How to filter websites by security technology adoption in Builtwith

If you need to figure out which sites use (or don't use) certain security tech, you're in the right place. Whether you're a security researcher, sales pro, or just nosy about who's still running outdated stuff, filtering websites by their security stack can save you hours of pointless clicking. This guide cuts through the hype and shows you, step by step, how to use Builtwith to get the answers you need—and avoid the stuff that wastes your time.

Why Bother Filtering by Security Tech in the First Place?

Maybe you're looking for potential clients who haven't adopted two-factor authentication. Maybe you're hunting for weak links in your supply chain. Or maybe you're just trying to see if your own site is using some ancient SSL protocol. Whatever your reason, knowing who runs what is actually pretty useful.

Builtwith catalogs the technology stacks of millions of sites. It’s not perfect (more on that later), but it’s one of the best ways to get a quick read on what’s out there.

Step 1: Get Access to Builtwith (and Know What You’re Getting)

You can poke around Builtwith for free, but the serious filtering tools are paywalled. You’ll need a Pro or higher account to do anything that’s actually useful for security tech research.

  • Free version: Good for single-site lookups and curiosity.
  • Paid plans: Needed for bulk lookups, advanced filters, and exports. Not cheap, but cheaper than hiring someone to manually check a thousand sites.

Pro tip: If you’re just testing the waters, look for a free trial or ask for a demo. Don’t drop money until you know you’ll use it.

Step 2: Understand What Builtwith Can (and Can’t) Detect

Before you dive in, know this: Builtwith doesn’t have magic X-ray vision. It scrapes public web data. If a tech isn’t exposed in HTTP headers, the page source, or obvious DNS records, Builtwith probably won’t see it.

  • Reliable: SSL/TLS versions, WAFs like Cloudflare, some HTTP security headers, visible security scripts.
  • Spotty: Backend firewalls, some CDN protections, custom security solutions, anything not public-facing.
  • Not detected: Internal security tools, VPNs, endpoint protection, or anything that doesn't leave a fingerprint on the public web.

Don’t assume a missing tech means it’s not in use—it just means Builtwith didn’t see it.

Step 3: Start a New Technology Search

Once you’re logged in:

  1. Head to the “Technology Lookup” or “Technology Trends” Section
  2. You want to start with the “Technology Lookup” if you already know what tech you’re after (e.g., “reCAPTCHA,” “Let’s Encrypt,” “Cloudflare”).

  3. “Technology Trends” is better for browsing what’s popular, but it’s not as targeted.

  4. Type in the Security Technology

  5. Enter the name of the security product or protocol. Examples:
    • “SSL by Default”
    • “HTTP/2”
    • “reCAPTCHA”
    • “Cloudflare”
    • “Let’s Encrypt”
    • “Strict-Transport-Security” (for HSTS)

  6. Builtwith will autocomplete as you type. If it doesn’t show your tech, it probably doesn’t track it.

  7. Select the Closest Match

  8. Some tech has multiple versions or naming conventions. Pick the one with the most relevant description.
  9. If you’re unsure, click through to see a sample list of detected sites.

Pro tip: If you’re after a niche security header or protocol, try searching for the header name (e.g., “X-Frame-Options”)—sometimes Builtwith tracks those directly.

Step 4: Filter and Slice the Results

Here’s where you get to the good stuff.

  1. Apply Additional Filters
  2. Use the filter sidebar (on the left) to narrow down by:
    • Traffic rank (e.g., Top 10,000 sites)
    • Country
    • Category (like shopping, finance, SaaS)
    • Vertical (industry)
    • Other tech in use (e.g., only sites using both Cloudflare and reCAPTCHA)

  3. You can stack filters to get hyper-specific.

  4. Exclude Technologies

  5. Want to find sites not using something? Add that tech to the “Exclude” filter.

  6. Example: Only sites using SSL, but not using Cloudflare.

  7. Download or Export Lists

  8. Paid plans let you export results as CSV or Excel files. This is the real value—bulk data you can work with.
  9. Free users can only see a handful of sites at a time.

What to ignore: Don’t get too hung up on “Trends” graphs unless you’re doing broad market research. They’re fun but rarely actionable for filtering.

Step 5: Spot-Check and Validate Your Results

Builtwith’s data is decent, but not gospel. Always sanity-check a few sites before betting the farm.

  • Randomly pick a few domains from your filtered list.
  • Manually visit them, inspect headers, or use tools like SSL Labs to see if what Builtwith reports matches reality.
  • Expect some false positives and negatives, especially for sites that change tech often or use a lot of CDN masking.

Warning: Just because Builtwith says a site has a certain security tech doesn’t mean it’s configured well—or even turned on. Use this as a starting point, not a final answer.

Step 6: Use the Data (Responsibly)

Once you’ve got your filtered list, what next?

  • Sales: Target potential customers lacking basic security (don’t be creepy).
  • Security research: Find vulnerable sites or those lagging on updates.
  • Competitive analysis: See what your peers are actually using, not just what they claim.

But don’t blast spam or run scans on thousands of domains. That’s a good way to get blacklisted or worse.

What Works, What Doesn’t, and What’s Overhyped

  • Works well: Spotting broad adoption patterns (e.g., “Who’s using Let’s Encrypt?”), narrowing lists before deeper manual review.
  • Works okay: Pinpointing specific security headers, finding popular WAFs, or SSL providers.
  • Doesn’t work: Catching hidden, custom, or backend-only security tech. Builtwith isn’t a penetration-testing tool. Don’t expect miracles.
  • Overhyped: “Real-time” data. Builtwith updates regularly, but not instantly. Fast-changing sites may slip through.

Pro Tips for Getting More Out of Builtwith

  • Check the “Related Technologies” tab for ideas on additional filters (sometimes security tech is grouped under odd names).
  • Use the API if you’re tech-savvy and need to automate checks. It’s extra, but powerful for big lists.
  • Pair Builtwith with other tools like Shodan or Censys for deeper security research. Builtwith gives you a shortlist; those other tools help you dig deeper.

Keep It Simple, Iterate, and Don’t Overthink It

Filtering websites by security tech in Builtwith is powerful—but don’t expect perfection. Use it as a springboard for research, not the final word. Start broad, drill down, and always double-check your findings. The best approach? Keep your queries simple, see what you get, and adjust as you go. No need to chase every shiny feature—stick to what actually moves your work forward.