On-demand & scheduled scans
Run a public scan in about 15 seconds, or schedule recurring scans for every domain you manage.
Features
Everything ExposureGrid does today
ExposureGrid is in public beta. The features below are live in the product. Roadmap items are called out on the platform page.
ExposureGrid features grouped by capability.
Scanning & monitoring
From a single scan to continuous posture monitoring
Drift detection
Compare scan to scan. New, fixed, and reappeared findings are called out explicitly so you can see posture move over time.
Regression alerts
Get notified when a previously fixed finding comes back, a certificate is approaching expiry, or new high-severity issues land.
Coverage transparency
Every report tells you exactly which checks ran, which were skipped, and why. A partial scan never looks like a clean bill of health.
Findings & reports
Reports your team can actually act on
Findings backed by evidence
On tiers where a finding is visible, you see the headers, certificate fields, DNS responses, or other evidence we observed. Free and public previews intentionally omit hidden finding bodies—those unlock on paid tiers.
Severity classification
Findings are classified as critical, high, medium, low, or observation, with consistent reasoning across categories.
Plain-English remediation
Each finding explains what to change, where to change it, and what 'good' looks like, written for the developer or admin who will fix it.
Shareable report URLs
Public scans produce a token-protected URL you can share with a teammate, vendor, or auditor without exposing your account.
Platform
A workspace built for the team that owns the surface
Domain dashboard
All of your monitored domains, scores, and recent scan activity in one view.
Scan history
Browse every scan ever run on a domain, drill into individual findings, and compare results across time.
Security score & trend
A consistent 0 to 100 score with category breakdowns, so you can see at a glance whether posture is improving.
Multi-domain organization
Group sites by environment, product line, or client. Built to support growing portfolios.
Authenticated workspace
Create an account to add domains, save history, schedule scans, and receive drift notifications.
Built for continuous monitoring
ExposureGrid is built for ongoing posture monitoring, not just one-off snapshots.
Subscriber capabilities
Deeper exposure checks (verified managed domains)
These modules are gated behind authentication, subscription or trial access, domain verification, and per-domain configuration. They are excluded from the free public scan flow by design.
Port / service exposure
Optional bounded TCP checks for commonly exposed services (RDP, SMB, databases, Redis, Elasticsearch, SSH, and more). Subscriber-only, verified-domain only, never on free public scans.
Dangerous files & paths
Safe, capped HTTP probes for sensitive artifacts such as .env, Git metadata, backups, dumps, and debug surfaces. Evidence is redacted; no full file bodies are stored.
Admin / management interfaces
Non-invasive discovery of publicly reachable admin and control-plane routes. No logins, no brute force, no form submissions.
Subdomain discovery & asset inventory
Bounded CT, DNS/wordlist, and sitemap hints scoped to your verified domain. Results land in a durable asset inventory.
Takeover risk detection
Passive DNS plus safe HTTP fingerprints highlight potentially abandoned third-party delegations. Manual validation is always required.
Cloud storage exposure probes
Tiny, unauthenticated listing checks for domain-derived storage candidates. No authenticated API calls or object downloads.
Modern app & API exposure
Deeper application signals for verified domains
These subscriber-managed scans stay passive: no POST fuzzing, no authentication attempts, and no brute forcing.
API & developer surface detection
Passive probes for API docs, metrics, health, and debug-style routes using bounded GET requests only. Subscriber-managed scans on verified domains.
JavaScript & source map exposure
Same-domain scripts from sampled pages are hashed and reviewed for source maps, internal URL hints, and redacted secret-like literals. No full bundle storage.
Technology fingerprinting
Observes headers and HTML for framework or server disclosure signals. Reports context, not CVE exploitability.
See it on your domain in about 15 seconds.
The fastest way to understand ExposureGrid is to point it at a site you already own.