Find the weak spot
before anyone else does
New weaknesses show up on your site every month. A changed header, an expired certificate, a fresh misconfiguration. Resync Radar scans your site continuously and tells you the moment something drifts, with the same eye our pentesters bring to a full engagement.
No account needed. We only scan your public homepage · see everything we check
A yearly pentest is a snapshot. Your site is a moving target.
Every deploy, plugin update, certificate renewal or DNS change can open a gap. The longer it stays open, the more it costs.
Average cost of a data breach in Europe.
Source: IBM Cost of a Data Breach 2024
Average time before an intrusion is noticed.
Source: IBM Security 2024
Resync Radar re-scans every verified domain automatically and emails you what changed.
The always-on layer between full pentests.
From domain to a live dashboard in four steps.
Run a free scan
Enter your domain and get a security snapshot of your homepage in under a minute. No account needed.
Create an account
Add the domains you want to keep an eye on from one dashboard.
Verify over DNS
Add one TXT record so we know the domain is yours. The value never changes, so verification stays valid.
Watch your dashboard
We re-scan every verified domain automatically and surface new findings in your live dashboard, with an alert the moment something regresses.
Security first. Accessibility and SEO ride along.
Security hygiene
TLS and enforced HTTPS, HSTS, Content-Security-Policy, clickjacking protection, cookie flags, leaking version banners and other misconfigurations. The same checks we run at the start of a real pentest.
SPF · DKIM · DMARC
Can someone send email that looks like it comes from your domain? We check your DNS for the anti-spoofing records.
WCAG basics
The WCAG basics: alt text, form labels, document language and heading structure. The things that quietly keep people out, and increasingly a legal requirement.
Findability
Titles, meta descriptions, canonical tags, indexability and structured-data basics, so one report shows the full health of your site.
Security per domain, from €49/mo
Verify your domain over DNS and let it be scanned automatically, including email security. Price per domain, excluding VAT.
Radar
€49/domain · mo
excl. VAT · extra subdomain €14/mo
A full automated scan of every verified domain each month, with every finding in your live dashboard. All checks included, and the set keeps growing.
Radar Pro
€249/domain · mo
excl. VAT · extra subdomain €50/mo
Continuous weekly scanning with the deepest, growing check set (HTTP/1.1 and HTTP/2 issues, content-type and caching hardening and more), plus change alerts and a live findings dashboard. The bridge to a full re-sync.nl pentest.
Custom
Tailored
Scans tailored to your application (authenticated flows, business logic and more) or a full pentest. Get in touch for a tailored package.
✓ Cancel monthly · ✓ Payment via Mollie · ✓ Live dashboard
Continuous, not once a year.
- One snapshot, then blind for twelve months.
- New misconfigurations sit unnoticed.
- You find out at the next audit, or a breach.
- Too expensive to repeat every month.
- Automatic re-scan every month.
- An email the moment something regresses.
- The full history in your dashboard.
- The always-on layer between full pentests.
Who is behind Resync Radar
No inflated claims. Here is who runs Radar, where your data lives, and how we handle confidentiality.
Sofyan Aarrass, MSc, OSCP
Radar is built and run by Sofyan Aarrass, founder of Resync, a Dutch pentesting company. KvK 99738929.
In the Netherlands, no tracking
All scan results are stored on our own private server in the Netherlands. No third-party analytics, no tracking cookies, and we never sell your data.
NDA on request
Findings stay between us. We sign a non-disclosure agreement on request, and reply within one business day.
Common questions.
Is the free scan really free?
Yes. Enter a domain and we scan your public homepage, no account and no payment needed. The automatic monthly scans on your verified domains are the paid part.
How is this different from a full pentest?
A pentest is a deep, manual engagement. Resync Radar is the continuous layer between pentests. It watches for the common misconfigurations that creep in over time and warns you early. For a full manual test, talk to Resync.
Do I have to prove I own the domain?
Yes. Automatic scans only run on domains you verify with a DNS TXT record, so we never scan a site without the owner's consent. The free homepage scan is the only exception, and it stays on the public homepage.
Can I cancel anytime?
Yes. Cancel any month. Nothing more is charged and you keep access until the end of the paid period.
Is my website safe during a scan?
The scanner only fetches public pages with GET requests. It does not log in, submit forms or change anything. It holds no secrets and stores only the findings.
Put your website on the radar.
Start with a free scan. Verify your domains and let Resync Radar watch them, with every finding in your live dashboard.