Enterprise-grade security at a fraction of the cost. Zero complexity
Enterprise-grade security at a fraction of the cost. Zero complexity
PCRiskPro instantly scans your Windows systems for hidden security gaps, vulnerable apps, and exposed data—giving your business premium protection. The Data Discovery module scans every PDF, Word, Excel, image files, OneDrive, SharePoint, and network share on your estate for personal and financial data exposure.
Free Edition runs forever on your own device. No card, no time-bomb trial.
Free Edition runs forever on your own device. No card, no time-bomb trial.
Code-signed installer · 100% on-device processing · No telemetry on scan content · UK-tuned detection patterns
Code-signed installer · 100% on-device processing · No telemetry on scan content · UK-tuned detection patterns
Code-signed installer · 100% on-device processing · No telemetry on scan content · UK-tuned detection patterns
Four reasons people switch to PCRiskPro
Why security and compliance managers choose our scope-centric scanner.
Most discovery tools charge thousands per year for organisation-wide cloud scanning whether your estate has five devices or five hundred. PCRiskPro's tiers map to what you can scan — local, personal cloud, business cloud, multi-tenant — so a sole trader isn't subsidising an enterprise.
Scope-aware pricing
Legacy Office support
Pre-2007 .doc, .xls, and .ppt files are common in SME audit archives and payroll workbooks. We read them all — modern Office, legacy Office, Outlook .msg, scanned PDFs, images (PNG, JPG, TIFF) the lot.
Transparent scan coverage
Every scan ends with a Files Scanned breakdown: how many had findings, how many were clean, how many were skipped and why. No silent drops, no second-guessing.
100% on-device
No SaaS account. No cloud upload. No third-party data processor agreement to sign. Scanning, OCR, scoring, and report generation all run on the device.
Four reasons people switch to PCRiskPro
Why security and compliance managers choose our scope-centric scanner.
Most discovery tools charge thousands per year for organisation-wide cloud scanning whether your estate has five devices or five hundred. PCRiskPro's tiers map to what you can scan — local, personal cloud, business cloud, multi-tenant — so a sole trader isn't subsidising an enterprise.
Scope-aware pricing
Legacy Office support
Pre-2007 .doc, .xls, and .ppt files are common in SME audit archives and payroll workbooks. We read them all — modern Office, legacy Office, Outlook .msg, scanned PDFs, images (PNG, JPG, TIFF) the lot.
Transparent scan coverage
Every scan ends with a Files Scanned breakdown: how many had findings, how many were clean, how many were skipped and why. No silent drops, no second-guessing.
100% on-device
No SaaS account. No cloud upload. No third-party data processor agreement to sign. Scanning, OCR, scoring, and report generation all run on the device.
Four reasons people switch to PCRiskPro
Why security and compliance managers choose our scope-centric scanner.
Most discovery tools charge thousands per year for organisation-wide cloud scanning whether your estate has five devices or five hundred. PCRiskPro's tiers map to what you can scan — local, personal cloud, business cloud, multi-tenant — so a sole trader isn't subsidising an enterprise.
Scope-aware pricing
Legacy Office support
Pre-2007 .doc, .xls, and .ppt files are common in SME audit archives and payroll workbooks. We read them all — modern Office, legacy Office, Outlook .msg, scanned PDFs, images (PNG, JPG, TIFF) the lot.
Transparent scan coverage
Every scan ends with a Files Scanned breakdown: how many had findings, how many were clean, how many were skipped and why. No silent drops, no second-guessing.
100% on-device
No SaaS account. No cloud upload. No third-party data processor agreement to sign. Scanning, OCR, scoring, and report generation all run on the device.
🔴 Critical
Data Discovery
Document:
Location:
What we found
17 UK National Insurance numbers
9 sort codes + account numbers
3 dates of birth
Why this matters
Personal financial data outside the
encrypted finance share. ICO-reportable
if this device is lost. Covered by
GDPR Article 30.
How to remediate
1. Move file into Finance/Encrypted/
2. Restrict permissions to Finance team
3. Mark as Fixed in PCRiskPro
+5 points
Every finding answers
What · Why · How
Other tools hand you a CSV of regex matches and wish you luck. PCRiskPro explains the risk in plain English, names the responsible role, estimates the effort to fix it, and tracks the change over time so you know whether you're improving.
Every detection in the Data Discovery, Cyber Essentials, and System Security modules has a What / Why / How card. Every CVE in Application Security has a Direct vs Dependency confidence band and a CISA KEV ransomware flag. Findings you've remediated stay marked across re-scans.
Every finding answers
What · Why · How
Other tools hand you a CSV of regex matches and wish you luck. PCRiskPro explains the risk in plain English, names the responsible role, estimates the effort to fix it, and tracks the change over time so you know whether you're improving.
Every detection in the Data Discovery, Cyber Essentials, and System Security modules has a What / Why / How card. Every CVE in Application Security has a Direct vs Dependency confidence band and a CISA KEV ransomware flag. Findings you've remediated stay marked across re-scans.
🔴 Critical
Data Discovery
Document:
Location:
What we found
17 UK National Insurance numbers
9 sort codes + account numbers
3 dates of birth
Why this matters
Personal financial data outside the
encrypted finance share. ICO-reportable
if this device is lost. Covered by
GDPR Article 30.
How to remediate
1. Move file into Finance/Encrypted/
2. Restrict permissions to Finance team
3. Mark as Fixed in PCRiskPro
+5 points
Every finding answers
What · Why · How
Other tools hand you a CSV of regex matches and wish you luck. PCRiskPro explains the risk in plain English, names the responsible role, estimates the effort to fix it, and tracks the change over time so you know whether you're improving.
Every detection in the Data Discovery, Cyber Essentials, and System Security modules has a What / Why / How card. Every CVE in Application Security has a Direct vs Dependency confidence band and a CISA KEV ransomware flag. Findings you've remediated stay marked across re-scans.
Every finding answers
What · Why · How
Other tools hand you a CSV of regex matches and wish you luck. PCRiskPro explains the risk in plain English, names the responsible role, estimates the effort to fix it, and tracks the change over time so you know whether you're improving.
Every detection in the Data Discovery, Cyber Essentials, and System Security modules has a What / Why / How card. Every CVE in Application Security has a Direct vs Dependency confidence band and a CISA KEV ransomware flag. Findings you've remediated stay marked across re-scans.
Built for the audits you actually face
Calibrated specifically for UK regulatory baselines and certification pathways.
DPA 2018
UK GDPR / DPA 2018
Article 30 register cues, ICO breach scoping, and Subject Access Request workflows. UK-tuned identifier patterns (NHS, NI, sort codes, UK postcodes) with US locale disabled by default.
IASME
Cyber Essentials & CE Plus
Five control themes assessed against the current 2026 CE technical requirements. Export the Cyber Essentials HTML report and hand it straight to your assessor for pre-audit evidence.
PCI-DSS
PCI-DSS scope identification
Find cardholder data (PAN, Track, IIN) sitting outside the cardholder data environment. Critical for SAQ-D and Level 4 merchant pre-assessment.
Built for the audits you actually face
Calibrated specifically for UK regulatory baselines and certification pathways.
DPA 2018
UK GDPR / DPA 2018
Article 30 register cues, ICO breach scoping, and Subject Access Request workflows. UK-tuned identifier patterns (NHS, NI, sort codes, UK postcodes) with US locale disabled by default.
IASME
Cyber Essentials & CE Plus
Five control themes assessed against the current 2026 CE technical requirements. Export the Cyber Essentials HTML report and hand it straight to your assessor for pre-audit evidence.
PCI-DSS
PCI-DSS scope identification
Find cardholder data (PAN, Track, IIN) sitting outside the cardholder data environment. Critical for SAQ-D and Level 4 merchant pre-assessment.
Built for the audits you actually face
Calibrated specifically for UK regulatory baselines and certification pathways.
DPA 2018
UK GDPR / DPA 2018
Article 30 register cues, ICO breach scoping, and Subject Access Request workflows. UK-tuned identifier patterns (NHS, NI, sort codes, UK postcodes) with US locale disabled by default.
IASME
Cyber Essentials & CE Plus
Five control themes assessed against the current 2026 CE technical requirements. Export the Cyber Essentials HTML report and hand it straight to your assessor for pre-audit evidence.
PCI-DSS
PCI-DSS scope identification
Find cardholder data (PAN, Track, IIN) sitting outside the cardholder data environment. Critical for SAQ-D and Level 4 merchant pre-assessment.
UK Tuned
Built for the regulatory environment we live in. Pattern detection, address formats, compliance positioning — every default is calibrated for UK SMEs.
Find your blind spots in under 5 minutes
Download the Free Edition. Scan one folder. See exactly what's hiding in plain sight. Upgrade if and only if you need to.
Download for Windows
See full pricing
Windows 10, 11, Server 2025 · ~170 MB · No card required
Find your blind spots in under 5 minutes
Download the Free Edition. Scan one folder. See exactly what's hiding in plain sight. Upgrade if and only if you need to.
Download for Windows
See full pricing
Windows 10, 11, Server 2025 · ~170 MB · No card required
Find your blind spots in under 5 minutes
Download the Free Edition. Scan one folder. See exactly what's hiding in plain sight. Upgrade if and only if you need to.
Download for Windows
See full pricing
Windows 10, 11, Server 2025 · ~170 MB · No card required
What PCRiskPro tells you
A single automated scan answers four critical security questions for your organisation.
🔍
Where is your sensitive data?
Every PDF, Word, Excel, image, and email on your endpoints, OneDrive, SharePoint, and network shares — with file paths, severity, and verification level.
🛡️
Are your apps patched?
Identifies installed software with known CVEs, scored for confidence so you don't drown in bundled-dependency false positives.
📋
Would you pass Cyber Essentials today?
Five control themes — firewalls, secure configuration, user access, malware protection, security updates — assessed in under two minutes.
🔐
Is the Windows estate hardened?
Antivirus, encryption, secure boot, TPM, RDP, SMBv1, screen lock, AutoPlay — eleven advanced hardening checks per device.
🔍
Where is your sensitive data?
Every PDF, Word, Excel, image, and email on your endpoints, OneDrive, SharePoint, and network shares — with file paths, severity, and verification level.
🛡️
Are your apps patched?
Identifies installed software with known CVEs, scored for confidence so you don't drown in bundled-dependency false positives.
📋
Would you pass Cyber Essentials today?
Five control themes — firewalls, secure configuration, user access, malware protection, security updates — assessed in under two minutes.
🔐
Is the Windows estate hardened?
Antivirus, encryption, secure boot, TPM, RDP, SMBv1, screen lock, AutoPlay — eleven advanced hardening checks per device.
What PCRiskPro tells you
A single automated scan answers four critical security questions for your organisation.
🔍
Where is your sensitive data?
Every PDF, Word, Excel, image, and email on your endpoints, OneDrive, SharePoint, and network shares — with file paths, severity, and verification level.
🛡️
Are your apps patched?
Identifies installed software with known CVEs, scored for confidence so you don't drown in bundled-dependency false positives.
📋
Would you pass Cyber Essentials today?
Five control themes — firewalls, secure configuration, user access, malware protection, security updates — assessed in under two minutes.
🔐
Is the Windows estate hardened?
Antivirus, encryption, secure boot, TPM, RDP, SMBv1, screen lock, AutoPlay — eleven advanced hardening checks per device.