For your company or subcontractors
We scan the Internet (and the Dark Web) in a net-neutral manner. That means we scan every exposed assets and your View won't be limited to yours. We even scan the one you are not aware of...
Discover your/any exposed assets
Domain name based approach
We believe identifying assets based solely on IP addresses is an obsolete approach. We want every asset to be bound to a domain name. Better, it can be leveraged to pivot on an organization and find more associated domain names...and exposed assets.
Key/value pairs to build your inventory
Our solution works like a SIEM: you query data by using key/value pairs. Create your asset inventory is as simple as creating your own list of key/values.
Why not start with a 'domain:company.com' filter bound to your own IP address?
Monitor what is exposed in real time
We have data about every connected thing and we have the capability to perform an asset inventory. What is your next step? Build this inventory, and leverage our query language from the Alert API to receive information as soon as one of your exposed asset is at risk.
What is Attack Surface Discovery?
Attack Surface Discoverycustomers that trust us
Avoid risks
Cut ransomware risks up-front
Find intrusion vectors before bad guys
Main initial access vectors are pretty much always the same: exposed RDP/VNC services, exposed VPN servers and...critical vulnerabilities on exposed assets. But more about that later... We perform protocol identification in a port number-agnostic approach and we also perform device classification. You want to list all your exposed RDP, VNC or VPNs? We have that information.
Identify most critical vulnerabilities
We have the same capabilities as attackers: identifying Internet exposed initial access vectors. Our vulnscan category of information has data about assets with critical vulnerabilities exploited to deploy ransomwares. This list is based on CISA Known Exploited Vulnerabilities
Don't waste millions to recover
By using our solution, you will be able to create your asset inventory, find unknown assets belonging to your organization (or subcontractors), identify the risks they are exposed to and be alerted on critical vulnerabilities waiting to be exploited by cybercriminals...By being proactive, thanks to our solution -because we are scanning you in a continuous manner- you won't waste millions to recover.
What is Attack Surface Management?
Attack Surface ManagementReal Numbers
Big Data, Fast
0.1 second
API response time
1.8+ billion
banners collected monthly
3.0+ billion
DNS entries monthly
400+
ports scanned bi-monthly
Back to the future
Time-travel
24
24-month historical data
Along with our "classic" Internet (and Dark Web) scanning activities, we perform massive DNS resolutions. You can compare our solution with passive DNS data sources. Billions of DNS queries are made each month. We store 24 months of such historical data. Perfect to perform DNS enumeration starting by a single domain name.
7
Find assets as they were
We keep historical data for all our scans and data collection tasks. Within datascan category, you can go back to any time within the past 7 months. When a new threat comes up, you are able to dig in the past and perform Cyber Threat Intelligence investigations. Both in the clear & the Dark Web.
6
Ideal for forensic analysis
We read here and there that the average time to discover an intrusion is 6 months. What if you were able to see your compromised assets as they were in the past? Or maybe you want to have information on attackers IP addresses seen months ago? You will be able to do that and much more...
Faq
Frequently asked questions.
Yes, that's our main customer use case. It is a REST API and we render JSON content.
