Four modules. One assessment.
Everything explained in plain English.

PCRiskPro is built around four security domains. Each one runs in its own tab, produces its own findings, and feeds into a single Dashboard score. The HTML report bundles all four into one document you can hand to a client.

Four modules. One assessment.
Everything explained in plain English.

PCRiskPro is built around four security domains. Each one runs in its own tab, produces its own findings, and feeds into a single Dashboard score. The HTML report bundles all four into one document you can hand to a client.

🔍

Data Discovery

Find personal and financial data on Windows endpoints, business cloud, and network shares.

Every UK SME and MSP holds personal data on workstations, OneDrive, SharePoint, and shared drives. Most don't know where. PCRiskPro scans every PDF, Word document, Excel workbook, PowerPoint deck, scanned image, and Outlook .msg file — modern Office and pre-2007 legacy Office — for the data types regulators care about.

Every UK SME and MSP holds personal data on workstations, OneDrive, SharePoint, and shared drives. Most don’t know where. PCRiskPro scans every PDF, Word document, Excel workbook, PowerPoint deck, scanned image, and Outlook .msg file — modern Office and pre-2007 legacy Office — for the data types regulators care about.

Every match is scored for confidence, classified by severity (Critical / High / Medium / Low), and presented with verification guidance so reviewers can prioritise correctly.

24 patterns

Legacy Office

Custom term search

OCR

UK-tuned

GDPR / PCI-DSS / DPA Quick-Check

What it detects

UK NHS numbers, NI numbers, postcodes, sort codes, credit card PANs, IBANs, passport numbers, driving licence numbers, plus 16 more patterns. Custom term search alongside pattern detection.

What it reads

Modern Office (.docx / .xlsx / .pptx), legacy Office (.doc / .xls / .ppt), Outlook .msg, PDF (native + OCR), images (PNG / JPG / TIFF), text, code, and config files.

Where it scans

Local folders, personal OneDrive, SharePoint, OneDrive for Business, Microsoft Teams, network shares — scope mapped to your licence tier.

How it scales

Adaptive scan strategy switches between full-content, smart-sampling, header-footer, and metadata scans based on file size. No more 230-second hangs on a 6 MB PDF.

Scan transparency

Every scan reports Files Scanned: 143 of 247 — 22 with PII, 121 clean, 104 skipped with per-category breakdowns. No silent drops.

Privacy

100% on-device. No file content leaves your machine. No SaaS account. Operational logs record file counts and categories — never contents.

🛡

Application Security

Find known vulnerabilities in installed software with confidence-scored CVE matching.

PCRiskPro enumerates installed Windows applications from the registry, looks each one up against the NIST National Vulnerability Database, OSV.dev, and the CISA Known Exploited Vulnerabilities catalog, and presents the results — but with one critical difference from typical scanners: every match is classified as direct, bundled dependency, or possible match, with high / medium / low confidence.

The result is fewer false positives. WinSCP 6.3.5 doesn't get flagged Critical because the OpenSSH library it bundles has CVEs. Git 2.x doesn't inherit CVEs from Mercurial 5.x because the CVE database had a CPE contamination bug.

The result is fewer false positives. WinSCP 6.3.5 doesn’t get flagged Critical because the OpenSSH library it bundles has CVEs. Git 2.x doesn’t inherit CVEs from Mercurial 5.x because the CVE database had a CPE contamination bug.

Direct vs dependency

CISA KEV ransomware flag

EPSS exploit probability

7-day database freshness gate

Offline-capable after first scan

Confidence-aware matching

Word-boundary CPE matching, known-bundled-library detection, consensus-bound outlier filtering. Tooltip discloses both raw and direct match counts for audit.

CISA KEV integration

Vulnerabilities in the CISA Known Exploited Vulnerabilities catalog are surfaced as priorities — including ransomware-association flags from the official KEV metadata.

EPSS scoring

Exploit Prediction Scoring System probabilities for direct high-confidence matches so you can prioritise patches by likelihood of being attacked.

Database freshness

The bundled CVE database is rebuilt at each release; builds with databases older than 7 days are blocked. You always ship with current data.

📋

Cyber Essentials

Would you pass a Cyber Essentials audit today?

Five control themes assessed against the UK Government's current Cyber Essentials technical requirements: firewalls, secure configuration, user access control, malware protection, and security update management. A sixth (data encryption) is included as an extension. Each control returns Pass, Fail, Warning, or Not Applicable with plain-English remediation guidance.

Five control themes assessed against the UK Government’s current Cyber Essentials technical requirements: firewalls, secure configuration, user access control, malware protection, and security update management. A sixth (data encryption) is included as an extension. Each control returns Pass, Fail, Warning, or Not Applicable with plain-English remediation guidance.

5 official themes + 1 extension

Pass / Fail / Warning per control

Plain English remediation

Print-ready HTML report

🛡️

Firewalls

Windows Defender Firewall enabled across domain, private, and public profiles.

⚙️

Secure Configuration

Removal of unnecessary admin rights, default-credential checks, and active service analysis.

👤

User Access Control

Password complexity policy, lock-out thresholds, inactive accounts, and MFA presence cues.

🦠

Malware Protection

Antivirus installed, signatures current, real-time protection active, and endpoint protection verification.

🔄

Security Update Management

OS patches and third-party software updates verified within the mandatory 14-day release window.

🔒

Data Encryption (Extension)

BitLocker or device encryption status checked on active system and data volumes.

🔐

🔐

System Security

System Security

Eleven advanced Windows hardening checks per device.

System Security goes beyond Cyber Essentials' baseline. It assesses Secure Boot status, TPM presence, Credential Guard, SMBv1 (and warns if it's still enabled), UAC level, Controlled Folder Access, RDP exposure, Guest account state, password policy, screen lock timeout, and AutoPlay configuration.

System Security goes beyond Cyber Essentials’ baseline. It assesses Secure Boot status, TPM presence, Credential Guard, SMBv1 (and warns if it’s still enabled), UAC level, Controlled Folder Access, RDP exposure, Guest account state, password policy, screen lock timeout, and AutoPlay configuration.

Secure Boot

TPM 2.0

Credential Guard

SMBv1 check

UAC audit

RDP configuration

11 checks total

Firmware Hardening

Verify Secure Boot active and TPM 2.0 present, which form the hardware roots of trust on your workstations.

Credential Guard

Ensure Windows Credential Guard is active to isolate hashes and prevent LSASS memory dumping exploits.

Legacy Protocol Risk

Checks if SMBv1 or AutoPlay are enabled, blocking entry routes commonly exploited by ransomware and worm payloads.

Ransomware Shield

Inspects Controlled Folder Access settings, verifying that only trusted binaries can write to critical user folders.

Network & RDP

Audits Remote Desktop configurations, guest account activation status, and network share exposure properties.

Access Policies

Enforces local password policies, screen lock idle timeouts, and User Account Control (UAC) slider elevation settings.

Built for the audit packs and client deliverables you actually produce

PCRiskPro doesn't keep findings locked in a proprietary dashboard. Export full fidelity data in standard business formats.

PCRiskPro doesn't keep findings locked in a proprietary dashboard. Export full fidelity data in standard business formats.

📊

Dashboard

At-a-glance Security Overview card mirroring the HTML export, plus four module preview cards with status, score, and top findings.

📄

HTML report

Print-ready, branded, executive-friendly. Every finding includes a What / Why / How card with owner role and estimated score uplift.

📈

Excel report

Sortable, conditional-formatted spreadsheet. Purpose-built for IT leads and MSPs tracking findings across multiple systems.

🔌

JSON / CSV

Full database fidelity exports. Perfect for ingestion into SIEM tools, ticketing software, or custom internal compliance pipelines.

Scan history & deltas

Compare scans over time automatically. Spot newly introduced vulnerabilities, track active items, and prove remediation progress.

Remediation tracking

Mark each finding as Open / In progress / Fixed / Accepted risk / False positive. Custom state persists across repeated system scans.

How PCRiskPro compares

Most compliance and discovery tools are built for dedicated SOC teams at enterprise prices. PCRiskPro is calibrated for UK SMEs.

Feature/Compatibility

Other tools

PCRiskPro

Pricing model

Per-user, per-endpoint, or flat enterprise fees

Scope-aware tiers (local / personal / business cloud / MSP)

File Format support

Modern Office files only

Modern + legacy Office (.doc, .xls, .ppt) + Outlook .msg

Scan transparency

Black-box results (clean vs dirty only)

Complete files-scanned breakdown (scanned, clean, skipped logs)

CVE false positives

Alerts for all packages matching name

Direct vs dependency vs possible-match confidence bands

Data residency

Cloud-based scanning and uploads

100% on-device processing no file content ever uploaded

UK calibration

US-default identity patterns

UK-tuned patterns (NHS, NI, sort codes, postcodes)

Actionable remediation

Technical CVE code dumps and database links

What / Why / How cards with owner roles and score uplifts

From £95/year (Free edition available forever)

Entry price

£5,000+/year typical contract minimums

How PCRiskPro compares

Most compliance and discovery tools are built for dedicated SOC teams at enterprise prices. PCRiskPro is calibrated for UK SMEs.

Feature/Compatibility

Other tools

PCRiskPro

Pricing model

Per-user, per-endpoint, or flat enterprise fees

Scope-aware tiers (local / personal / business cloud / MSP)

File Format support

Modern Office files only

Modern + legacy Office (.doc, .xls, .ppt) + Outlook .msg

Scan transparency

Black-box results (clean vs dirty only)

Complete files-scanned breakdown (scanned, clean, skipped logs)

CVE false positives

Alerts for all packages matching name

Direct vs dependency vs possible-match confidence bands

Data residency

Cloud-based scanning and uploads

100% on-device processing no file content ever uploaded

UK calibration

US-default identity patterns

UK-tuned patterns (NHS, NI, sort codes, postcodes)

Actionable remediation

Technical CVE code dumps and database links

What / Why / How cards with owner roles and score uplifts

From £95/year (Free edition available forever)

Entry price

£5,000+/year typical contract minimums

How PCRiskPro compares

Most compliance and discovery tools are built for dedicated SOC teams at enterprise prices. PCRiskPro is calibrated for UK SMEs.

Feature/Compatibility

Other tools

PCRiskPro

Pricing model

Per-user, per-endpoint, or flat enterprise fees

Scope-aware tiers (local / personal / business cloud / MSP)

File Format support

Modern Office files only

Modern + legacy Office (.doc, .xls, .ppt) + Outlook .msg

Scan transparency

Black-box results (clean vs dirty only)

Complete files-scanned breakdown (scanned, clean, skipped logs)

CVE false positives

Alerts for all packages matching name

Direct vs dependency vs possible-match confidence bands

Data residency

Cloud-based scanning and uploads

100% on-device processing no file content ever uploaded

UK calibration

US-default identity patterns

UK-tuned patterns (NHS, NI, sort codes, postcodes)

Actionable remediation

Technical CVE code dumps and database links

What / Why / How cards with owner roles and score uplifts

From £95/year (Free edition available forever)

Entry price

£5,000+/year typical contract minimums

Find your blind spots in under 5 minutes

Download the Free Edition. Scan one folder. See exactly what's hiding in plain sight. Upgrade if and only if you need to.

Download Free Edition

See full pricing

Find your blind spots in under 5 minutes

Download the Free Edition. Scan one folder. See exactly what's hiding in plain sight. Upgrade if and only if you need to.

Download Free Edition

See full pricing