See What Attackers Can See About Your Organisation

SurfaceMapper maps your external attack surface and delivers a clear, risk-scored report in under 48 hours.

View Example Report Request a Scan

What SurfaceMapper Finds

External Exposure

  • exposed subdomains and forgotten environments
  • internet-facing services and open ports
  • subdomain takeover opportunities

High-Risk Interfaces

  • admin panels (Jenkins, Grafana, Kibana, etc)
  • cloud storage exposures (S3, Azure blobs)
  • sensitive files and paths (.env, .git/, config dumps)

Network Services

  • risky ports publicly reachable (RDP, databases, SSH)
  • cleartext protocols in use (FTP, Telnet, HTTP)
  • TLS weaknesses and expiring certificates

Email Security

  • missing or permissive SPF records
  • unenforced or absent DMARC policy
  • DKIM configuration gaps

Known Vulnerabilities

  • CVEs correlated to detected service versions
  • CVSS-scored and publicly documented exploits
  • vulnerability script indicators from port scan data

IP Reputation

  • Spamhaus RBL listings (spam sources, compromised hosts)
  • AbuseIPDB abuse confidence scoring
  • botnet and exploit activity indicators

How It Works

Internet-facing Assets
SurfaceMapper Scan
Risk-Scored Report

1. Scope

You provide a domain or IP range.

2. Scan

SurfaceMapper maps your external attack surface with no credentials required.

3. Deliver

You receive a clear report with risks and recommended fixes.

What You Get

  • full external asset inventory (domains, IPs, services)
  • risk-scored findings with evidence
  • screenshots of exposed admin interfaces
  • CVE correlation against service fingerprints
  • email security posture (SPF, DMARC, DKIM)
  • IP reputation and RBL listing status
  • exposure drift tracking (what changed since last scan)
  • clear executive summary and prioritised remediation

Example Report

See a real SurfaceMapper report (redacted).

SurfaceMapper report — executive snapshot with KPI tiles, exposure composition and severity charts
Download Sample PDF View Breakdown

Pricing

One-Time

External Attack Surface Snapshot

$349 AUD

One-time scan and report.

Monthly

Continuous Monitoring

$99/month

Monthly scans and exposure tracking.

Cancel anytime. No contracts.

Who It’s For

small to mid-sized businesses
SaaS companies
professional services firms
managed service providers

Want to see what your organisation exposes to the internet?

Request a Scan Email info@surfacemapper.net