Attack Surface Overview

Last scan: 12 Jun 2026, 09:42 ICT  ·  Next scheduled: 13 Jun 2026, 09:00 ICT

Jun 6 – Jun 12, 2026

Composite Risk Score

Updated 4 hours ago

ELEVATED
62 / 100
People
1,247
+3.2%
Assets
3,842
+1.8%
Services
684
−0.4%
Discovered Hosts
526
+12
Remediation Pipeline Last 30 days
23
New
18
Triaged
31
In Progress
42
Fixed
156
Verified
Attack Surface Summary
6 categories
DNS Records
+3 /wk
4,218
API Endpoints
+89 /wk
2,341
Subdomains
+7 new
1,893
Cloud Assets
+12 /wk
1,126
Web Apps
+23 /wk
847
Certificates
8 expire
312
Vulnerabilities
147
Low
Low
22.4%
Medium
Medium
46.3%
High
High
23.1%
Critical
Critical
8.2%
Issue Categories
7 types
Uptime Monitoring
Giám sát thời gian hoạt động
14
Brand Protection
Bảo vệ thương hiệu
8
Vulnerability Mgmt
Quản lý lỗ hổng
47
Product Weakness
Điểm yếu sản phẩm
19
Data Breach Monitor
Giám sát rò rỉ dữ liệu
5
Botnet Detection
Phát hiện botnet
3
Threat Investigation
Điều tra mối đe dọa
11
Open Issues
23 open
CVE-2026-4821 — RCE via unauthenticated API endpoint VULN-2847
api-gateway.prod  ·  Discovered 2 days ago  ·  Assigned: SecOps
Open
Exposed S3 bucket with PII data EXPOS-192
s3-us-east-1 backup  ·  Discovered 5 hours ago  ·  Assigned: Cloud
In Progress
SSL certificate expires in 7 days — 3 domains affected CERT-048
*.gskywatch.io  ·  Auto-renewal failed  ·  Assigned: Infra
Acknowledged
DNS record leak — internal service exposed to public DNS-033
staging.internal.gskywatch  ·  Discovered yesterday  ·  Assigned: NetOps
Open
Outdated dependencies — 4 critical CVEs in npm packages DEP-127
dashboard-frontend  ·  3 PRs pending  ·  Assigned: DevSec
In Progress
Recent Detections
View all →
Brute force attempt on admin portal
47 failed login attempts from 12 IPs in 8 min — admin.gskywatch.io
09:38
SQL injection probe detected
Automated scanner targeting /api/v2/search endpoint — blocked by WAF
09:12
Unusual data transfer spike
Outbound traffic to unknown IP — 2.3 GB in 15 min from worker-04
08:47
New subdomain discovered
staging-api.gskywatch.io — DNS record created, not in asset inventory
08:20
Certificate renewed successfully
api.gskywatch.io — Let's Encrypt auto-renewal completed
07:55

Asset Inventory

All discovered assets across your attack surface

Jun 6 – Jun 12, 2026
1,247
Hosts
MOST RECENT 2 hours ago
684
Services
MOST RECENT 1 day ago
526
Discovered Hosts
LAST UPDATED 3 days ago
18
Asset Groups
MOST RECENT 5 days ago

103.253.73.99

2 services Updated: 24/06/2026 17:12
103.253.73.99:8080
200 OK 103.253.73.99
Technology Documentation Cloud Service
Welcome to nginx!
N Nginx:1.18.0 U Ubuntu
6 months ago
103.253.73.99:80
400 Bad Re... 103.253.73.99
Bad Request (400)
N Nginx:1.18.0 U Ubuntu
6 months ago

emm.trin.net

Updated: 25/05/2026 16:04

testwebservices.hawaiianairlines.com

Updated: 09/12/2025 08:43

49.88.112.75

5 services Updated: 18/06/2026 09:30

172.16.0.88

1 service Updated: 22/06/2026 14:15
Rows per page: Page 1 of 1

shadow-api.corp.net

10.0.4.22 DNS Scan · 2 hours ago

legacy-app.internal

10.0.3.87 Port Scan · 5 hours ago

vpn-gateway-02.corp.net

10.0.1.15 Certificate · 1 day ago
Rows per page: Page 1 of 1

HTTPS Web Server 443

TCP / TLS 1.3 · Active

REST API Gateway 8443

TCP / TLS 1.3 · Active

SSH Management 22

TCP · Restricted

SMTP Relay 25

TCP · Disabled

PostgreSQL Database 5432

TCP · Active
Rows per page: Page 1 of 1

Production Web

312 assets High risk · Infra Team

API Services

187 assets Medium risk · Backend Team

Internal Tools

94 assets Low risk · DevOps

Customer Facing

248 assets High risk · Product Team
Rows per page: Page 1 of 1