Free Nonprofit Website Security Scan & Report

We are currently offering a free website security scan and report for US based nonprofits.

It can be used once a year for a valid 501(c)(3). We will schedule a time, it will be passive, and not cause any harm. This will give your team an informed independent review of site status.

The report consists of a brief executive summary, an overview for technical managers, and a very detailed report with reference links and explanations. We use OWASP ZAP for the automated passive scan with an additional human audit for staff next steps.

This report could fulfill internal or external regulations such as PCI. We can focus the scan and report to your specific needs and provide adversarial emulation. Whether you’re a small neighborhood group who would like website advice to an international nonprofit under active attack, Chadbourne Consulting can assist.

For more information please email Please make the return email from the domain to be scanned. Feel free to mention any specific known issues or concerns and a good time for the scan.

Yes, it is free. No, we aren’t trying to up sell you. We just like nonprofits. ❤️