Cyber Essentials Scanner logo
Why Cyber Essentials How it works FAQs Use the FREE scanner Browse Jobs
Cyber Essentials Scanner watermark
Get your digital ducks in a row

With our FREE Cyber Essentials scanner tool

Scan your website in seconds

Instant checks aligned with UK Cyber Essentials

Clear, actionable steps

Create a tender to get quotes from our trusted partners

Use the FREE scanner Learn more

Why Cyber Essentials matters

Government‑backed

Recognised standard

Cyber Essentials is a UK government‑backed, industry‑supported baseline of security controls that protects against the most common online threats.

Sources: NCSC, GOV.UK

Win more work

Helps with contracts

Certification can be required for government contracts that handle personal or financial data and is increasingly requested across supply chains.

Source: GOV.UK overview

Reduce risk

Stop common attacks

By implementing the essentials, organisations significantly reduce the likelihood and impact of common cyber attacks.

Source: NCSC overview

7.7 million cyber crimes hit UK businesses last year. Don’t be next.

Who is Cyber Essentials for?

Cyber Essentials helps every organisation — from micro businesses to large enterprises — guard against the most common attacks. If you’re online or hold any data, these controls help keep you safe.

92%

More resilient

92% fewer insurance claims are made by organisations with Cyber Essentials in place.

89%

More trusted

89% of organisations would recommend certifying to organisations like theirs.

69%

More competitive

69% with Cyber Essentials believe it improved their competitiveness.

88%

More informed

88% say Cyber Essentials raised their understanding of cyber risks.

The 5 basic control areas

1. Firewalls and internet gateways

  • Use a firewall to secure your internet connection.
  • Block unauthorised access and expose only what’s necessary.

2. Secure configuration

  • Remove or disable unused accounts and services.
  • Harden default settings across devices, apps and cloud services.

3. User access control

  • Grant the minimum access necessary for each role.
  • Use strong authentication and protect admin accounts.

4. Malware protection

  • Deploy anti‑malware and keep it up to date.
  • Only allow trusted apps and code to run.

5. Patch management

  • Apply security updates promptly across OS, apps and firmware.
  • Know what you run and keep an inventory to stay on top of risk.

Ready to scan?

Run our FREE Cyber Essentials scanner to get a clear, prioritised action list in seconds.

Open the scanner

These summaries reflect the Cyber Essentials controls; for full details see the NCSC overview.

How your results map to Cyber Essentials

Our scanner checks things like HTTPS, HSTS, CSP, DMARC and plugin updates. These align with the Cyber Essentials directives.

These are the same categories assessed during official certification — we just help you spot them early.

HTTPS & HSTS
Strong transport security
Secure Configuration
Outdated CMS/plugins
Keep core and plugins up to date
Patch Management
Security headers
(CSP, XFO)
Harden browser protections
Secure Configuration

Your path to stronger cyber security

Scan your website

A free scan to highlight quick wins aligned with Cyber Essentials.

Fix flagged issues

DIY or invite quotes from trusted providers.

Work towards certification

Use your improved baseline as a head start for full Cyber Essentials certification.

Use the FREE scanner Read FAQs

Try the FREE scanner

Prefer the full‑page experience? Open the scanner in a new tab.

FAQs

Is this an official certification?

No. This tool helps you get ready by fixing common web‑facing issues. Certification is provided through accredited bodies listed by the NCSC.

Does the scanner store my data?

The scanner runs in your browser and does not collect personal data. Tender/bid data is only used when you create and share a tender.

Do I have to be 'Cyber Essentials' compliant?

Not in all cases, although it is mandatory for bidding on government contracts involving personal or sensitive data or IT services (including all MoD contracts since 2016), and from 24 Feb 2025 PPN 014 extends this to higher-risk public sector contracts where suppliers must hold certification (or Plus) or prove equivalent controls.

Why should I become 'Cyber Essentials' compliant?

Being compliant strengthens the security and safety of your business and data, reducing the risk of costly cyber attacks and ultimately saving you money. It also builds trust with customers and partners, demonstrating credibility to potential clients and gives you peace of mind that your systems are protected against the most common online threats.

Help secure your business

Most cyber attacks are basic — like someone checking if your front door is unlocked. Cyber Essentials helps you bolt the door against the most common threats.

Use the FREE scanner
Team in office collaborating on laptops