Home

Features

Pricing

Resources

Download Free Trial

What PCRiskPro Does

Four security audits.
One Windows device. Minutes — not days.

PCRiskPro inspects a single Windows endpoint across data exposure, application vulnerabilities, UK Cyber Essentials controls, and system hardening — then turns the findings into prioritised, plain-English actions you can hand to a user, an IT admin, or a board.

Local-first
Scans run on the device. No data sent to the cloud.
UK-tuned
NHS numbers, NI numbers, UK postcodes, sort codes.
Confidence-scored
Entropy + context filters reduce false positives.
Audit-ready
HTML, Excel, JSON exports for clients and auditors.
The Four Modules

Every scan answers four questions.

Each module produces its own findings, its own prioritised actions, and rolls into a single overall security score weighted by business impact.

Data Discovery
35% of score

Where is sensitive data hiding on this device?

Scans modern and legacy documents, PDFs, images, emails and configuration files for personal, financial, credential, and regulated data — with confidence-scored, UK-tuned detection.

  • Modern + legacy Office (.docx, .xlsx, .pptx, .doc, .xls, .ppt, .msg) plus PDF, TXT, CSV, JSON, XML, code files
  • OCR for scanned PDFs and images (.png, .jpg, .tif, .webp) with GPU acceleration
  • Confidence scoring with entropy + context filters — far fewer false positives than naive regex tools
Application Security
20% of score

Which installed apps have known CVEs today?

Enumerates installed applications and matches them against NIST NVD, OSV.dev and the CISA Known Exploited Vulnerabilities catalog — with EPSS exploit-likelihood scoring.

  • 20,000+ CVE local database with confidence-aware product matching
  • CISA KEV flagging — see which CVEs are being actively exploited in the wild
  • Works offline after the first scan; results cached locally for 24 hours
Cyber Essentials
25% of score

Would this device pass a Cyber Essentials audit today?

Automates the UK Cyber Essentials self-assessment across all five control themes, with pass/fail status and remediation guidance per check.

  • Firewalls · Secure Configuration · User Access Control · Malware Protection · Security Update Management
  • Plus disk encryption verification (PCRiskPro extended control)
  • Audit-ready export with control mapping and evidence
System Security
20% of score

Is Windows hardened against modern attacks?

Eleven configuration checks covering firmware-level protections, credential isolation, ransomware defences, and legacy protocol exposure.

  • Secure Boot · TPM · Credential Guard · Controlled Folder Access
  • SMBv1 · UAC level · RDP exposure · Guest account · AutoPlay
  • Password policy and screen-lock posture
Why PCRiskPro

Built for SMEs, IT consultants, and MSPs.

Enterprise-grade detection without enterprise pricing, enterprise complexity, or sending your client data to a third-party cloud.

Local-first by design
Every scan runs on the device. Findings never leave the endpoint unless you choose to export them. No cloud account required.
Confidence-scored detection
Pattern matches are validated with Luhn, entropy thresholds, and ±30-character context windows — so credit card numbers in test fixtures don't trigger CRITICAL alerts.
Plain-English actions
Every finding maps to a What / Why / How action card with effort estimate and validation steps — written for the person who has to fix it.
Scope-aware licensing
Endpoint-only, Personal OneDrive, Business OneDrive + SharePoint, or multi-tenant MSP — pay only for the data sources you actually scan.
Signed installer
Distributed as a signed Windows installer (Certum OV, RSA 4096, timestamped). No SmartScreen warnings.
Free Edition is real
Not a 30-day trial. Free Edition stays free forever for personal device use — first 20 findings shown across every module.
Reporting & Remediation

One scan. Reports for everyone who needs one.

Every scan produces audit-ready exports tailored to different audiences — board, IT, MSP client, or assessor.

  • HTML — branded, presentation-ready reports for executives and clients.
  • Excel — sortable, filterable workbooks for MSPs tracking multiple devices.
  • JSON — full-fidelity machine-readable export for SIEM and automation pipelines.
  • CSV — quick extraction for analysts.
Download Free Edition
3-Phase Remediation Roadmap
This Week
Critical fixes — exposed credentials, KEV-listed CVEs, missing AV.
This Month
High-impact hardening — CE control gaps, encryption, configuration drift.
This Quarter
Strategic improvements — policy, training, long-term posture.

See your device's real security posture in minutes.

Free Edition runs the full scan and shows you the first 20 findings per module — no card, no cloud account, no time limit.