Our Roadmap

Identifies CMS versions externally (WordPress available today); no plugin needed.

Crawls your website's pages, validating links and scans for secrets. (Monthly crawl credits defined in subscription)

Sends incident and recovery messages to all verified recipients.

Scans top 1,000 TCP ports and flags unexpected open services.

Detects unauthorized changes to public-facing pages using chunk-based hashing.

Maps detected Web-Software versions and flags Common Vulnerabilities and Exposures (CVE).

Filter, group and tag up to 500 sites; bulk actions and CSV export.

Daily checks against various SEO and blocklists.

Watches A, AAAA, MX and CNAME records for unexpected changes.

Adds SPF, DKIM, DMARC, DNSSEC and BIMI validation.

Automated PDF & e-mail summaries delivered weekly or monthly.

Identifies hidden or forgotten sub-domains to eliminate shadow IT risk.

Detects exposed API keys in HTML and JS.

Pushes incidents to Slack channels or Microsoft Teams webhooks.

Replace our logo & colors with your own for client-facing PDFs.

Non-disruptive check for OWASP-Top-10. Note: Might incur additional charges.

Role-based access control with SAML 2 / OIDC single-sign-on.

API for pulling metrics and incidents into your tooling.

CRUD access, webhooks and token management for deep integrations. Note: API usage may incur additional charges based on volume.

Ships JSON events to your SIEM.

Pings your endpoints in intervals and alerts if one fails twice in a row

Get notified before certificates expire to prevent trust loss and outages. Monitors certificate chain daily and notifies 30 / 14 / 7 / 1 days in advance.

Single-site status card with live screenshot and historical uptime graph.

Keeps logs and metrics for a selected time-frame (subscription-dependent)

Named security success engineer.

All detection is 100% external, so onboarding is instant and no inside code is needed.

Our Outside-in approach provides an attacker's perspective, meaning what we know, an attacker knows. This is the most effective way to find and fix security issues.

Your data stays in the European Economic Area (EEA) for GDPR-level privacy and peace of mind.

Our monitoring is resource-friendly and intelligently adapts to your site's load. We will never overwhelm your website.

Need to monitor more domains, but don't want to upgrade? You can easily add more domains to monitor for an additional price.

Need to monitor more endpoints on the same domain, but don't want to upgrade? You can easily add more endpoints to monitor for an additional price.

This plan includes monitoring for up to 5 domains. Additional domains can be added as needed.

This plan includes monitoring for up to 25 endpoints across all domains. Additional endpoints can be added as needed.

This plan includes monitoring for up to 3 domains. Additional domains can be added as needed.

This plan includes monitoring for up to 15 endpoints across all domains. Additional endpoints can be added as needed.

This plan includes monitoring for up to 10 domains. Additional domains can be added as needed.

This plan includes monitoring for up to 75 endpoints across all domains. Additional endpoints can be added as needed.

This plan includes monitoring for up to 50 domains. Additional domains can be added as needed.

This plan includes monitoring for up to 500 endpoints across all domains. Additional endpoints can be added as needed.