VigilantAI
VigilantAI
How the assessment works

External-only. Non-invasive. No access required.

VigilantAI models how likely your organization is to be compromised using only signals that are already publicly observable — the same signals an attacker would use.

What is analyzed

Externally exposed services
All internet-facing ports and services visible from the public internet. Includes web, remote access, DNS, management, and database surfaces.
Web security posture
TLS certificate validity, HTTPS enforcement, HSTS headers, Content-Security-Policy, X-Frame-Options, and email security configuration (SPF, DMARC).
Breached identity signals
Whether business email addresses associated with your domain appear in known public breach datasets. Credential exposure is one of the most common real-world attack entry points.
Attack path likelihood
How a realistic attacker could chain your exposure signals into an access attempt. Combines network surface, identity exposure, and service context into a single compromise likelihood model.
Change detection
What changed since your last scan — ports opened, services appeared, risk delta increased or improved. Drift is often more important than the current snapshot.

How AI is used

VigilantAI uses AI to interpret and prioritize findings — not to perform the scanning itself.

AI is used to
  • Summarize exposure in plain English
  • Prioritize which risks matter most for your specific surface
  • Explain likely attack paths based on observed signals
  • Generate actionable remediation steps tailored to your findings
AI does NOT
  • Access your internal systems, applications, or networks
  • Perform intrusive or authenticated testing
  • Guarantee discovery of all exposures
  • Store or share your scan data with third parties

Scope and limitations

VigilantAI is an external-only assessment. It provides a realistic attacker’s-eye view of your organization — not a substitute for authenticated or internal testing.

• Does not include authenticated application testing or login-protected pages

• Does not include internal network visibility or endpoint assessment

• Does not include third-party services or shadow IT

• Absence of findings does not imply absence of risk

Scan data references may include NVD and CISA KEV datasets. All scans are point-in-time snapshots unless continuous monitoring is enabled.

Ready to see your external exposure?

Scan your exposure free →See sample reports