Glasstrail is a SaaS product that helps you manage external attack surfaces by identifying and monitoring potential cybersecurity risks. It provides tools for detecting vulnerabilities, comparing results with a CVE database, and offering insights for attack surface management. You can try it for free by entering your domain.
Checks the technologies used on your websites against the comprehensive CVE database to identify specific software versions with known vulnerabilities, highlighting them for attention.
Provides AI-powered insight for enhanced attack surface management, helping prioritize threats that are most relevant and pressing.
Finds user accounts on your domain with password breaches and whether they are active Microsoft accounts. Checks breached email addresses for your domain and finds webpages exposing a paid Google API key.
Identifies missing or misconfigured CSP and HTTP Strict Transport policies. Finds all JavaScript vulnerabilities on websites and searches for several OWASP top 10 issues. Offers SSL certificate insights and reports on expired and expiring certificates.
Checks for missing or misconfigured DNSSEC policies and verifies whether CAA Authorization policy is in place.
Validates whether SPF policy is in use and checks for DKIM records.
Detects if there's a risky certificate that is not trusted and finds untrusted SSL certificates in use.
Allows manual addition of findings from penetration test reports or other external sources to see all findings in one place.
Indicates if your favicon is being used by other sites and provides a domain name scan to secure your domain.
Tracks all internal-facing assets and cloud services, keeping detailed records of technologies, domains, websites, IP and ports.
Presents results in an easy-to-understand dashboard format for tracking risks, priorities, and remedial actions.
Offers notifications for new findings and integrates with platforms like Microsoft Teams or other services for updates.
Provides a weekly status email update on changes to your attack surface.
Creates secondary scan groups to segment your risk profile and manage multiple brands.
Supports scanning up to 200 domains in a single account with multi-organisation capacity.
Scan your vendor domains to identify top-level issues and risks.
Provides admin and read-only roles secured by Microsoft work accounts for easy management.
Includes 24/7 chatbot and email support on all plans.
Allows downloading and sharing of reports in PDF or Excel format.
Configures alerts for new findings via tools like Slack and Splunk.
Uses Microsoft accounts for single sign-on and easier onboarding or offboarding of users.
Continuously track and quantify cyber risk with a single, accurate view, allowing you to keep an eye on risks across exposure environments.
Gain insights about potential adversities that adversaries can find in your attack surface, and get notified when new issues arise.
Use vendor domain scans to discover top-level issues and risks related to vendor domains, providing a detailed understanding of the external risk landscape.
Utilizes diverse data sources enriched with scanning intelligence to identify risks, with a focus on the most common top 10 OWASP findings, for comprehensive risk investigations.
Cuts through the clutter by providing an action-driven dashboard to decide which issues will have the biggest impact on your risk profile, helping prioritize efforts effectively.
Monitor the changes in your clients' attack surface using Glasstrail. The tool helps to identify issues like missing HSTS, CSP, and untrusted certificates.
Provides a comprehensive view of threats and vulnerabilities with likelihood of occurrence for each client, helping to gain insights without hard work.
Set an automatic schedule for scanning so you can continually monitor new vulnerabilities in a client’s attack surface.
Allows you to share attack surface dashboards with clients directly through PDF reports, offering tools for annotation to improve risk understanding.
Enables upselling remediation services by providing clients with a view of issues to remediate. It allows for scans post-remediation to verify resolutions.