policy
Zondex for Compliance & Audit
Verify security controls, detect policy violations, and audit your internet-facing infrastructure for regulatory compliance.
checklist
Security Policy Verification
Verify that only authorized ports and services are externally accessible. Detect violations of your organization's security policies in real time.
encrypted
TLS/SSL Audit
Audit TLS configurations across your infrastructure. Identify expired certificates, weak cipher suites, and services still using deprecated TLS versions.
database
Exposed Data Services
Detect publicly accessible databases, message queues, and storage services. Find MongoDB, Redis, Elasticsearch, and other data stores exposed without authentication.
gavel
Regulatory Compliance
Support PCI DSS, HIPAA, SOC 2, and ISO 27001 compliance by maintaining visibility into your external attack surface and verifying security controls.
terminal Example Compliance Queries
port:3306 port:5432 port:1433
Find exposed database services (MySQL, PostgreSQL, MSSQL)
port:6379
Find exposed Redis instances (often unauthenticated)
port:21 service:ftp
Detect FTP servers (unencrypted file transfer)
port:23 service:telnet
Find Telnet services (insecure remote access)