Skip to content
Attack Surface View Attack Surface View

Discover Your Network's Attack Surface

Automatically detect open ports, services, and running software from all your
targets. Visualize all results in a central, unified view

  • Check Get an overview of your network perimeter exposure
  • Check Find open ports that shouldn't be publicly accessible
  • Check Detect old and forgotten web technologies
  • Check Automatically created from your tool scan results
Log in to try it »

What is a system's Attack Surface?

In a network environment, all the entry points an attacker could use to access a system combine to create the Attack Surface. It also covers the ways an unauthorized user could send data to a web application and/or extract data from it.

In your dashboard, the Attack Surface includes a list of all IP addresses, hostnames, operating systems, open ports, services, technologies, and their versions from all your targets. Each workspace generates an Attack Surface specific to the targets in it.

Attack Surface View Attack Surface View

See all the services open across the network perimeter in one place

Attack Surface pulls results from scanners to give you the big-picture, up to date view of your targets’ open ports, services, and other relevant details.

Quickly determine which currently open hosts, ports, services, and technologies shouldn’t be exposed on the public network.

Get an instant overview with minimal manual work and no time spent aggregating data from multiple sources.


For a limited time, Attack Surface is available with any plan!

Sign up
    Attack Surface Page Overview
    Attack Surface Filtering

Detect web technologies and spot outdated network service versions

Every new scan automatically updates your Attack Surface with fresh details about your target’s technologies and services - including their versions.

Visualize and filter technologies the system is currently running (e.g. Wordpress, ASP.NET, etc.). Easily drill down into specific components and services to find exposure indicators and high risk areas (e.g. outdated server software, open ports, etc.).

Attack Surface groups scan results by asset categories, so it’s easy to identify old and outdated versions. It also comes with CSV (table format) or JSON export options.

Log in to use it

4 ways to use the Attack Surface view

Turn network and service insights into actionable data

Identify infrastructure entry points an attacker might leverage to compromise the target using data about its technology stacks, service versions, and open ports.

Prioritize actions to reduce exposure to attacks

Identify which parts of the system are most vulnerable (e.g. servers, websites, databases, etc.) and reduce security risks through decisive actions (e.g. closing ports, retiring unused services, etc.).

Assess how much work a pentest might involve

Get a quick overview of the scope of your future pentesting engagements and reduce your guesswork with zero effort. Alternatively, compile more accurate budget proposals for internal projects.

Understand how the attack surface evolves in time

Use the Attack Surface to manually observe when, for example, new open ports appear or when server-side software becomes outdated. Run regular scans with to keep the data up to date and accurate.

Map your attack surface

Developed for...


Pentesters who lack the time to develop their own discovery modules


Network security specialists in charge of security risk assessments


DevOps teams tasked with preventing security gaps in web apps


Developers who understand and manage application security risks


Pentesters looking to preview the scope and work for their future engagements


Business owners with a knack for security as a core performance metric

Reduce your attack surface based on reliable, up to date data

Always have accurate, up to date visibility into the most vulnerable parts of the system in a flash.

Running a constant cycle of vulnerability scans with the platform enriches and expands your Attack Surface view. Use it to identify risky remote entry points and prioritize decisive, data-driven actions that reduce the target’s exposure to cyber attacks.

Attack Surface Tabs Browsing

Key risks you can diagnose using the Attack Surface

1. Outdated, exploitable server software

Security risk:  data breach by exploiting unpatched vulnerabilities.

3. Internal network services exposed on the public network

Security risk:  confidential data exfiltration by brute forcing weak passwords.

2. Open ports (that shouldn’t be publicly accessible)

Security risk:  reveal sensitive data about the network infrastructure.

4. Old and forgotten web technologies

Security risk:  malicious users’ unauthorized access to the sensitive data those web applications process.

Map your exposure

Trusted by experts at :

Our clients

Common Questions

If your question is not covered here, please check our FAQ or contact us.

Do all the tools on feed data into the Attack Surface view?

Currently, the following tools generate data for the Attack Surface: Website Recon, Website Scanner, TCP Port Scanner, UDP Port Scanner and OpenVAS Scanner.

We plan to add data for other tools and scanners at in future iterations. Keep an eye on our changelog, blog, and on our LinkedIn page to be the first to know when we do! You can also explore more details in the dedicated article in our Support Center.

Do API scans appear in the Attack Surface view?

For the moment, the Attack Surface view covers manual scans only from the following tools: Website Recon, Website Scanner, TCP Port Scanner, UDP Port Scanner, and OpenVAS Scanner.

Wondering why your scans don’t appear in the Attack Surface view? This article in our support center is just what you need.

Additionally, we plan to add support for scans run using the API in future iterations. Keep an eye on our changelog, blog, and on our LinkedIn page to be the first to know when we do!

How do I analyze my attack surface?

The data in your dashboard can help you with 2 out of 3 key steps that reduce your network attack surface.

Use the Attack Surface view to identify assets and the most exposed entry points an attack could exploit to breach the network (step 1).

Eliminate unnecessary pathways and run recurring scans with tools on our platform to validate that your network's attack surface was reduced. Analyze the same results to identify new open ports or outdated services, among other types of relevant data (step 2).

Best practices recommend network segmentation as step 3, to further minimize a network's attack surface.

For in-depth information about the topic, check out OWASP’s cheat sheet.

Attack surface reduction vs vulnerability management - what is the difference?

Vulnerability management is a constant cycle of identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities (software weaknesses).

Attack surface reduction aims to decrease the number of exposed open ports and services (network and system weaknesses), resulting in less vulnerabilities and limiting the ability of malicious actors to perform attacks.

Both vulnerability management and surface attack reduction have a shared goal: reducing risk by making the environment more secure.

How do I reduce my attack surface?

Attack surface reduction principles include patching, shutting down unnecessary services and network ports, reducing the amount of code running, setting strong trust boundaries, security awareness training for employees, and more.

For in-depth information about the topic, check out this guide from Infosec Institute.

What happens if I delete a target?

Moving or deleting a target from your current workspace may also delete all its associated data in the Attack Surface view.

For more details, check out the dedicated article in our Support Center.

PenTest yourself. Don't get hacked.

Discover and validate vulnerabilities in websites and network infrastructures

Sign up