Attack Surface Overview

Last scan: 12 Jun 2026, 09:42 ICT  ·  Next scheduled: 13 Jun 2026, 09:00 ICT

Jun 6 – Jun 12, 2026

Composite Risk Score

Updated 4 hours ago

62 / 100
ELEVATED
People
1,247
+3.2%
Assets
3,842
+1.8%
Services
684
−0.4%
Discovered Hosts
526
+12
Attack Surface Summary
6 categories
DNS Records
+3 /wk
4,218
API Endpoints
+89 /wk
2,341
Subdomains
+7 new
1,893
Cloud Assets
+12 /wk
1,126
Web Apps
+23 /wk
847
Certificates
8 expire
312
Vulnerabilities
147
Low
Low
22.4%
Medium
Medium
46.3%
High
High
23.1%
Critical
Critical
8.2%
Issue Categories
7 types
Uptime Monitoring
Giám sát thời gian hoạt động
14
Brand Protection
Bảo vệ thương hiệu
8
Vulnerability Mgmt
Quản lý lỗ hổng
47
Product Weakness
Điểm yếu sản phẩm
19
Data Breach Monitor
Giám sát rò rỉ dữ liệu
5
Botnet Detection
Phát hiện botnet
3
Threat Investigation
Điều tra mối đe dọa
11
Open Issues
23 open
CVE-2026-4821 — RCE via unauthenticated API endpoint VULN-2847
api-gateway.prod  ·  Discovered 2 days ago  ·  Assigned: SecOps
Open
Exposed S3 bucket with PII data EXPOS-192
s3-us-east-1 backup  ·  Discovered 5 hours ago  ·  Assigned: Cloud
In Progress
SSL certificate expires in 7 days — 3 domains affected CERT-048
*.gskywatch.io  ·  Auto-renewal failed  ·  Assigned: Infra
Acknowledged
DNS record leak — internal service exposed to public DNS-033
staging.internal.gskywatch  ·  Discovered yesterday  ·  Assigned: NetOps
Open
Outdated dependencies — 4 critical CVEs in npm packages DEP-127
dashboard-frontend  ·  3 PRs pending  ·  Assigned: DevSec
In Progress
Recent Detections
View all →
Brute force attempt on admin portal
47 failed login attempts from 12 IPs in 8 min — admin.gskywatch.io
09:38
SQL injection probe detected
Automated scanner targeting /api/v2/search endpoint — blocked by WAF
09:12
Unusual data transfer spike
Outbound traffic to unknown IP — 2.3 GB in 15 min from worker-04
08:47
New subdomain discovered
staging-api.gskywatch.io — DNS record created, not in asset inventory
08:20
Certificate renewed successfully
api.gskywatch.io — Let's Encrypt auto-renewal completed
07:55

Asset Inventory

All discovered assets across your attack surface

Jun 6 – Jun 12, 2026
Hosts
1,247
+3.2%
Services
684
+1.8%
Discovered Hosts
526
+12
Asset Groups
18
−0.4%

103.253.73.99

2 services Updated: 24/06/2026 17:12
103.253.73.99:8080
200 OK 103.253.73.99
Technology Documentation Cloud Service
Welcome to nginx!
N Nginx:1.18.0 U Ubuntu
6 months ago
103.253.73.99:80
400 Bad Re... 103.253.73.99
Bad Request (400)
N Nginx:1.18.0 U Ubuntu
6 months ago

emm.trin.net

Updated: 25/05/2026 16:04

testwebservices.hawaiianairlines.com

Updated: 09/12/2025 08:43

49.88.112.75

5 services Updated: 18/06/2026 09:30

172.16.0.88

1 service Updated: 22/06/2026 14:15
Rows per page: Page 1 of 1

shadow-api.corp.net

10.0.4.22 DNS Scan · 2 hours ago

legacy-app.internal

10.0.3.87 Port Scan · 5 hours ago

vpn-gateway-02.corp.net

10.0.1.15 Certificate · 1 day ago
Rows per page: Page 1 of 1

HTTPS Web Server 443

TCP / TLS 1.3 · Active

REST API Gateway 8443

TCP / TLS 1.3 · Active

SSH Management 22

TCP · Restricted

SMTP Relay 25

TCP · Disabled

PostgreSQL Database 5432

TCP · Active
Rows per page: Page 1 of 1

Production Web

312 assets High risk · Infra Team

API Services

187 assets Medium risk · Backend Team

Internal Tools

94 assets Low risk · DevOps

Customer Facing

248 assets High risk · Product Team
Rows per page: Page 1 of 1
Sky Assistant
Online — Last sync 2 min ago
SK
Hello! I'm Sky Assistant — your AI-powered cybersecurity analyst. I can help you investigate threats, analyze vulnerabilities, review asset exposure, and generate security reports. What would you like to know?
10:32 AM
Y
Show me all critical vulnerabilities found in the last 24 hours
10:33 AM
SK
Found 12 critical vulnerabilities in the last 24 hours across 3 assets:
10:33 AM
SK
CRITICAL Remote Code Execution — Apache Struts
Affected: api.gskywatch.io:8080 | CVE-2026-1234 | CVSS 9.8
Discovered 6 hours ago — No remediation yet
SK
CRITICAL SQL Injection — Login Form
Affected: gskywatch.io/auth | CVE-2026-5678 | CVSS 9.1
Discovered 14 hours ago — Patch available
10:34 AM
Critical Reports
12
+3 / This week
High Severity
34
+8 / This week
Total Reports
89
+12 / This month
Resolved
67
75% resolved
VULNERABILITY
Critical CVE Batch — Q2 2026
CRITICAL
12 critical vulnerabilities discovered across 3 assets. Includes Remote Code Execution on Apache Struts and SQL Injection on authentication endpoints. Immediate remediation required.
2 hours ago
SOC Team
EXPOSURE
Subdomain Takeover Risk
HIGH
3 subdomains with dangling DNS records detected. These can be taken over by malicious actors to serve phishing pages or steal cookies.
5 hours ago
Automated Scan
UPTIME
Service Downtime Alert — API Gateway
MEDIUM
API Gateway experienced 14 minutes of downtime at 03:42 UTC. Root cause: upstream DNS resolution failure. Service restored automatically.
8 hours ago
Uptime Monitor
BRAND
Phishing Domain Detected — g-skywatch.com
HIGH
A lookalike domain g-skywatch.com was registered 3 days ago. SSL certificate issued by Let's Encrypt. Currently serving a credential-harvesting page mimicking the login portal.
1 day ago
Brand Protection
BOTNET
C2 Communication Detected — 3 Hosts
CRITICAL
3 internal hosts communicating with known Cobalt Strike C2 server (185.220.101.42). Traffic pattern indicates possible lateral movement. Immediate isolation recommended.
30 min ago
Threat Intel
REMEDIATION
Weekly Remediation Summary — W25
LOW
67 of 89 open issues resolved this week. Average remediation time improved from 4.2 days to 2.8 days. 3 critical CVEs patched within SLA. 12 findings still pending owner assignment.
Today 09:00
Auto Report