
Show HN: Free GDPR / PCI DSS Compliance Test - keydutch
https://www.immuniweb.com/websec/
======
anotheryou
What does it look for?

If it rises an alarm seeing any 3rd party domain that would be trivial and not
enough.

It would than have to dig for a data processing agreement in the
terms+conditions. This can only happen once domain and company name have been
correlated.

What else could it check?

~~~
keydutch
It gives a good CMS/JS security overview (much better compared to other
services I previously used), scans for cookies and HTTP/S headers, locates
privacy policy and bunch of other non-intrusive checks. Subdomain discovery is
awesome. Full GDPR compliance (e.g. legal + human + physical) obviously
requires many days of manwork and will likely cost a bunch of money =)

