Complimentary External Exposure Assessment

Know what attackers, auditors, and cyber insurers can already see — before they do something with it.

VigilantAI analyzes publicly observable signals to identify external exposure, breached identities, and likely attack paths — and explains which findings actually matter before your next insurance renewal, audit, or security review.

✔ No software to install✔ No internal network access required✔ Results in minutes — not weeks

Most external security tools tell you what they found. VigilantAI explains why it matters and what to do next.

Used to identify
  • • Exposed internet-facing services
  • • Breached business identities
  • • Weak web security posture
  • • Realistic attack paths

External-only · non-invasive · no access required.

Security Intelligence Score
Good shape
Overall exposure
Moderate
↑ Improving this week
Internet exposureElevated
Identity exposureModerate
What to fix now
  • Remote access service visible from the internethigh
  • 3 business emails found in known breach datamedium
  • Email spoofing protection (DMARC) not enforcedlow
Exposure → change → action
↑ Improving
3
New exposures
2
Exposures resolved
5
Breached identities
Trend improving
External Exposure Compliance Report

What you'll know in the next 5 minutes.

• What's exposed to the internet
• Whether web security protections are missing
• Whether common business emails appear in known breach data
• What to fix first

Most businesses don't know what's exposed. Open ports, misconfigurations, and outdated services increase your attack surface without you knowing.

What you get
Exposure score (0–100) with risk level
Full list of internet-facing services identified
Top risks explained in plain English
Prioritized remediation steps — exact fixes
Identity breach exposure check
Before/after change tracking
Client-ready PDF you can share instantly
Who this is for
  • Small businesses validating security posture
  • IT teams preparing for audits
  • MSPs delivering client reports
  • Anyone responsible for external exposure
Compliance support
  • • Internal risk reviews
  • • Vendor / insurance questionnaires
  • • Audit preparation (HIPAA, SOC 2, PCI context)

Supports — but does not certify — compliance requirements.

Start with visibility. Fix what actually matters.

No subscription. One report. Delivered instantly.

Get full security report — $149

See the difference

See what changed between scans — not just a snapshot.

Before
60
Medium risk
RDP open · staging exposed
↓ 30
points reduced
2 fixes applied
After
30
Low risk
RDP closed · staging removed

Re-scan after each fix and see the improvement reflected immediately.

Why it matters now

Exposure doesn't stay static.

New ports open. Configs drift. Services change without warning.
If you're not tracking it, you're blind to it.

🔓
Breached business emails create real attack paths
Exposed credentials can be reused against email, admin panels, and cloud apps. VigilantAI checks whether common business email patterns appear in known breach datasets.
🔓
New exposed service detected within 10 minutes of appearing
A new internet-facing port or service can appear between scans and go undetected for days. VigilantAI flags it within the next monitoring cycle.
📋
Every client report includes an evidence-backed audit trail
Every scan, change, and remediation action is logged with timestamps. When an auditor or insurer asks, the trail is already there.
Security Intelligence

Not just what's exposed — how attackers could use it.

VigilantAI doesn't just score your environment — it shows what changed, what increased risk, and what needs action now.

🔑
Breached credentials found for your domain
Employee identities in public breach data, correlated with your external footprint — stolen passwords are how most break-ins start.
🛡️
Renewal-ready evidence
Findings mapped to what insurers and auditors ask about — in plain language your broker, client, or board can read.
🔓
1 port newly exposed
A remote access service became visible from the internet since last scan.
🔀
Attack path identified
Exposed remote access + breached credentials = a realistic path to compromise. VigilantAI connects the signals and explains the reasoning.
How it works

From detection to action in minutes

1
Scan your exposure
Scan any public IP or domain. See all internet-facing services instantly.
2
See what changed
New exposures and risk increases are flagged immediately. No noise — just what matters.
3
Fix the right things
Follow clear, prioritized remediation steps. No guessing — just the actions that reduce risk.
4
Prove the result
Re-scan and see measurable improvement. Generate a compliance report with before/after proof.
Compliance & Insurance

Evidence-backed reports for auditors and underwriters.

Every scan and monitoring event becomes timestamped evidence you can export for auditors, cyber insurers, and internal reviews.

HIPAA §164.308HIPAA §164.312PCI-DSS Req. 1PCI-DSS Req. 11SOC 2 CC6.1Cyber Insurance
Compliance mapping (example)
HIPAA§164.308(a)(1)
Evidence provided
PCI-DSSReq. 11
Evidence provided
SOC 2CC6.1
Evidence provided
Cyber InsuranceUnderwriter Q
Evidence provided

Timestamped evidence entries created automatically on every scan. Supporting evidence only — VigilantAI does not certify compliance.

After your report

After your report — track changes over time.

Most teams start with a one-time report, then move to monitoring. Monitoring plans track what changes week over week and alert you before it becomes a problem.

Free Snapshot
$0 No credit card required
  • 1 external scan per month
  • Exposure score + risk findings
  • Prioritized fixes in plain English
  • PDF report download
Best for: first-time visibility
Popular
MSP Starter
$99 /mo · cancel anytime
  • Automatic exposure monitoring (no setup)
  • Alerts when risk increases
  • Before/after proof of fixes
  • Client-ready reports you can share
  • Up to 5 clients
No agents. No access required. External-only visibility.
MSP Growth
$199 /mo · cancel anytime
  • Everything in MSP Starter
  • Up to 10 clients
  • Portfolio-level reporting
  • Remediation proof workflow
  • Evidence timeline with timestamps
For teams managing multiple client environments.

Common questions

What you need to know before you start.

Is this a penetration test?
No. VigilantAI performs an external-only assessment using publicly observable signals. It does not log into systems, exploit vulnerabilities, or perform authenticated testing.
Does VigilantAI access my internal systems?
No. VigilantAI analyzes internet-reachable exposure only — the same signals a real attacker would see from the outside.
Why does identity exposure matter?
Breached business credentials are one of the most common real-world attack entry points. VigilantAI evaluates whether exposed services combined with identity exposure increase your compromise likelihood.
How is AI used?
AI is used to interpret findings, prioritize risks, explain likely attack paths, and generate remediation guidance. AI does not perform intrusive scanning or access internal systems.
What do I receive after a scan?
A client-ready PDF including: exposure findings, likelihood of compromise, attack-path analysis, remediation priorities, compliance evidence mapping, and change tracking since your last scan.
Is this continuous monitoring?
The one-time assessment is point-in-time. Monitoring plans continuously track exposure changes, identity-risk changes, and remediation drift over time.
Can MSPs use VigilantAI for clients?
Yes. MSP workspaces support client monitoring, reporting, remediation tracking, and evidence-backed delivery workflows across multiple client environments.
Does this require DNS changes or setup?
No. Basic scans require no setup, no agents, and no DNS changes. You provide a public IP or domain and receive results instantly.
Can I share reports with auditors or cyber insurance providers?
Yes. Reports are designed to support audit preparation, external security reviews, and cyber insurance evidence requests including HIPAA, PCI-DSS, SOC 2, and underwriter questionnaires.
What happens after I fix issues?
Re-scanning verifies whether exposure decreased, services changed, or compromise likelihood improved. Each scan creates a new timestamped evidence entry automatically.
Why is this different from a vulnerability scanner?
Vulnerability scanners report what is present. VigilantAI models how likely you are to be compromised — combining network exposure, identity breach signals, and attack-path context into a single risk picture.
What data does VigilantAI store?
Scan results and evidence logs are stored securely and associated with your account. No internal system data is accessed or stored. See our Privacy Policy for full details.

Start with visibility. Fix what actually matters.

Start free. No software, no access required — see what's visible from the outside in minutes.

Scope note: internet exposure scans are point-in-time snapshots of public-facing assets, based exclusively on publicly observable signals — the same visibility available to insurers, auditors, and attackers. Absence of findings does not guarantee absence of risk.

VigilantAI is operated by INSPIRE SOLUTIONS GROUP LLC, Maryland, USA. © 2026 INSPIRE SOLUTIONS GROUP LLC. All rights reserved. Privacy · Terms · Contact