Skip to main content
Enterprise|Security Engineer / Compliance Officer

Security Compliance Auditing

Automate security posture assessments for SOC 2 and ISO 27001

Security audits require evidence of proper security controls. EdgeDNS automates the collection of security configuration data across your domains.

The Challenge

Manual security assessments are time-consuming and error-prone. Compliance frameworks like SOC 2 and ISO 27001 require documented evidence of security controls including HTTPS enforcement, security headers, and DNS security.

The Solution

Automate security posture assessment using EdgeDNS APIs. Check security headers, SSL/TLS configuration, DNSSEC status, and generate comprehensive security scores for audit evidence.

Endpoints Used

Combine these EdgeDNS endpoints to build this solution.

GET
/v1/security/headersTry in Playground

Security Headers: Audit CSP, HSTS, X-Frame-Options, and other headers

GET
/v1/domain/sslTry in Playground

SSL Certificates: Verify certificate validity and issuer

GET
/v1/dns/dnssecTry in Playground

DNSSEC Check: Validate DNSSEC signing and chain of trust

GET
/v1/domain/hstsTry in Playground

HSTS Check: Verify HSTS policy and preload status

GET
/v1/score/securityTry in Playground

Security Score: Get an overall security grade with breakdown

Results You Can Achieve

Significantly reduce manual audit prep

Automated evidence collection for security controls

Continuous compliance monitoring

Detect security regressions before auditors do

Comprehensive audit trails

Historical security scores for trending and reporting

Code Example

Generate security audit report

javascript
const domains = ['app.example.com', 'api.example.com', 'www.example.com'];
const headers = { 'Authorization': 'Bearer YOUR_API_KEY' };

const auditResults = await Promise.all(
  domains.map(async (domain) => {
    const [secHeaders, ssl, dnssec, score] = await Promise.all([
      fetch(`https://api.edgedns.dev/v1/security/headers?url=https://${domain}`, { headers }),
      fetch(`https://api.edgedns.dev/v1/domain/ssl?domain=${domain}`, { headers }),
      fetch(`https://api.edgedns.dev/v1/dns/dnssec?domain=${domain}`, { headers }),
      fetch(`https://api.edgedns.dev/v1/score/security?domain=${domain}`, { headers }),
    ]);
    return { domain, secHeaders, ssl, dnssec, score };
  })
);

Learn More

Explore industry standards and best practices related to this use case.

NIST Cybersecurity Framework (CSF) 2.0

NIST framework with six core functions: Govern, Identify, Protect, Detect, Respond, and Recover

AICPA SOC 2 Trust Services Criteria

Official AICPA SOC 2 controls for security, availability, processing integrity, confidentiality, and privacy

ISO/IEC 27001:2022 Information Security

International standard for information security management systems (ISMS)

Ready to build Security Compliance Auditing?

Get started with 200 free API requests per month. No credit card required.

Get Started FreeTry the Playground

Other Use Cases

Email Marketing / DevOps

Email Deliverability Monitoring

Improve inbox placement with proactive email authentication monitoring

Product Manager / Business Analyst

Competitive Technology Analysis

Understand competitor tech stacks for strategic decisions