Have Questions? Call or Text Your Cybersecurity Experts 7 Days a Week! 636.448.3713

My Mortgage Consultant

My Mortgage Consultant
My Mortgage Consultant
Total Vulnerabilities Found: 35
Last scanned on: February 16, 2020
Rank 6824 of 21966
Cybersecurity Report Card Logo - cybersecurity assessment

Final Grade

Join Fortified Program
Powered By ChatFortress

Report Card Summary

DNS Health


Email Security


Leaked Credentials




Fraudulent Domains


Patch Management


Information Disclosure


Website Security


Web Ranking


Cybersecurity Culture




Cybersecurity Resources

Talk to Us

Cybersecurity Report Card Sponsored By:


Reduce your cybersecurity risk and exposure. Schedule Your Discovery Session Now! or Call 636.448.3713

Small Business Cybersecurity Scholarships
Access Qualified Vendors Fast!
Common Cybersecurity Mistakes Business Owners Make

Discover how you compare to your business category

Average Grade in Category
Average Vulnerabilties Found in Category
Number of Leaked Credentials in Category
Cybersecurity Report Card Logo - cybersecurity assessment
Cybersecurity Report Card- cybersecurity assessment

Understand your cybersecurity risk in 60 seconds and see what the hacker sees with your Cybersecurity Report Card!

The NEW standard for starting conversations about your cybersecurity risk. Your ChatFortress Cybersecurity Report Card gives you the “hacker's perspective" on how these vulnerabilities can expose you to data breaches, ransomware and other cybercrimes. Fix your vulnerabilities before cybercriminals exploit them! Cyber-attacks cause financial harm, reputation loss and damage to all of your intellectual property.

If your Cybersecurity Report Card grade is between C and F...

You're FIVE times more likely to experience a data breach or cyber-attack!

Smaller companies under 1,000 employees are 80.2% more likely to be compromised by cyber criminals than larger companies!

Cybersecurity Report Card- cybersecurity assessment
Cybersecurity Report Card- cybersecurity assessment

Cybersecurity Report Card uses public domain information!

This means hackers already have access to all of this information to use against you. If they are not already, it’s common for cybercriminals to exploit your systems for six months before they launch their attack. We want to help you win the Cybersecurity war by sharing with you what the hackers already know about you.

Access Your Full Cybersecurity Report Card for Free

Schedule Your Discovery Session Now!

Claim Your Free Detailed Cybersecurity Report Card along with Your Vulnerabilities Blueprint Report by scheduling a 30 minute Report Card Review Now.

Your Full Cybersecurity Report Card includes:

  • Executive summary for C-Level Presentations or board member meetings.
  • Access to your Cybersecurity Report Card for 365 days!
  • Cyber Attack Risk Assessment - Understand how you will experience cyber-attacks and what impact this can have on your business.
  • Full disclosure of Hacked dark web accounts. This part of the report shares the exact user names, passwords, and Personal Identifiable Information exposed on the dark web.Hackers use this information to compromise your accounts!
  • Full details on all the found vulnerabilities and what you need to do to resolve these vulnerabilities.

Many vulnerabilities impacting your Report Card grade can be fixed in minutes!

Claim your full Cybersecurity Report Card by scheduling your 30 minute Report Card Review below.

Schedule Your Discovery Session

Our team will review your report card and explain all of your vulnerabilities and show you how you can get them resolved, many times for free! Plus, get your cybersecurity questions answered by a trained professional.

Ranking Comparison

Below is how your Cybersecurity Report Card compares with other companies. This allows you to understand your risk based on your business category, along with how you fit with your competitors. Remember, companies of all sizes can create a cybersecurity culture

Total Rank

of 21966

Category Rank

of 42

Do You Know What a Data Breach Could Cost You?

It could be everything! Calculate Your Liability!

ChatFortress logo

SMBs account for 43% of data breaches

Lack of time, resources and education are three major factors that put small to medium-sized businesses (SMBs) at risk. 2019 Data Breach Investigations Report

ChatFortress logo

83% of SMBs lack the funds to recover

What's worse? A quarter of those who can't afford it didn't even realize there would be any recovery costs involved. 2018 InsuranceBee Cybercrime Survey

ChatFortress logo

Phishing emails account for 66% of ransomware cases

Even when 65% of MSPs reported having spam filters in place, cybercriminals can still get in. The takeaway? A layered security approach is no longer optional. 2018 Datto State of Ransomware Report

How to Calculate Your Cost

Each type of data impacts the possible cost of loss. If you have more than one type you need to calculate each of these. Enter the number of customers' data you have access to and choose between three types of data breaches:

  • Payment Card Industry (PCI): How much could a breach of credit card information cost you?
  • Protected Health Information (PHI): How much could losing patient data cost you?
  • Personally Identifiable Information (PII): How much could losing Social Security numbers or email addresses cost?

Data Breach Cost Calculator

Enter the number of customers' data you have access to and choose between three types of data breaches:

Calculated Results:

Incident Investigation
Breach Coach: A breach coach specializes in data privacy, cybersecurity and response plan execution. Managing communication between all parties. $25,000
Forensics: Forensic investigators example a company’s system/data to help determine the size and image of the breach, how the incident occurred, and who was involved to aid in identifying steps needed to remediate the breach and notify the affected individuals. $60,000
Notification and Crisis Management:
Crisis Management: Data breaches can cause significant reputational damage, and the response to the public or media is time-sensitive and often regulated. Crisis management is recommended to reduce reputational damage. $20,000
Notification: Understanding the state and federal notification standards and following compliance requirements. $2,800
Call Center: Individuals that receive breach notification notices often have questions regarding the incident. Allocating expenses to set up a call center to respond to these questions is important for reputation management and customer support. $1,300
Credit Monitoring: Credit monitoring services and/or identity monitoring services may be required for affected individuals. Requirements vary by state. $1
Total Cost$109,101

Important information: the output of the Data Breach Cost Calculator are estimates and are presented for educational purposes only. Actual data breach costs will vary from breach to breach. Data breach costs may be significantly higher due to possible regulatory fines, class action lawsuits, PCI fines, loss of revenue, loss of customers/patients, etc. This calculator is not intended to predict insurable costs and has no bearing on any insurance policy.

CCPA and Data Privacy Calculator

State of CA Penalties

Total Estimated State of CA fine amount


CA Consumer Damages

Total estimated consumer damages


Grand Total

This tool is provided for educational and discussion purposes only, and information obtained from it may not be relied upon as legal analysis or opinion.

Discover the common Cybersecurity mistakes and how you can protect your business from liability and financial loss!

Download Your Business Cybersecurity Guide

What's this Cybersecurity Report Card Grade Mean?

DNS Health report is generated from 40+ control items which are collected from online services like IntoDNS, Robtex, Netcraft and HackerTarget. Since DNS queries are recursive, it is almost impossible to detect a hacker footprints from the DNS servers.

The online services and ChatFortress search engine send a number of totally legal and non-intrusive queries to the corresponding DNS servers. Each service gives different information about a domain or DNS server. SOA serial number, SPF, DMARC, recursive queries, zone transfer are some of the checklist items in this section. Name Server (NS), Mail Exchange (MX), Start of Authority (SOA), A records are checked.

If the business is using a non branded commercial email account, then we consider this business HIGH risk for email security. Personal email accounts services like gmail, hotmail, and Yahoo have limited security unlike commercial accounts where email security can be upgraded. Email is not a secure channel of communication.

This section checks some SMTP vulnerabilities and misconfiguration on email servers. This section reports all MX records and their blacklist statuses, SMTP diagnostics, IP Addresses and/or Hostnames, potential SMTP misconfigurations like poor connection time, DKIM & DMARC & SPF Records, Reverse DNS Test, Valid Hostname, Webmail HTTPS Control etc.

ChatFortress scans the dark web to assess if your personal information is compromised in a data breach. These data breaches expose your data to cybercriminals, which increases your risk of cyberattacks. These targeted attacks include email phishing, spear phishing, ransomware and malware exploits. This data includes but is not limited to Email Address, Phone Number, Passwords, PIN codes, Credit Card Information, Medical Information, and Personal Identifiable information PII.

In the simplest form, email list of employees can be used for phishing attack. Most of internet users use same passwords for different web application accounts. Leaked e-mails and passwords are very dangerous even if it is used in account for different company. Attackers can try to enter the corporate system using the same credentials. There is a great chance that the same email / password combination may work for corporate applications. Attackers can also communicate or trade the hacked account and can gather some private information easily.

Blacklists contain lists of IPs or domains that pose a threat to consumers. Staying on top of your reputation by regularly monitoring your presence on blacklists and analyzing your engagement metrics is important. Asset reputation lists the IPs or domains that are blacklisted or that are used for sophisticated APT attacks.

Fraudulent domains and subdomains are used to run phishing campaigns by attackers. Attackers register a domain with a name similar to the target company. Attackers can develop a web site using the logo, design or any other content that actually belongs to a company and can share this web site on the internet. Then, the attacker can phish the customers by redirecting them to malicious domain via a link. It may be hard to detect malicious domain for customers, if they have insufficient knowledge. Customers can easily be fooled to this type of attack which may result in compromise of personally identifiable information (PII).

There are more than 300 million registered domains and billions of subdomains. Some of these sites have malicious purposes. ChatFortress searches the internet, detect fraudulent web sites by calculating the Levenshtein distance, radial distance and run a sophisticated machine learning algorithm to classify a domain.

Company employees may disclose Local IPs, email addresses, version numbers, whois privacy records or even misconfigure a service in a way that it may expose sensitive information to the internet.

Information disclosure is when an application fails to properly protect sensitive information from parties that are not supposed to have access to such information in normal circumstances. These type of issues are not exploitable in most cases. However they are considered as security issues because they allow attackers to gather information which can be used later in the attack lifecycle, in order to achieve more than they could if they didn’t get access to such information.

This is a special analysis of the company’s main website. The findings are collected from SSL/TLS Strength, Application Security and Security Headers. This category is designed to help developers, system administrators, and security professionals to configure their sites safely and securely. It includes a set of controls to analyze your website and informs you if you are utilizing the many available methods to secure it.

Web Ranking is not considered in the calculation of your cybersecurity report card. Website Ranking data is provided directly from Google and should be used to optimize your website to improve the user experience. This information is provided as an additional value add to help you quantify your digital footprint. Your website ranking does not protect you from a cyber attack. Your business will be compromised regardless of your website rank if there are vulnerabilities. Cybercriminals are equal opportunity attackers.

Cisco, Alexa and Majestic track web sites and rank them according to popularity, back-links, references, etc. This subcategory shows Alexa and Majestic trends, Google Page insight speed test results as well as Web Content Accessibility Guidelines (WCAG) 2.0 parsing compliance findings.

Alexa ranks websites based on a combined measure of pageviews and unique site users. Alexa creates a list of most popular websites based on this ranking time-averaged over three-month periods. Only the site's highest-level domain is recorded, aggregating any subdomains.

Cisco creates a list of most popular brands and websites. The popularity list contains our most queried domains based on passive DNS usage across Cisco Umbrella global network of more than 100 Billion requests per day with 65 million unique active users, in more than 165 countries. Unlike Alexa, the metric is not based on only browser based 'http' requests from users but rather takes into account the number of unique client IPs invoking this domain relative to the sum of all requests to all domains.

Majestic ranks every website in the world based on the number citations from OTHER websites (Links). The Majestic Million is a list of the top 1 million website in the world, ordered by the number of referring subnets / backlinks.

Frequently Asked Questions

ChatFortress is a leading cybersecurity company helping business owners protect their assets from cybercriminals. We provide companies with access to the latest technologies, social engineering and human behavioral strategies, and user education to create a proactive cybersecurity culture. Helping you fortify your business against cyberattacks.

Currently, companies treat cybersecurity like hunting bigfoot, due to the complexity of cyberattacks and the lack of technical understanding. But, it does not have to be that way.

Our goal is to help Business owners start conversations about their cybersecurity culture. ChatFortress realized that the only way we are going to make positive changes to protect the company's digital assets and therefore safeguard consumers' privacy was to create a new standard for cybersecurity conversations.

Therefore the team at ChatFortress knew there had to be a better way to approach cybersecurity. That's why we created the ChatFortress Cybersecurity Report Card.

ChatFortress mission is to provide every business with a complimentary cybersecurity audit.

The ChatFortress Cybersecurity Report Card is a free complimentary, independent audit of a companies cybersecurity risk, which is published annually. It's only via publishing the report cards that we empower users and companies to start conversations about protecting their digital assets.

This provides business owners with a transparent and independent audit of their cybersecurity risk.

The report card allows C-level executives to understand their risk without having to understand the technology. Therefore improving the decisions made by C-level executives.

We provide 3rd party vendors and financial companies with the ability to quantify and assess cyber risk like never before.

Cybercriminals are exploiting the trust of we have in our vendors to gain access to our systems. Therefore one of your biggest attack vectors will be the trust you have in your 3rd party vendors.

We provide consumers with the ability to review the companies they choose to work with, ensuring the consumer's privacy is protected.

Cybersecurity is complicated, and business owners don't have access to all the current information about cyberattacks and the associated risk.

Therefore it's hard for business owners and C-level executives to understand their current cybersecurity risk. If a company does not understand their cybersecurity risk, how can that company effectively implement a strategy to protect their digital assets.

We at ChatFortress knew we could make it easier for everyone to quantify and understand their Cybersecurity risk. That's why we created the cybersecurity report card, to help business owners to create the new standard for starting cybersecurity conversations.

Only when you know what your cybersecurity risk is, and where your vulnerabilities are can you improve your cybersecurity culture. That's why we offer every business, and every website, a free complimentary report card every year.

Cybersecurity is an issue that impacts everyone, not just the business owners. If companies don't have a fortified cybersecurity program, it's their customers that become the victims of cybercriminals.

All of the data used in these cybersecurity report cards are public domain. It's the same data hackers use to assess the company's vulnerabilities before a cyberattack.

None of the data used within this free report card has been part of an internal network test of the company.

Here are some of the data points that your ChatFortress Cybersecurity Report Card audits. Data extracted from the domain name without anything to install by the user.

       <ul className=“lead”>
              <li> Botnet Infections</li>
              <li> Spam Propagation</li>
              <li> Malware Servers</li>
              <li> Unsolicited Communications</li>
              <li> Potentially Exploited</li>
              <li> SPF Domains</li>
              <li> DKIM Records</li>
              <li> TLS/SSL Certificates TLS/SSL Configuration Open Ports</li>
              <li> Web Application Headers Patching Cadence</li>
              <li> Insecure Systems</li>
              <li> Server Software</li>
              <li> Desktop Software</li>
              <li> Mobile Software</li>
              <li> DNSSEC Records</li>
              <li> Mobile Application Security</li>
              <li> Domain Squatting</li>
              <li> File Sharing</li>
              <li> Exposed Credentials on the Darkweb</li>

ChatFortress collects information about Public Disclosures from a variety of sources. A Public Disclosure event is attributed to a company when there is significant, publicly-disclosed evidence that the company was at fault for the data loss, such as a company-issued disclosure notice or investigation from a credit card company. The risk vectors are Breaches and Other Disclosures.

Companies can upgrade their Cybersecurity Report Card listing and become certified companies as part of the ChatFortress Fortified Program.

The data is accurate based on the data available in the public domain for the given domain. This data is cross-referenced through various open source vulnerabilities and exploits databases for analysis.

All data used within the Report Cards are available for independent audits by the domain owner and the public. We are, therefore creating 100% transparency between the data used and the resulting cybersecurity report card grade. Security Ratings provide a comprehensive outside-in view or "the hackers perspective" of a company's security risk. To ensure easy understanding and a common standard, we convert these ratings into a report card A-F scale.

The vulnerabilities section of your Cybersecurity Report Card outlines the known issues that are impacting your current cybersecurity report card grade. We recommended that you resolve the high and critical issues, then re-run your report card. You should provide this section of the report to your IT team for review.

Some of the issues may take time to update on servers. Review new Report cards monthly to validate current vulnerabilities. This ensures your company is proactive in detection and response to cyber threats. Free report cards are only updated once every 365 days.

Yes, the our team can help you implement a strategy to improve your report card score. Schedule a time to speak with our team and we can ensure you have a strategy in reduce your cybersecurity risk.

IT Team:

Share the vulnerabilities section of this report card with your IT team. This provides your IT Team with the details required to create a plan for resolving identified issues. Running a new report card will validate that critical issues have been resolved and allow you to improve your report card grade.

C-Level Executives:

The C-Level team should use the summary section of the report to outline their cybersecurity risk strategies and how they are creating their cybersecurity culture. Running a new report card will validate that critical issues have been resolved and allow you to improve your report card grade. This allows your C-Level team to understand the current state of your cybersecurity risk.

Board Members:

The Report Card Summary section should be provided to your board members and become a regular discussion within your company board meetings.

Who we are

CybersecurityReportCard.org is powered by ChatFortress.com. ChatFortress is a leading cybersecurity company helping business owners protect their assets from cybercriminals. We provide companies with access to the latest technologies, social engineering and human behavioral strategies, and user education to create a proactive cybersecurity culture. Helping you fortify your business against cyberattacks.

Cybersecurity Resources

Talk to Us

Cybersecurity Report Card Sponsored By:


Reduce your cybersecurity risk and exposure. Schedule Your Discovery Session Now! or Call 636.448.3713

Small Business Cybersecurity Scholarships
Access Qualified Vendors Fast!
Common Cybersecurity Mistakes Business Owners Make

Speak with a ChatFortress Specialist

Discover how ChatFortress can help your company reduce your risk and exposure without installing complicated systems that require your team to work harder. Schedule time with your ChatFortress Specialist now.
Call 307-999-7755