All features External surface

See what attackers see — 674 external checks + Deep Scan

Continuously scan every client’s internet-facing attack surface: TLS, DNS, email authentication, exposed services, subdomains and KEV-listed CVEs. Pro tier adds Deep Scan — 4,178 template-driven CVE checks. No agent, no credentials.

Get started Run a free scan
674external checks
4,178Deep Scan checks
0agents required
external-security-scanning 674
TLSTLS / SSLPASS
EMAIEmail authCHECK
EXPOExposed servicesFAIL
KNOWKnown-exploited CVEsPASS
DEEPDeep Scan (Pro+)PASS
SCORScore trend + projectionPASS
What it does

Inside the coverage

TLS / SSL

Certificate chain, expiry, weak ciphers and HSTS.

Email auth

SPF, DKIM, DMARC, MTA-STS and BIMI alignment.

Exposed services

Open ports, admin panels and dev endpoints.

Known-exploited CVEs

Ranked with CISA KEV and EPSS probability.

Deep Scan (Pro+)

4,178 deep-scan template checks across CVEs, default credentials, exposed panels, misconfigurations and tech-stack fingerprints. Runs on-demand from Domain Detail.

Score trend + projection

Watch the external score move over time; see which fixes will lift it most.

Part of one platform

One finding, one fix, one report

External Security Scanning is one piece of SBCMSP’s unified loop — every finding is prioritized by real-world risk, paired with AI remediation guidance, mapped to your frameworks and re-verified on the next scan.

  • KEV / EPSS-ranked severity
  • AI remediation guidance
  • Mapped to 10 frameworks
  • White-label client reporting
See the full platform
82
+27 pts
projected after top fixes

Run your first scan free

See a client’s real posture in minutes — then unlock all 1,658 checks.