Always-on monitoring for agencies and freelancers
with panache.
Set it up once and never think about it again. Panache watches security, dependencies, and config across every client site. The moment something's off, you'll know.
We got you covered
A security header vanishes after a deploy. A dependency picks up a critical CVE. An SSL cert expires quietly. Without monitoring, your client finds out before you do. Or worse, their client does.
Checking security and deps across 10 client sites takes hours. Across 30? Forget it. You need something that watches everything, all the time, so you don't have to.
Ship often, refactor boldly, upgrade without second-guessing. When every deploy gets checked automatically, you stop slowing down out of fear and start shipping with panache.
At a glance
Every site gets a health score from A to F, updated on every check. Security, performance, deps, config: all weighted into one number you can read instantly. Score drops? You'll know. No audits needed. Panache already ran one.
30 sites, 30 scores, zero surprises.
Your sidekick
On every Pull Request, Panache diffs the branch against production. New vulnerabilities, security regressions, config drift. The report drops right into your GitHub or GitLab review. Issues get caught before merge, not after the client calls.
No other monitoring tool does this.
SEO, handled
Panache continuously checks the stuff traditional SEO tools audit once: robots.txt, sitemap, metadata, canonical, favicon, staging indexation. Hook up Google Search Console and cross-reference technical checks with real Google data: indexed pages, crawl errors, field Core Web Vitals.
Your checks + Google's data = the full picture.
How it works
Just drop in a URL
Paste a client site URL. Panache kicks off security, SSL, and uptime checks right away. Nothing to install, nothing to configure.
Wire up your CI
Add a CI step to report deps, config, and bundle size. Panache catches vulnerabilities and regressions on every push.
Our JS plugin never sleeps
@panache/next-health exposes a secure manifest Panache polls continuously. Memory, CPU, connected services: full visibility into every client site.
Full coverage
Every check runs continuously and rolls up into one quality score. Stop checking manually. Panache has it covered.
Continuous HTTP monitoring. Response times, status codes, instant alerts.
Validates the TLS chain, expiry, and protocol. Alerts well before anything expires.
Checks robots.txt, sitemap, metadata, Open Graph, canonical, favicon, and staging indexation.
Lighthouse-powered Core Web Vitals on every run. JS bundle size tracked per build. If things slow down, you know before your users do.
Validates CSP, HSTS, X-Frame-Options, permissions policy, and more.
Catches files that shouldn't be public: .env, .git, source maps.
Tracks domain expiry, DNS propagation, DNSSEC, and critical records. You'll know before something goes dark.
Crawls every page, checks every link. Internal, external, images, anchors. Nothing slips through.
Scans deps on every build. Flags critical and high-severity CVEs.
Audits security and performance settings: poweredByHeader, reactStrictMode, image optimization.
Weighted A–F score across categories. 30-day history and trend.
Monitor what's unique to your stack: connected services, queues, API quotas. One endpoint, your rules.
Extensible
Panache covers the basics. But every project has its own stuff. Write custom health checks for whatever matters to you: third-party service status, data consistency, API quotas, queue depth.
One endpoint, your rules. Panache polls it and rolls every indicator into the quality score automatically.
export async function GET() {
const pg = await db.query('SELECT 1')
const redis = await cache.ping()
const queue = await jobs.pending()
return Response.json({
postgresql: pg ? 'up' : 'down',
redis: redis ? 'up' : 'down',
queue: queue < 1000
? 'healthy'
: 'backpressure',
})
}Alerts
Score drop, expiring cert, critical CVE. Panache pings you instantly on the channel you pick. No noise. Just the status changes that actually matter.
Per-site digest or immediate alert based on severity.
Drops into your team channel with context and a direct link.
Health report right in your PRs, where you're already working.
Hit any HTTP endpoint for custom automations and internal tooling.
Cherry on top
Every site gets a quality certificate, generated automatically. Overall score, category breakdown, and full check history, all in one page.
Share it as a link or export as PDF. The easiest way to make your clients value the work behind the scenes.
Compliance
Panache crawls every URL in the sitemap and renders a PDF for each page. Cookie banners stripped, sticky headers expanded, lazy content loaded. Every page captured exactly as users see it.
Security
Panache runs on Google Cloud in France, SOC 2 and ISO 27001 certified. Your data and your clients' data never leave the EU.
Enterprise-grade
30 sites, 5 teams, clients who ask questions? Panache scales with you without giving up control.
One-click sign-in. No passwords, no extra credentials.
Owner, Admin, Member, Viewer. Everyone sees exactly what they need. Nothing more.
Split by client, team, or environment. Each member only sees what's relevant to them.
Who did what, when. Full traceability for compliance.
Plug Panache into your internal tools. Automate whatever you want.
Google Cloud, SOC 2 Type II, ISO 27001. The kind of foundation enterprise clients expect.