60 seconds. No vendor cooperation required.
Free. No signup required. Results in under 60 seconds.
What the scan reveals
Security Infrastructure
SSL/TLS, HSTS, Content Security Policy, security headers, and certificate configuration across all web surfaces.
Email Authentication
DMARC enforcement level, SPF configuration, DKIM signing — indicators of email security maturity and operational discipline.
Policy Transparency
Privacy policy accessibility, terms of service, subprocessor disclosure, data retention clauses, and data subject rights.
Compliance Signals
SOC 2 references, ISO 27001 mentions, trust center presence, security page depth mapped to compliance controls.
Side-by-Side Comparison
Compare two vendors head-to-head on trust signals. Shareable comparison links for procurement team review.
Trust Score & Grade
A weighted A-F grade across 40+ signals. Shareable score cards with OG tags for social preview.
How procurement teams use TrustSignal
Scan the vendor
Enter any SaaS URL. TrustSignal crawls their public-facing infrastructure and documentation in under 60 seconds.
Review the trust report
See their trust score, verified signals, gaps, and category breakdown. Identify red flags before engaging sales.
Share with your team
Send the scorecard link to your security team, legal, or the vendor themselves. No login required to view.
Compare alternatives
Run scans on competing vendors and compare trust postures side-by-side to make informed shortlist decisions.
Who uses this
Procurement Teams
Pain: Evaluating 10+ vendors per quarter
Instantly filter vendors by security posture before investing time in detailed review.
CISOs & Security Engineers
Pain: Assessing vendor risk for every new tool
Get independent signal verification that doesn't rely on vendor self-reporting.
IT Managers
Pain: Shadow IT tools appearing without security review
Scan any tool your team is using to quickly check its trust posture.
Legal & Compliance
Pain: Verifying data handling before contracts
Check privacy policy accessibility, subprocessor disclosure, and compliance references.
Found issues with a vendor?
Share the TrustSignal report directly with the vendor. They can claim their profile, fix the issues, and improve their trust posture — creating accountability through transparency.
TrustSignal scans publicly accessible signals only. Results do not constitute a security audit or certification. Internal controls verified through SOC 2, ISO 27001, and similar frameworks may significantly exceed what is externally observable. Use TrustSignal as a preliminary screening tool alongside your existing vendor evaluation processes.