Topics
In-depth guides for each of the 7 risk categories SurfaceLoop scans.
Open Ports & Services
Discover and monitor open TCP ports and exposed services across your external attack surface.
Exposed Web Panels
Detect admin panels, management interfaces, and login pages exposed to the public internet.
TLS & Certificates
Monitor TLS configuration, certificate expiry, weak ciphers, and chain-of-trust issues.
Security Headers
Check HTTP security headers including CSP, HSTS, X-Frame-Options, and Permissions-Policy.
Known Vulnerabilities (CVEs)
Scan for known CVEs and exploitable vulnerabilities using thousands of detection templates.
DNS & Email Spoofing
Validate SPF, DKIM, and DMARC configuration to prevent domain spoofing and phishing.
Subdomain Enumeration
Discover subdomains, shadow IT, forgotten services, and development environments exposed to the internet.
External Attack Surface Management
Discover, monitor, and assess all internet-facing assets from the attacker's perspective.