The platform

Every trust module. One dashboard. One source of truth.

SkyQon continuously inspects every signal that customers, inboxes, browsers and auditors use to decide whether your domains can be trusted — and shows you exactly what to fix.

Email Trust

Monitor SPF, DKIM, DMARC, BIMI, MTA-STS and TLS-RPT, and surface exactly where your domain can be spoofed or silently dropped by mailbox providers.

  • SPF flattening, lookup-count and multi-record errors
  • DKIM key presence, size and rotation hygiene
  • DMARC policy strength with aggregate-report ingest
  • BIMI, MTA-STS and TLS-RPT readiness
SPF passDKIM 2048DMARC p=none MTA-STS enforceBIMI missingTLS-RPT

DNS Trust

Detect DNSSEC gaps, risky or stale records, weak configurations and missing protections, so your namespace can't be quietly tampered with.

  • DNSSEC signing and chain-of-trust validation
  • Nameserver health, redundancy and consistency
  • CAA, dangling and risky record detection
  • Zone hygiene and exposure scoring
DNSSECoff
Nameserver healthgood
CAA policypartial

Certificate Trust

Track certificate expiry, issuer changes, configuration drift and your full certificate inventory — so a renewal never becomes a 2 a.m. outage.

  • Expiry forecasting with early-warning alerts
  • Issuer / CA change and unexpected-issuance detection
  • Full certificate inventory across hosts and ports
  • Certificate Transparency log monitoring
cert 18dissuer stableSHA-1 chain CT logged38 inventoried

TLS Security

Evaluate your HTTPS configuration, protocol strength, cipher exposure and certificate-chain trust against current best practice.

  • Protocol versions and deprecated-protocol exposure
  • Cipher-suite strength and forward secrecy
  • Certificate-chain completeness and trust
  • HSTS and secure-transport configuration
TLS 1.3on
TLS 1.0 / 1.1exposed
Forward secrecyyes

Subdomain Risk

Discover exposed, abandoned, misconfigured or takeover-prone subdomains across your estate — the shadow IT attackers find first.

  • Subdomain discovery from Certificate Transparency
  • Dangling-record and takeover-risk detection
  • Misconfigured and orphaned host surfacing
  • Continuous attack-surface tracking
staging.* takeoverlegacy.* danglingapp.* healthyapi.* healthy

Brand Protection

Monitor lookalike domains, typosquatting, homoglyphs and phishing infrastructure that impersonate your brand and target your customers.

  • Lookalike and typosquat domain discovery
  • Homoglyph and confusable-name detection
  • Suspicious-registration and phishing signals
  • Impersonation and domain-abuse indicators
skyq0n.comskyqon-login.comsky-qon.netmonitored

Registrar Monitoring

Track registrar lock status, nameserver changes, WHOIS changes, expiration dates and domain-ownership risks before they become incidents.

  • Transfer-lock and registrar-lock status
  • Nameserver and WHOIS / RDAP change detection
  • Expiration tracking with T-30 / T-7 alerts
  • Ownership and contact-change monitoring
Transfer locklocked
Expires in26 days

Compliance Evidence

Generate exportable reports and evidence for audits, security reviews, vendor assessments and board reporting — including NIS2-aligned evidence.

  • NIS2-aligned evidence reports (PDF)
  • Point-in-time posture snapshots and history
  • Vendor-assessment and security-review exports
  • Signed executive reports for the board
  • Cyber-insurance readiness view — signed, shareable with your broker
NIS2_evidence_2026-06.pdf✓ signed
# Domain trust evidence
period      = 2026-06
coverage   = 96%
posture    = 71/100
sha256     = a3f1…9e2c

Post-Quantum Readiness

NIST has already set the retirement dates for RSA and ECC: deprecated in 2030, disallowed in 2035. SkyQon inventories the cryptography you run today and turns it into a workable modernization plan.

  • Cryptographic algorithm and key-size assessment
  • Quantum-vulnerable certificate inventory
  • Migration-readiness scoring
  • Exportable modernization roadmap
RSA-2048legacy
ECDSA P-384modern
PQ migration readiness42%

DORA Trust Center

An add-on for financial entities and their ICT third-party providers: SkyQon assembles the technical evidence behind DORA — a shareable supplier-readiness trust page, Register of Information support and audit-ready exports. Certification stays with your auditor; the add-on supplies the evidence underneath it.

  • Supplier-readiness trust page you can share with clients
  • Register of Information (RoI) data support
  • Audit-ready, exportable DORA evidence
  • Continuous ICT-risk signals across your domain estate
DORA_supplier_evidence_2026-06.pdf✓ signed
# DORA supplier-readiness evidence
entity     = ICT third-party provider
roi        = linked
posture    = 71/100
sha256     = a3f1…9e2c

Cloud & internal coverage

SkyQon starts agent-less, scanning your public domains from the cloud in minutes. When you need to go deeper, optional cloud connectors and a lightweight internal agent extend the same trust posture to private networks and cloud certificate stores. Available on Growth and Enterprise.

  • Agent-less external scanning, on by default
  • Cloud connectors for certificate stores (e.g. AWS ACM)
  • Optional internal agent for private networks and internal CAs
  • One unified Trust Score across external, cloud and internal
external · agent-lesscloud · AWS ACMinternal · agentone trust score

See your whole domain trust posture in one scan

Run a free scan on one domain — no account, no agent, results in minutes.