Deterministic, evidence-based, and non-intrusive — every architectural decision in Externalsight is made with your security and data sovereignty in mind.
Every layer of Externalsight is designed with a security-first posture — from the scanning engine to data storage to how we handle disclosure.
Externalsight operates strictly as an outside-in, non-intrusive EASM platform. We execute deterministic, evidence-based polling — validating DNS records, executing TLS handshakes, and inspecting HTTP headers — without destructive payloads or heuristic guessing.
All attack surface maps and scan outputs are exclusively your property. Data is encrypted in transit and at rest. Absolute tenant isolation is enforced via Row-Level Security (RLS) policies — only you can query your infrastructure telemetry.
Access is secured by modern JSON Web Tokens (JWT) for session-based control. Tokens are short-lived, stored in sessionStorage (never localStorage), and cleared on logout. Only authorized operators can query sensitive network exposures.
The platform is actively hardened through continuous operational logging and strict rate-limiting to ensure reliability. Automated abuse prevention mechanisms at the edge guarantee our scanners interact with public-facing assets responsibly at all times.
We provide explicit safe harbor for good-faith vulnerability reporting against the Externalsight platform. All coordinated disclosures are handled confidentially without threat of legal action, provided researchers refrain from destructive testing or accessing tenant data.
In an industry saturated with AI-generated false positives, Externalsight stands apart through factual transparency. We do not hallucinate vulnerabilities. Every exposure reported — from dangling CNAMEs to misconfigured CORS headers — is backed by immediately reproducible network evidence.
Every finding in Externalsight includes the raw network evidence that triggered it — the exact DNS record, TLS handshake detail, or HTTP response that produced the finding. No black boxes.
Start free scan