Olimpio scans your external domains and infrastructure, identifies real vulnerabilities, and delivers a plain-English report with step-by-step remediation — no security expertise needed.
// external assessment · olimpio.io
✓ 4 subdomains discovered
✓ 11 services enumerated
⚠ 2 medium severity findings
✗ 1 critical — exposed admin panel (8080/tcp)
→ AI remediation attached
Report ready · Download PDF ↓
For IT consultants & MSPs
Add external vulnerability assessments to your offering in minutes. No specialist knowledge, no expensive tooling — just professional results your clients will trust.
A new revenue line
Bill clients for professional security assessments without hiring a specialist. Professional pays for itself with a single client engagement.
No security expertise needed
Olimpio runs the scan and explains every finding in plain English. You deliver the value — the tool does the heavy lifting.
Reports clients can actually read
Every scan produces a severity-coded PDF with plain-English descriptions and step-by-step remediation. Hand it straight to your client.
olimpio · assessment report
Prepared for: Acme Ltd
acme-ltd.co.uk · 29 May 2026
1
Critical
3
High
5
Medium
8
Low
What Olimpio covers
From subdomain enumeration to AI-interpreted CVE findings — everything you need to understand and communicate your real exposure.
Full enumeration of your external domains, subdomains, DNS records, and associated external IP addresses. Surfaces assets you didn't know were exposed.
Scans open ports and running services on your external domains and IP addresses, flagging anything that shouldn't be internet-facing. External attack surface only — no internal network scanning.
Automated checks against known CVEs and misconfigurations — from outdated TLS to exposed admin interfaces.
Every finding explained in plain English with business context and step-by-step remediation guidance.
Severity-coded findings with an executive summary — ready to share with your IT provider or board.
Scheduled scans keep you covered automatically. Essential includes one monthly scheduled scan. Professional includes up to three domains on weekly or monthly schedules.
Finds exposed or leaked API keys across your domain and linked GitHub repos. Track your keys and get scheduled email reminders when rotation is due — before attackers find them first.
Findings are mapped against Cyber Essentials controls after each scan, showing where you align and what to fix — practical guidance for UK businesses working toward certification.
Pricing
No contracts. Cancel anytime.
Free
Run a scan and see what is exposed — no card needed.
Essential
For small businesses that want simple monthly security checks.
Professional
For growing businesses and consultants that need regular security checks.
No credit card required on Free · Cancel Essential or Professional anytime · Payments processed by Stripe
Need multi-client workspaces, white-label reports or API access? Consultant plans are available on request.
External IPs / domains
External scans
Scan type
AI plain-English explanations
Executive PDF reports
Scheduled scan
Cyber Essentials mapping
Remediation tracking
Client-ready summary report
Secrets detection
Email exposure intelligence
Tech stack fingerprinting
Email alerts on scan completion
Support
| Feature | Free | Essential | Professional |
|---|---|---|---|
| External IPs / domains | 1 | 1 domain | Unlimited |
| External scans | 2 scans | 4 / month | Unlimited |
| Scan type | Standard | Standard | Standard + Deep |
| AI plain-English explanations | Top findings | All findings + remediation | All findings + remediation |
| Executive PDF reports | 1 (watermarked) | 2 / month | 4 / month |
| Scheduled scan | Monthly · 1 domain | Weekly + monthly · up to 3 domains | |
| Cyber Essentials mapping | |||
| Remediation tracking | |||
| Client-ready summary report | |||
| Secrets detection | |||
| Email exposure intelligence | |||
| Tech stack fingerprinting | |||
| Email alerts on scan completion | |||
| Support | — | Priority email |
Get started free
See exactly what attackers see — in minutes. No setup, no credit card, no jargon.
Start your free scan →Takes 30 seconds to sign up · Standard results in ~20 minutes · No credit card required
Questions? Email us at joe@olimpio.io
Blog
Subdomain takeover lets attackers claim an abandoned subdomain of your domain and host their own content on it — making phishing pages, malware, or fake login forms appear to come from your legitimate domain.
Read more →An expired SSL certificate breaks your website for visitors, triggers Google penalties, and is one of the most easily preventable security failures — here is everything you need to know to stay on top of it.
Read more →A vulnerability scan checks your domain and infrastructure for security weaknesses before attackers find them — here is what it involves, what it finds, and whether your business should be running one.
Read more →