Your Website Security Audit

JOUO provides you with insights into the security of your website and whether it meets general legal requirements. We use publicly accessible data for our analyses. We not only provide you with this data in a clearly structured format, we also explain it to you. You also receive specific recommendations for action if weaknesses are found.
With JOUO you can monitor and improve the compliance of your website - without any IT knowledge.

Man looks at website through magnifying glass

Your individual audit

JOUO analyses the security and compliance of your website with legal requirements

Monitor your security

JOUO informs you on your security vulnerabilities and how you can fix them.

JOUO gives you insights into the information about your server providers. This includes, among others:

open Lock

Found security vulnerabilities

open door

Open ports

not with knots

IP addresses and providers

location

Server locations

mail

Mail server configuration

example recommendation

For each vulnerability found by JOUO, we explain why it can be problematic and what you can do specifically to improve your security.

Track your remediation progress in the vulnerability history overview...

Chart

Check legal requirements

With JOUO you can find out whether your website fulfils the general legal requirements according to data protection laws.

The legal requirements include, for example:

paragraph

Mandatory URLs

imprint, terms and conditions and data protection sites

page

Valid SSL certificate

encrypted connection between browser and web server

appendix

Externally integrated resources

fonts, plugins or data from other websites

Now new: The JOUO TOMs!

for data protection laws

According to the GDPR, for example, a company is obliged to document its technical and organisational measures (TOMs) to protect personal data.

With JOUO, you can easily create TOMs, automatically add all vulnerabilities and export a joint PDF.

Gear wheel with lock
Balloon with confetti
Confetti bag

In addition:

Infrastructure Documentation

as PDF for export

You can automatically export the data that JOUO has collected from your website in form of a PDF report for each of your TOMs. This allows you to document your website infrastructure at any time, for both internal and external purposes (e.g. requests in connection with data protection laws).

Page with globe

Also new:

The Shadow Mode

Your digital camouflage shield when things get serious.

Have you found vulnerabilities with JOUO? Then take a deep breath - and go into shadow mode. Before the vulnerability becomes a threat, we encapsulate your affected systems. Inconspicuously and without interrupting operations - and with maximum protection.

character with umbrella
Reading character

We explain everything you need to know

JOUO is self-explanatory and can be used without IT knowledge

Whether general terms or individual matters - we explain it to you. In JOUO, we not only provide you with general explanations in short info texts, but also explain the found weaknesses and give you specific recommendations for action.

Why JOUO is also a compliance tool

JOUO not only checks whether your website meets legal requirements, but can also be used to document your vulnerabilities. After all, security is an important building block for compliance. With our features such as the data history, the Infrastructure Documentation or the JOUO TOMs, JOUO offers great support for your company's compliance.

JOUO is self-explanatory and can be used without IT knowledge

page

Want to see what hackers see?

Since JOUO uses publicly available data, you will see the same vulnerabilities that a hacker would see in preparation for an attack. 

Frequently found vulnerabilities
are for example...

Cross-Site Scripting (XSS)

A vulnerability that allows attackers to inject malicious code into websites, which is then executed in the browsers of unsuspecting users.

Unsafe Direct Object References

A vulnerability in which internal implementation objects such as files or database entries are directly accessible via URLs or parameters without sufficient access control.

Lack of Encryption

If websites do not use HTTPS encryption or use outdated encryption protocols, data can be intercepted during transmission.

Outdated Software

Use of outdated versions of content management systems, plugins or other software components that have known security vulnerabilities.

This can cause the following damage to your company...

Session Takeover and Phishing

Attackers can hijack user sessions, steal sensitive information or redirect the user to fake websites to carry out further attacks.

Unauthorised Data Access

Unauthorised users can access or manipulate sensitive data by simply changing URL parameters or form entries.

Interception of Sensitive Information

Attackers can intercept and misuse sensitive information such as passwords or credit card details if they are transmitted unencrypted.

Exploitation of Known Vulnerabilities

Hackers can use publicly known exploits to penetrate the system, install malware or take control of the website.

JOUO has already scanned...

The scan of a website includes not only the website itself, but also all associated IP addresses and the underlying page content and metadata records. As a result, the figures for page content and metadata records are much higher than for the audit itself. 

globe

13.000

audits

page

7 million

page contents

meta browser

48 million

metadata records

All data secure in Germany

JOUO was developed in Germany through and through. But that's not all: JOUO stores all data exclusively on German servers, which are certified in accordance with DIN EN ISO/IEC 27001:2017. The operation is carried out by employees of [j]karef GmbH exclusively in Germany.

This means that your data is subject to German data protection law, there is no access by foreign intelligence services and there is physical control over the server locations. The ISO 27001 certificate of the servers is also the highest international standard for information security.

What can JOUO do that others can't?

No IT knowledge required - we explain everything

Not only do we have high-quality analysis results, we also make them understandable for everyone. JOUO is very versatile and suitable for all people. 

Data history of your vulnerabilites

The special thing about JOUO is that it not only displays and saves the current status, but also saves all history data. You have a clear overview in the vulnerability history. If you need more detailed historic data, just contact us!

Generate TOMs like no other

Our offer is unique because we can automatically generate a list of your service providers (e.g. web hosting providers) using the JOUO Audit, so you can ensure that your TOMs are complete. You can also duplicate TOMs so that you don't always have to re-enter everything. With our TOMs you can save days of work!

Ongoing further development

JOUO has already come a long way and more is to come. Our development team is constantly working on enhancements that will offer you even better support.

Who is behind JOUO?

JOUO is developed by the software developers at [j]karef

JOUO is made by our team at [j]karef - a family-run software development company. For more than 20 years, we have specialised in individual software solutions with a focus on projects involving the processing and analysis of very large amounts of data and data sources. We have put a lot of work and dedication into JOUO and are constantly striving to improve it.

Our contact persons

The JOUO team

You can reach us at any time via our contact form:

Bettina Mindt

Contact person for Switzerland

Christian Zander

from

FAQ

What will be scanned for an audit of ‘a website’?

When we talk about "a website", we don't mean a single page (e.g. not just "jouo.de/imprint") but all pages and content that are linked to the domain (in our example: everything that belongs to "jouo.de"). What exactly this is depends on the structure of your website. The JOUO audit shows you everything that belongs to your website.

Which of my data can a hacker see?

A hacker can recognise technical details, server information and potential security vulnerabilities from public data on your website. This enables them to exploit vulnerabilities. The information collected serves as the basis for customised cyberattacks that can lead to data loss, financial damage or reputational damage.

What is the difference between a website and a web page?

A web page is a single page on the Internet, while a website is the entire Internet presence. A website consists of several web pages, just as a book consists of several pages. The website is the complete work, the web page a single page of it.