app like that
Glasstrail
Glasstrail

Glasstrail is a SaaS product that helps you manage external attack surfaces by identifying and monitoring potential cybersecurity risks. It provides tools for detecting vulnerabilities, comparing results with a CVE database, and offering insights for attack surface management. You can try it for free by entering your domain.

Features

CVE Detection

Checks the technologies used on your websites against the comprehensive CVE database to identify specific software versions with known vulnerabilities, highlighting them for attention.

AI-Powered 'Why Should I Care' Analysis

Provides AI-powered insight for enhanced attack surface management, helping prioritize threats that are most relevant and pressing.

Account credentials

Finds user accounts on your domain with password breaches and whether they are active Microsoft accounts. Checks breached email addresses for your domain and finds webpages exposing a paid Google API key.

Website security

Identifies missing or misconfigured CSP and HTTP Strict Transport policies. Finds all JavaScript vulnerabilities on websites and searches for several OWASP top 10 issues. Offers SSL certificate insights and reports on expired and expiring certificates.

DNS and domain security

Checks for missing or misconfigured DNSSEC policies and verifies whether CAA Authorization policy is in place.

Email security

Validates whether SPF policy is in use and checks for DKIM records.

Reputation

Detects if there's a risky certificate that is not trusted and finds untrusted SSL certificates in use.

External/User added findings

Allows manual addition of findings from penetration test reports or other external sources to see all findings in one place.

Phishing

Indicates if your favicon is being used by other sites and provides a domain name scan to secure your domain.

Inventory

Tracks all internal-facing assets and cloud services, keeping detailed records of technologies, domains, websites, IP and ports.

Dashboard

Presents results in an easy-to-understand dashboard format for tracking risks, priorities, and remedial actions.

Notifications and integrations

Offers notifications for new findings and integrates with platforms like Microsoft Teams or other services for updates.

Weekly status emails

Provides a weekly status email update on changes to your attack surface.

Multi-brand management

Creates secondary scan groups to segment your risk profile and manage multiple brands.

Big portfolios supported

Supports scanning up to 200 domains in a single account with multi-organisation capacity.

Vendor scans

Scan your vendor domains to identify top-level issues and risks.

Secure access

Provides admin and read-only roles secured by Microsoft work accounts for easy management.

Premiun support

Includes 24/7 chatbot and email support on all plans.

Share results

Allows downloading and sharing of reports in PDF or Excel format.

Notifications and integrations

Configures alerts for new findings via tools like Slack and Splunk.

Secure

Uses Microsoft accounts for single sign-on and easier onboarding or offboarding of users.

Instant Monitoring

Continuously track and quantify cyber risk with a single, accurate view, allowing you to keep an eye on risks across exposure environments.

Real-Time Visibility

Gain insights about potential adversities that adversaries can find in your attack surface, and get notified when new issues arise.

Vendor Risk Exposure

Use vendor domain scans to discover top-level issues and risks related to vendor domains, providing a detailed understanding of the external risk landscape.

Actionable Data for Investigations

Utilizes diverse data sources enriched with scanning intelligence to identify risks, with a focus on the most common top 10 OWASP findings, for comprehensive risk investigations.

Prioritization of Risks

Cuts through the clutter by providing an action-driven dashboard to decide which issues will have the biggest impact on your risk profile, helping prioritize efforts effectively.

Attack Surface Management Scanning

Monitor the changes in your clients' attack surface using Glasstrail. The tool helps to identify issues like missing HSTS, CSP, and untrusted certificates.

Insight Dashboard

Provides a comprehensive view of threats and vulnerabilities with likelihood of occurrence for each client, helping to gain insights without hard work.

Scheduled Scans

Set an automatic schedule for scanning so you can continually monitor new vulnerabilities in a client’s attack surface.

Risk Communication Tools

Allows you to share attack surface dashboards with clients directly through PDF reports, offering tools for annotation to improve risk understanding.

Remediation Management

Enables upselling remediation services by providing clients with a view of issues to remediate. It allows for scans post-remediation to verify resolutions.

Pricing Plans

Starter

$99
per monthly

Standard

$499
per monthly

Free Trial

$0
per 14 days