Client Security Assessment for MSPs
Score a prospect or client in 5 minutes instead of 2 hours
Missing one compromised client costs you the contract, spikes your cyber-insurance premium, and puts every other client in your book at elevated risk. EdgeDNS scores a prospect's email authentication, web security headers, TLS posture, and domain trust in a single call — so you catch the bad ones before you sign and document the good ones before the onboarding call. Start free on EdgeDNS — 200 requests/month, no credit card required.
The Challenge
Every new client is a security exposure until proven otherwise. Manual assessments take 2–3 hours per prospect, run inconsistently across analysts, and go stale the moment the client pushes a new config. The result: you either spend billable hours on unpaid discovery work, or you sign clients you wouldn't have taken if you'd seen their full posture.
The Solution
Run one programmatic assessment per prospect: email score (SPF, DKIM, DMARC, BIMI), security score (TLS, HSTS, headers), trust score (domain reputation, age, threat feeds), and performance score. Ship a branded report in under 5 minutes. Re-run it monthly on active clients so you spot regressions before they spot you. Pair this with [vendor security assessment](/use-cases/vendor-security-assessment) for upstream supply-chain risk, and read the [MCP setup guide](/guides/mcp-server-for-dns) to run the whole workflow from Claude or ChatGPT. Or ask your AI assistant directly: 'Generate a branded security posture report for prospect-company.com: email, web, trust, performance grades.' It handles the request through our AI integration and returns a plain-English answer. Try this call in the [EdgeDNS playground](/playground?endpoint=score-email) with your own domain.
Endpoints Used
Combine these EdgeDNS endpoints to build this solution.
/v1/score/emailTry in PlaygroundEmail Score: Single letter grade rolling up SPF, DKIM, DMARC, BIMI, MTA-STS, and MX health
/v1/score/securityTry in PlaygroundSecurity Score: Letter grade across TLS, certificate hygiene, HTTP security headers, HSTS, DNSSEC
/v1/score/trustTry in PlaygroundTrust Score: Domain reputation, age, and threat-intel signals
/v1/score/performanceTry in PlaygroundPerformance Score: Core Web Vitals, page weight, TTFB, and cache hygiene
Results You Can Achieve
Assessment time: from hours to minutes
One programmatic call replaces the manual checklist pass that typically takes 2–3 hours per prospect.
Continuous monitoring across your entire book
Scheduled monthly re-scans surface regressions automatically, so analyst time goes to remediation rather than rediscovery. Scales to hundreds of client domains on a single analyst workflow.
Branded posture report ready before the sales call
A dated, scored security report handed to the prospect during the sales conversation differentiates you from MSPs still quoting generic checklists. Replaces the "trust me" posture review with verifiable public signals.
Code Example
Generate client security report
async function assessClient(domain) {
const headers = { 'Authorization': 'Bearer YOUR_API_KEY' };
const [email, security, trust, performance] = await Promise.all([
fetch(`https://api.edgedns.dev/v1/score/email?domain=${domain}`, { headers }),
fetch(`https://api.edgedns.dev/v1/score/security?domain=${domain}`, { headers }),
fetch(`https://api.edgedns.dev/v1/score/trust?domain=${domain}`, { headers }),
fetch(`https://api.edgedns.dev/v1/score/performance?domain=${domain}`, { headers }),
]);
const scores = await Promise.all([
email.json(), security.json(), trust.json(), performance.json()
]);
const gradeRank = { 'A': 1, 'B': 2, 'C': 3, 'D': 4, 'F': 5 };
const avgRank = (
gradeRank[scores[0].data.grade] +
gradeRank[scores[1].data.grade] +
gradeRank[scores[3].data.grade]
) / 3;
const overallRisk = avgRank <= 2 ? 'low' : avgRank <= 3 ? 'medium' : 'high';
return {
domain,
email: scores[0].data.grade,
security: scores[1].data.grade,
trust: scores[2].data.risk_level,
performance: scores[3].data.grade,
overallRisk,
};
}Learn More
Explore industry standards and best practices related to this use case.
Ready to build Client Security Assessment for MSPs?
Get started with 200 free API requests per month. No credit card required.