zap on kali

We are currently offering a free website security scan and report for US based nonprofits.

It can be used once a year for a valid 501(c)(3). We will schedule a time, it will be passive, and not cause any harm. This will give your team an informed independent review of site status.

The report consists of a brief executive summary, an overview for technical managers, and a very detailed report with reference links and explanations. We use OWASP ZAP for the automated passive scan with an additional human audit for staff next steps.

This report could fulfill internal or external regulations such as PCI or SOC2. We can focus the scan and report to your specific needs and provide adversarial emulation. Whether you’re a small neighborhood group who would like website advice to an international nonprofit under active attack, Chadbourne Consulting can assist.

For more information please email Please make the return email from the domain to be scanned. Feel free to mention any specific known issues or concerns and a good time for the scan.

Yes, it is free. No, we aren’t trying to up sell you. We just like nonprofits. ❤️

Leave a Comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s