How exposed is your software?
Most software that was not built secure-by-design has the same handful of gaps: no tested backups, weak access control, stale dependencies, unencrypted personal data, and no plan for the day something breaks. Answer eight quick questions and get an honest read on where you stand. Nothing you answer leaves your browser.
01 / Run the self-check
02 / How this works
This is a fast read, not an audit. It checks the eight protections that decide whether a small mistake stays small or turns into a bad week.
Each answer scores points: Yes is two, Not sure is one, No is zero. Sixteen points is a clean run. We turn your total into a share of the maximum and read it as exposure, so the more gaps you have, the higher the meter and the higher your exposure. The result names the exact items you answered No or Not sure to, because those are the ones worth fixing first.
What each band means
- Low exposure. The basics are in place across backups, access, patching and data. Keep them current and keep testing your restores.
- Some gaps. The most common result. A few protections are missing or unsure. None of them are hard to close, and closing them removes most of the everyday risk.
- High exposure. Several core protections are not there. One mistake, one leaked password, or one unpatched flaw could hurt. This is the place to start.
A self-check tells you where you stand. It does not fix anything. When you want the gaps closed, a software audit reviews your real software and gives you a written plan with a fixed price. If you are starting fresh, building secure-by-design means these protections are part of the work from the first line of code. For the bigger picture, see how to build software without a tech team, or browse the rest of our free tools.
03 / Common questions
What does each result mean?
Low exposure means the basics are in place across backups, access, patching and data. Some gaps means a few of those are missing or unsure, which is the most common result. High exposure means several of the core protections are not there, so a single mistake or attack could hurt. The result names the exact items you answered No or Not sure to so you know what to fix first.
Do you store my answers?
No. The self-check runs entirely in your browser and nothing you answer is sent anywhere. There is no signup and no email required to see your read.
What is secure-by-design?
Secure-by-design means the protections in this check are built into the software from the first line of code, not bolted on after a scare. Backups, access control, patching, encryption and an incident plan are part of the build, not an afterthought. See our secure-by-design entry for more.
Can you fix these for me?
Yes. A software audit reviews your current software against these gaps and gives you a written plan with a fixed price to close them. We make software audit-ready, not breach-proof. No honest builder promises you will never be attacked.
Last updated June 2026 · Talk with Felipe
Your build
Taking on new builds
Have something in mind?
Tell us what you're making. We reply within a day with a fixed price and a date.