Is your website secure?
Find out for free!
PurpleRidge Security™ is an automated website security testing service designed for organizations without dedicated security or IT teams, yet require security testing. The service is also used by businesses to verify their websites stay protected.
PurpleRidge™ Security follows the security best practices of the OWASP Top 10 Compliance test. Know as a penetration test or pentest, the OWASP model organizes test results into 10 well-defined categories you need to understand if your site has vulnerabilities. If vulnerabilities are found, you’ll see them in the Free report.
Organizations ranging from Ecommerce, legal and professional services, retail stores, VC firms, realtors, and more, rely on PurpleRidge™ Security to test their websites for vulnerabilities.
What makes PurpleRidge™ Security unique?
Free to test
Only pay if vulnerabilities are found and you want a report (no strings attached) the penetration test, test summary including the full list of attack surfaces report are free. Yes free! You only pay to view the comprehensive report.
Easy to use
The test is a click away, with a minimal technical background required.
Experts to trust
The enabling technology behind PurpleRidge™ was RidgeBot®, an AI-based automated security validation platform developed by Ridge Security, cyber security experts over decades managing security and building automated tools to streamline security.
FREE! Summary Report
FREE! play with sample testing and get a free sample report
- Comprehensive security posture measurement: attack surfaces, vulnerabilities and risks.
- Blackbox testing only with your public domain name
- Formatted OWASP Top 10 Compliance Report
- One-click test, extremely easy-to-operate
- Pay as you view
PurpleRidge™ Security Performs These Tests, Automatically
Cross-site Scripting (XSS)
SQL Injection
File Upload
Remote File Inclusion (RFI)
Local File Inclusion (LFI)
HTTP Host Header Injection
Cross Site Request Forgery (CSRF)
XML External Entity (XXE) Injection
Clickjacking
Server Side Request Forgery (SSRF)
HTTP Request Smuggling
OS Command Injection
Insecure Deserialization
Directory and Path Traversal
Authentication Bypass
Information Disclosure
Last but not least known web application and web framework vulnerabilities
Contact our Enterprise Team if you have:
- Website that requires login
- Website with a single-page design
- If you want to test your internal windows or Linux servers
Follows Industry Standard “OWASP” Best-Practices
PurpleRidge automatically tests your website security posture following the OWASP Top 10 Compliance Test. It clearly indicates what OWASP Top 10 test have been done and what are the gaps.


PurpleRidgeâ„¢ Security Finds and Validates Vulnerabilities
PurpleRidge’s AI-enable technology leverages today’s most advanced threat vectors to identify and validate weaknesses in your website security. PurpleRidgeâ„¢ looks for a wider variety of threat types along with testing known weaknesses left unchecked after software updates or even the original installation of core software.
We recommend re-running the pentest quarterly, monthly, or even weekly whenever your site has any updates or changes.
The Difference Between Vulnerability Scanning and Penetration Testing
Watch a short video explaining how these two tests differ and why both are needed.
Managing Business Risk
With PurpleRidge™ identifying exploitable vulnerabilities in your particular environment, your development team can quickly size up the business risk these vulnerabilities present before taking action. They have the option to purchase a comprehensive set of instructions specific to your website and the vulnerabilities validated by the testing process.

Get started for free!
Once you sign up for PurpleRidge Security the process of setting up your account is well-documented and easy to follow. We recommend having your webmaster or IT consultant complete the configuration once the account has been created.