Discover your/any exposed assets

For your company or subcontractors ICON

For your company or subcontractors

We scan the Internet (and the Dark Web) in a net-neutral manner. That means we scan every exposed assets and your View won't be limited to yours. We even scan the one you are not aware of...
Domain name based approach ICON

Domain name based approach

We believe identifying assets based solely on IP addresses is an obsolete approach. We want every asset to be bound to a domain name. Better, it can be leveraged to pivot on an organization and find more associated domain names...and exposed assets.
Monitor what is exposed in real time ICON

Monitor what is exposed in real time

We have data about every connected thing and we have the capability to perform an asset inventory. What is your next step? Build this inventory, and leverage our query language from the Alert API to receive information as soon as one of your exposed asset is at risk.

What is Attack Surface Discovery?

Attack Surface Discovery
customers that trust us
La Poste GroupeOfficial - Brand LogoBreizh Cyber, Le Centre de Réponse aux Incidents CyberCrédit Mutuel ARKEA Official - Brand LogoEDF Official - Brand LogoFrance Cyber Maritime Official - Brand LogoSekoia Official - Brand Logo
Avoid risks

Cut ransomware risks up-front

Find intrusion vectors before bad guys ICON

Find intrusion vectors before bad guys

Main initial access vectors are pretty much always the same: exposed RDP/VNC services, exposed VPN servers and...critical vulnerabilities on exposed assets. But more about that later... We perform protocol identification in a port number-agnostic approach and we also perform device classification. You want to list all your exposed RDP, VNC or VPNs? We have that information.
Identify most critical vulnerabilities ICON

Identify most critical vulnerabilities

We have the same capabilities as attackers: identifying Internet exposed initial access vectors. Our vulnscan category of information has data about assets with critical vulnerabilities exploited to deploy ransomwares. This list is based on CISA Known Exploited Vulnerabilities
Don't waste millions to recover ICON

Don't waste millions to recover

By using our solution, you will be able to create your asset inventory, find unknown assets belonging to your organization (or subcontractors), identify the risks they are exposed to and be alerted on critical vulnerabilities waiting to be exploited by cybercriminals...By being proactive, thanks to our solution -because we are scanning you in a continuous manner- you won't waste millions to recover.

What is Attack Surface Management?

Attack Surface Management
Real Numbers

Big Data, Fast

API response time ICON
0.1 second
API response time
banners collected monthly ICON
1.8+ billion
banners collected monthly
DNS entries monthly ICON
3.0+ billion
DNS entries monthly
ports scanned monthly ICON
400+
ports scanned bi-monthly
Back to the future

Time-travel

24
24-month historical data
Along with our "classic" Internet (and Dark Web) scanning activities, we perform massive DNS resolutions. You can compare our solution with passive DNS data sources. Billions of DNS queries are made each month. We store 24 months of such historical data. Perfect to perform DNS enumeration starting by a single domain name.
7
Find assets as they were
We keep historical data for all our scans and data collection tasks. Within datascan category, you can go back to any time within the past 7 months. When a new threat comes up, you are able to dig in the past and perform Cyber Threat Intelligence investigations. Both in the clear & the Dark Web.
6
Ideal for forensic analysis
We read here and there that the average time to discover an intrusion is 6 months. What if you were able to see your compromised assets as they were in the past? Or maybe you want to have information on attackers IP addresses seen months ago? You will be able to do that and much more...
Onyphe Background Image Icon
Faq

Frequently asked questions.

Yes, that's our main customer use case. It is a REST API and we render JSON content.

Onyphe Official - Brand Logo
ONYPHE provides solutions dedicated to Attack Surface Discovery (ASD), Attack Surface Management (ASM) and Cyber Threat Intelligence (CTI). Scanning at Internet-scale IPs and URLs since 2017.