Drop a lightweight probe on any subnet, then run discovery, fingerprinting, vuln scans, and SNMP topology mapping from one cloud dashboard. Multi-tenant by design — every customer in their own database.
CIDR-range sweep that turns up every responsive host, with port profiles, banners, latency, and HTTP screenshots — all from a probe inside your perimeter.
Identifies the operating system family, version, and exact build number on every responsive host, with confidence scoring and role inference for domain controllers, file servers, BMCs, firewalls, and printers.
OUI lookup with vendor logos, role inference (Domain Controller, file server, BMC, firewall, printer, IoT) from MS-RPC service evidence and port profiles.
Searchable inventory with tags, notes, manual entries, MAC, IP, OS, last-seen, risk score. Bulk delete, edit, group by site, export.
SNMP-walk every neighbor, build a device-to-device graph with port-level detail, draw user-defined links and notes, drag-position with persistent layout.
Pull bridge tables and ARP caches from every managed switch. Cross-reference MAC vendor data to surface unauthorized devices instantly.
Per-site SNMP v1/v2c/v3 credentials with auth + privacy protocols, applied automatically to scans.
Single-shot ping with packet stats; continuous ping monitor with rolling RTT graph, jitter, and loss tracking.
Hop-by-hop path discovery with RTT per hop and reverse-DNS resolution.
Configurable port profiles (top-100, full, custom), banner grabbing, TLS detection. Threaded for sub-30s /24 sweeps.
All record types (A, AAAA, CNAME, MX, TXT, SRV, SOA), DNSSEC validation, multi-resolver comparison.
Domain registration data, registrar, expiry, owner contacts where available.
Full chain inspection, expiry alerts, issuer validation, and Subject Alternative Name listing.
Response header inspection for any URL — security headers, CORS, caching, server identification.
Per-asset CVE detection with CVSS severity scoring, EPSS exploitability prediction, and MITRE ATT&CK technique mapping. Remediation guidance per finding.
Cross-reference your domain against breach corpora (HaveIBeenPwned and others). Surfaces leaked credentials before they're weaponized.
External-facing exposure map — every open port, every certificate, every public-facing service ranked by risk.
Subdomain enumeration, DNS record harvesting, breach lookups for any domain. Built into the platform — no third-party API keys needed.
Cron-based recurring scans per site — vuln scans, network sweeps, identity checks. Configurable per probe and per scan type.
Group your probes, CIDRs, and credentials by physical or logical site. Filter every view by site.
At-a-glance asset counts, vuln severity breakdown, scan history. Per-asset vulnerability timelines for trend analysis.
Self-updating probe binary with signed manifest. Push a new version centrally; every probe picks it up on next check-in.
Each customer's data lives in its own dedicated database — not a shared multi-tenant table with row-level filters. Isolation is enforced at the platform layer, so a misconfigured query can never leak data across tenants.
Configurable roles per tenant with granular execute/read permissions across every tool. Add admins, operators, read-only auditors.
Time-based one-time passwords compatible with Google Authenticator, 1Password, Authy, and others. Required by default for new accounts.
Compute and data run at the edge in dozens of regions — sub-50ms reads from anywhere, anytime. No servers for you to provision, patch, or scale. The platform absorbs the operational burden so your team can focus on outcomes.
No credit card. Full feature access. We provision a dedicated database and a per-tenant subdomain — you're operational in under 5 minutes.