StackSciences provides a SaaS platform to centralize your #devops environment risk analysis, policy compliance and runtime enforcement. On a single view, you can measure your attack surface, view what you expose and prioritize your next actions to make your multi-cloud infrastructure more secure.
Technological advancements and evolving work habits are expanding the modern attack surface. Adversaries are using AI to rapidly scan and breach networks, making it critical for organizations to identify and mitigate vulnerabilities before they can be exploited. The Unisys Attack Surface Discovery solution scans your modern attack surface, analyzes the results, and reports on insights augmented with risk quantification in business context. Your IT resources can focus on what matters most to you
BeforeBreach Intelligence is an External Attack Surface Management (EASM) platform that provides continuous visibility into an organization’s internet-facing assets and security exposures. The platform discovers and monitors domains, subdomains, IP addresses, cloud resources, and exposed services to identify potential entry points attackers can exploit. It detects risks such as exposed admin panels, leaked credentials, misconfigured cloud assets, vulnerable services, and critical CVEs. BeforeB
Digital Yama provides REST APIs for comprehensive website and domain analysis, including tools for reverse IP lookups and subdomain enumeration. The API endpoints are designed for users needing web intelligence and research capabilities. The available APIs are designed to be simple and affordable, with subscription plans starting at $20 per month. Users can sign up for a free account to test the APIs with no restrictions.
Gordon Attack Surface Monitoring continuously discovers and monitors all internet-facing assets associated with an organization, including domains, subdomains, IP addresses, cloud resources, APIs, and third-party integrations, without requiring a pre-configured asset inventory. The platform scans from an external perspective using DNS records, certificate transparency logs, WHOIS data, and passive reconnaissance to identify known and unknown assets, including shadow IT and inherited infrastruct
Cylana is an advanced cybersecurity platform focused on External Attack Surface Management (EASM). With AI-supported solutions, real-time monitoring, and smart remediation, Cylana empowers you to detect vulnerabilities, manage threats, and ensure compliance, all from a single platform.
AttackerView shows you your app the way attackers see it. Type in any URL and get a security assessment in about a minute. No signup, no install, no configuration. Every finding comes with real evidence (the HTTP response, the DNS record, the certificate chain) and a fix guide for your specific provider.
Bspeka Cybersecurity Management Platform is a lightweight cybersecurity management platform that helps teams automatically discover their digital assets, monitor their attack surface, and stay ahead of security risks. It provides continuous visibility into domains, subdomains, cloud resources, exposed services, and misconfigurations—helping you detect issues early and keep your infrastructure secure with minimal effort.
Maphra is an enterprise-grade Attack Surface Management (ASM) platform by DedSec Technologies that continuously discovers, monitors, and analyzes an organization’s external digital footprint. It identifies exposed assets, vulnerabilities, misconfigurations, leaked data, and high-risk attack paths across cloud, on-premise, SaaS, containers, and shadow IT.
RiskProfiler Cloud Attack Surface Management (CASM) provides continuous, unified visibility across complex multi-cloud ecosystems. It consolidates intelligence from AWS, Azure, GCP, and other providers to detect and correlate misconfigurations, exposed assets, certificate lapses, API leaks, and other suspicious activities. By applying contextual analytics and proprietary threat scoring, CASM transforms raw findings into prioritized, actionable insights, empowering security teams to rapidly ident
Offensive Security Intelligence. Designed for a Secure Tomorrow.
See what attackers see. Ryft continuously discovers everything your organization has exposed to the internet, forgotten subdomains, misconfigured cloud buckets, abandoned admin panels, tests them for real vulnerabilities, and uses AI to validate which findings are actually actionable. External attack surface management, built for modern teams.
CyberFurl External Attack Surface Management that continuously monitors external posture across DNS, Email, Encryption, Web Security Headers, Breach Exposure, CVE Surface, IP Reputation, Malware Intel, Compliance Posture, and AI Threat Signals. 10 pillars. 35+ controls.
ThreatScope is an external attack surface management platform built specifically for mid-market companies ($50M–$500M revenue). Unlike enterprise tools that cost six figures and require dedicated analysts, ThreatScope gives lean security teams continuous visibility into their internet-facing attack surface — with AI-powered findings anyone can understand. What it does: Discovers all internet-facing assets (subdomains, IPs, services, certificates) Continuously monitors for vulnerabilities and mis
ThreatPort is an External Attack Surface Management (EASM) platform that gives businesses full visibility into their public-facing digital infrastructure — without enterprise complexity or cost. Enter a domain name and ThreatPort runs a 9-phase automated scan: subdomain enumeration (28 sources), port scanning (134+ ports), CVE matching against NVD and CISA KEV, IP reputation across 19 threat intel feeds, email security analysis (SPF/DMARC/DKIM), typosquatting detection, and MITRE ATT&am
HailBytes ASM is a self-hosted Attack Surface Management platform purpose-built for pen-test firms, MSSPs, and enterprise security teams that need continuous external reconnaissance without sending sensitive client data to a third-party SaaS. The platform orchestrates 30+ best-in-class open-source security tools, including Subfinder, Amass, Assetfinder, OneForAll, HTTPx, Nmap, Naabu, Nuclei, Dalfox, S3Scanner, FFUF, and Eyewitness, through a multi-phase reconnaissance pipeline. Every subdomain,
DomainsGPT is an AI-powered domain name generator developed by One Word Domains, designed to assist users in creating brandable and memorable domain names tailored to their specific needs. Leveraging advanced natural language processing capabilities, DomainsGPT offers various naming styles, including brandable names, random suggestions, two-word combinations, portmanteaus, alternate spellings, and non-English names. The platform allows users to filter results by top-level domains , such as .com,
CollectionsIQ is Experian's advanced commercial collection suite designed to enhance debt recovery processes for businesses. By leveraging a specialized scoring model tailored for commercial recovery, it enables organizations to prioritize delinquent accounts with a higher likelihood of payment, thereby expediting the collection process. The suite also offers tools for commercial skip tracing and corporate linkage, assisting in identifying alternative operating locations and contacts associated