A score built for prioritization, not vanity.
Aideworks turns infrastructure evidence into one domain-level risk score so teams can sort what matters, explain why, and act faster.
0–25
Critical risk
Infrastructure is actively exposed or materially degraded. This domain needs immediate attention.
26–50
High risk
Major issues are present and likely to affect trust, resilience, or operational stability.
51–75
Medium risk
The domain remains functional, but meaningful weaknesses are accumulating and need scheduled remediation.
76–100
Healthy
No major issues are currently present. The domain is stable, trusted, and operationally sound.
Scoring inputs
One score, grounded in real infrastructure signals.
The score is not abstract. It is a weighted rollup of feature-level evidence from the systems that actually determine domain trust and resilience.
30% weight
DNS health
Record changes, provider drift, takeover exposure, and propagation problems feed the DNS side of the score.
A domain can stay reachable while its dependency posture quietly degrades. DNS scoring catches that drift.
30% weight
SSL health
Expiry windows, trust issues, chain problems, CA mismatches, and weak TLS posture affect the SSL score.
That turns certificate posture into a measurable trust signal instead of a simple pass/fail alert.
20% weight
Email security
SPF, DKIM, DMARC, MTA-STS, TLS-RPT, and mail routing evidence determine how exposed the domain is to spoofing and delivery problems.
Mail trust becomes visible long before users notice spam-folder placement or impersonation risk.
10% weight
Hosting security
Security headers, exposed ports, CVE matches, and infrastructure intelligence show how much attack surface the live web stack presents.
That keeps visible application-layer exposure in the score instead of hiding it behind otherwise healthy DNS or SSL posture.
10% weight
Uptime & availability
HTTP, API, TCP, and reachability checks show whether the services behind the domain are stable, degraded, or down.
Operational availability matters because downtime changes customer trust and the real urgency of other findings.
Example scored domain
client-domain.example
50 / 100
Risk state
High risk
Aideworks starts with the weighted average across active pillars. If any single pillar is 25 or lower, the critical cap limits the final Domain Risk Score to 50.
Weighted average
74.1 / 100
DNS and SSL are strong, and uptime is perfect, but the combined pre-cap average still reflects each pillar's configured weight.
Critical cap rule
Final score: 50
Email security dropped to 18. Because one pillar is 25 or below, the domain is capped at high risk even if the other pillars look healthy.
Operational workflow
How teams use the score in practice.
The goal is not just scoring. The goal is faster decisions across a domain portfolio, with a model that stays explainable under pressure.
Weighting model
Five pillars, clearly weighted.
DNS and SSL each contribute 30%, email contributes 20%, and hosting plus uptime each contribute 10%. If a pillar is unmonitored, Aideworks redistributes only across the active pillars.
Guardrail
A single critical pillar cannot be averaged away.
If any pillar scores 25 or below, the Domain Risk Score is capped at 50. That keeps catastrophic exposure visible at the domain level instead of hiding it inside a blended average.
01
Collect domain evidence
Aideworks gathers live infrastructure observations and normalizes them into structured findings.
02
Turn findings into priority
Feature scores show where the domain is weakening, and the weighted domain score surfaces overall urgency without losing the impact of a critical pillar.
03
Route the right action
Teams can sort, report, escalate, and remediate based on one explainable risk signal instead of scattered alerts.
Use scoring to decide what matters next.
Start with a domain score, then drill into feature-level evidence and graph context when risk rises.