About SPAT
Security Posture Analysis Tool — by Antibody Cyber Technology, LLC
What is SPAT?
SPAT is an automated external security assessment tool that scans and evaluates the public-facing security defenses of websites and network servers. Developed by Antibody Cyber Technology, LLC, a specialized cybersecurity company based out of Huntsville, Alabama, the scanner proactively probes a target domain from an external network perspective to map its attack surface and reveal potential technical weaknesses before they can be exploited.
All 17 checks operate against the domain name itself — not a specific URL path. SPAT queries public DNS, makes direct TLS/socket connections, issues HTTP requests, and checks your domain against 90+ global threat intelligence feeds — the same feeds used by enterprise firewalls, browsers, and email security filters worldwide — using only the bare hostname (e.g. example.com).
Security Checks (8 External)
- DNS Resolution — Verifies DNS resolves correctly and matches expected IP
- TLS Certificate — Checks validity, expiration, issuer, and chain
- TLS Protocols — Detects deprecated TLSv1 and TLSv1.1
- HTTP Security Headers — HSTS, CSP, X-Frame-Options, and more
- HTTP→HTTPS Redirect — Ensures HTTP properly redirects to HTTPS
- Port Scanning — Checks for unexpected open ports
- robots.txt — Checks for sensitive path exposure
- Threat Intelligence — Checks your domain against 90+ global threat intelligence feeds (VirusTotal)
Scoring
Each scan starts at 100 points. Points are deducted for each issue found, weighted by severity (CRITICAL: 15pts, HIGH: 6-10pts, MEDIUM: 4-5pts, LOW: 1-2pts). Grades range from A (90+) to F (<50).
CLI Version
SPAT CLI is an optional command-line tool we run on our cloud-based servers that extends standard website-scanning capabilities. It performs 17 total checks (15 external + 2 SSH), adding TLS Cipher Suite analysis, CSP quality inspection, Cookie security, CORS policy, Email security (DKIM/DMARC/SPF), DNSSEC validation, URLhaus malware check, and SSH server hardening. Reports can be generated as HTML. The scan report is available for a one-time payment of $4.99, with no subscription or account required. View a sample CLI report.
