Our Roadmap
What we've built, what we're building, and where we're headed.
Deep Scanning Engine
10 types of analysis: subdomain discovery, port scanning, vulnerability detection, SSL/TLS checks, web tech profiling, JS dependency scanning, and WAF detection.
AI-Powered Fix Suggestions
Every finding comes with plain-English remediation: what's wrong, why it matters, and exactly how to fix it.
Security Score & Trends
One number that tells you where you stand. Track improvements over time and show progress to stakeholders.
Full Dashboard & Reports
Asset management, scan history with side-by-side comparison, and detailed reports that make sense to non-security people.
Security Certificates
Shareable security certificates that answer procurement questions in one link. Send proof, not promises.
Annual Billing & Plan Limits
Save with annual plans. Domain limits and scan frequency tiers that give Pro users more control.
Email Security Scanner
SPF, DKIM, and DMARC checks for your domains. Catch email spoofing risks before attackers do.
Knowledge Base
AI-generated security articles for every finding type. Business impact and technical remediation in one place.
Shared Reports & Claim Flow
Receive a security report from someone? Claim your company profile and start monitoring for free.
Business Impact Descriptions
Every finding now explains the real-world business impact — why it matters for procurement, compliance, and customer trust.
OWASP Compliance Mapping
Findings mapped to OWASP categories with exploitability signals. See which industry standards each issue relates to.
Subdomain Takeover Detection
Detect dangling DNS records that could let attackers hijack your subdomains on AWS, Azure, GitHub Pages, and more.
NIS2 Technical Gap Assessment
See which NIS2 requirements your scans already cover and where the gaps are. One page, no jargon, ready to share with management.
Teams, Slack & Discord Alerts
Get security updates where your team already works. No more checking dashboards manually.
Leaked Credentials Monitoring
Check if your company's email addresses appear in known data breaches. Catch credential reuse risks before attackers do.
WordPress & CMS Plugin Detection
Detect known vulnerabilities in WordPress plugins, themes, and CMS installations — the most common attack surface for SME websites.
Jira & Linear Issue Sync
Push critical findings directly to your project tracker as actionable issues. No copy-pasting, no lost tickets.
API Exposure Detection
Detect publicly accessible API documentation, debug endpoints, and CORS misconfigurations before attackers find them.
Cyber Insurance Evidence Pack
Pre-packaged security evidence formatted for cyber insurance applications. Show underwriters your posture and potentially lower your premiums.
GDPR Technical Controls Checklist
Automated checks against GDPR Article 32 technical requirements — encryption, access controls, and vulnerability management evidence.
Industry Benchmarking
See how your security score compares to similar companies in your sector. Know if you are ahead or behind without hiring a consultant.
Business Tier
Multi-user access, priority scanning, extended history, and team reporting for growing companies with a small security-aware team.