Free instant security scan

External security monitoring for the sites your business depends on.

Free scans show a limited preview: TLS, headers, DNS, mail-auth, and edge context—enough to spot major issues without exposing paid-tier finding detail. Paid plans unlock full findings, monitoring, history length tied to your tier, and alerts.

No account needed · Results in ~15 seconds · Shareable report URL

External, non-invasive checks onlyFindings with evidence & remediationContinuous drift monitoring

What ExposureGrid checks

External attack-surface signals, in one place

Open ports aren't the whole picture. ExposureGrid looks at the configuration drift attackers actually use, and the misconfigurations your customers will actually notice first.

TLS & certificates

Catch expiring certs, weak protocols, untrusted chains, and mismatched hostnames before browsers start warning your customers.

See category detail →

Security headers

Check HSTS, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, and the rest against what browsers actually enforce today.

See category detail →

CSP, CORS & cookies

Inspect Content-Security-Policy strictness, cross-origin behavior, and cookie hygiene (Secure, HttpOnly, SameSite).

See category detail →

DNS & mail-auth posture

Check SPF, DKIM, DMARC alignment, MTA-STS, and DNS hygiene that attackers use for phishing and brand impersonation.

See category detail →

Origin & edge context

Surface the CDN, hosting, and edge configuration signals that shape your real attack surface from the outside.

See category detail →

Drift monitoring

Re-scan on a schedule and see when posture changes: new findings, fixed findings, and regressions over time.

See category detail →

Asset discovery

For verified managed scans, ExposureGrid inventories public hostnames tied to domains you proved you control.

See category detail →

Subdomain takeover risk

Signals for dangling SaaS delegation or empty provider banners—surfaced responsibly for teams that own DNS.

See category detail →

Cloud storage exposure checks

Lightweight probes for risky public listings on domain-derived storage prefixes, without scraping files.

See category detail →

API and developer surfaces

For verified managed scans, passive checks highlight reachable API docs, consoles, metrics, and health endpoints without posting to APIs.

See category detail →

JavaScript and source-map posture

First-party bundles are hashed and sampled for reachable source maps, internal URL hints, and redacted secret-like literals. Not part of anonymous public scans.

See category detail →

Technology fingerprints

Header and HTML signals describe disclosed frameworks or servers without claiming CVE exploitability.

See category detail →

Want the full breakdown? Explore the platform or read the full features page.

Verified-domain monitoring

Deeper exposure checks for verified domains

Subscribed users can enable deeper exposure scanners for verified managed domains, including exposed service detection, dangerous file checks, and publicly reachable admin interface discovery. These checks are excluded from free public scans and only run when enabled for domains you control.

Port / service exposure

Identify risky public services such as RDP, SMB, Redis, databases, Elasticsearch, SSH, FTP, and alternate web ports before they become easy attacker entry points.

Read features →

Dangerous files & paths

Detect accidentally exposed .env files, Git metadata, backups, SQL dumps, debug logs, phpinfo pages, and other sensitive web-accessible artifacts.

Read features →

Admin interface discovery

Find publicly reachable admin panels and management consoles such as WordPress login, phpMyAdmin, Jenkins, Grafana, Kibana, Portainer, and more, without attempting to log in.

Read features →

Paid exposure modules require an active subscription or trial, domain verification, and explicit per-domain configuration. They are never part of the free public scan.

How it works

From a domain to a real report, in four steps

We're honest about what an external scan can see and what it can't. You get findings backed by evidence, not a vague risk score.

1. Submit a domain
Run a free public scan, or add a domain after signing in. ExposureGrid resolves the host and plans a non-invasive set of checks.
2. Run safe, external checks
We collect public evidence (TLS handshakes, response headers, DNS records, CSP and CORS behavior). No payloads, no fuzzing, no intrusive probing.
3. Review findings & evidence
Each finding includes a severity, plain-English context, the exact evidence we captured, and a remediation step you can hand to a developer.
4. Monitor for drift
Schedule re-scans and get notified when posture regresses, certificates approach expiry, or new issues appear.

Who it's for

If you own a public web footprint, this is for you

ExposureGrid is opinionated about external posture so a small team doesn't have to figure it out from scratch.

SaaS teams

Keep your customer-facing app, marketing site, and auth subdomains aligned with the security posture you tell customers you have.

Agencies & MSPs

Watch every site you operate from one place. Catch regressions across client portfolios before the customer does.

Small business IT

Get a credible outside-in view without hiring a security team. Clear findings, evidence, and fixes you can hand to a developer.

Pricing

Simple plans. Start free for 14 days.

Public scans are always free. Continuous monitoring starts at $29/mo. Every paid plan includes a 14-day free trial (1 domain, no credit card). Your plan's full domain count is available the moment you subscribe.

Free

Manual scans for one domain with a limited preview of findings—ideal to try the product before upgrading.

1 domain
Manual scans on demand
Limited scan preview (2 visible findings)
No scheduled monitoring
No email alerts

Run a free public scan

No trial required. Sign in for managed Free workspace limits.

Starter

$29/mo

Weekly monitoring and alerts for a single production domain.

1 domain
Weekly scheduled monitoring
Email alerts
Full baseline scanner results
60-day history and trends

Start 14-day free trial

Trial monitors 1 domain.

Common questions about ExposureGrid

Short answers on what we scan, how the beta works, and how scans stay safe.

What does ExposureGrid actually check?

ExposureGrid runs external, non-invasive checks against your public web assets: TLS and certificate posture, security response headers, Content-Security-Policy, CORS configuration, cookie attributes, DNS hygiene, and mail-authentication posture (SPF, DKIM, DMARC).

Is this a penetration test?

No. ExposureGrid is an external attack-surface and posture scanner. It surfaces misconfigurations and drift on the public side of your stack. It does not exploit vulnerabilities and it doesn't replace a manual penetration test.

Are scans safe to run?

Yes. ExposureGrid uses lightweight, externally observable checks, comparable to what a normal browser, crawler, or email server already does. No payloads, no fuzzing, no credential testing.

Do I need an account to try it?

No. You can run a free public scan from the homepage and get a shareable report URL with Free-level visibility only. Creating an account starts a 14-day paid trial (no card up front) with weekly monitoring, history, and email alerts on one domain while you evaluate.

Is ExposureGrid in beta?

Yes. ExposureGrid is in public beta. The scanner is live and runs against real production sites every day. Expect new categories, refinements, and roadmap items as we move toward general availability.

See what an attacker can see, in about 15 seconds.

Run a free public scan, or create an account to monitor every site you depend on.

Run a free scan Create a free account