Live external surface monitoring

Know your external security. Prove it.

Soreva scans your external attack surface, watches it for drift, and turns the result into proof you can hand to a customer, an auditor, or your board — without touching a single system.

See how it works Live Trust Profile
Evidence feed
TLS 1.3 · HSTS enforced · certificate valid
Know Reduce Prove Know Reduce Prove
One scan, the whole perimeter
0
External assets mapped from a single domain
0
Scoring categories — web, email, DNS, exposure, reputation
~0s
From domain to evidence — passive and read-only
0h
Re-check cadence — your posture stays current
The knowing part

See your perimeter the way an attacker does

A passive scan maps every external asset and surfaces exposure as it appears — DNS, TLS, headers, email auth, exposed files, reputation. Read-only. No agent. No noise.

Then it keeps watching for drift, so the first time you hear about a problem isn't from a customer's questionnaire. The signal arrives before the question does.

  • 01External asset discovery
  • 02DNS, TLS & HTTP hygiene
  • 03Email authentication (SPF, DKIM, DMARC)
  • 04Exposed files & secrets
  • 05Reputation & drift monitoring
The reducing part

Fix what actually moves your risk

Your business context reweights every finding into a prioritized roadmap — each item with a named owner across six roles and an honest effort estimate, from a quick DNS change to a developer task.

No 200-item dump. Just what matters, in order. The platform turns posture into a sequence of decisions a team can actually run.

  • 01Context-weighted prioritisation
  • 02Owner assignment across six roles
  • 03Effort estimates per finding
  • 04Quick-wins vs developer work
The improving part

Turn proof into continuous improvement

Turn the result into a board-ready Evidence Pack and a sender-safe public Trust Profile. Each is generated from the same continuous signal — never copy-paste, never out of date.

Share either through a signed link you can expire or revoke — proof that's current, scoped to its audience, and never leaks a finding to the wrong reader.

  • 01Evidence Pack (board-ready)
  • 02Public Trust Profile
  • 03Signed, expiring, revocable links
  • 04Audience-locked sharing
Scroll · the platform
The platform

One continuous system. Four ways to work it.

04 modules
01

Scanner

Know

A passive, read-only assessment of your external surface in about 30 seconds. Submit a domain, confirm you're authorized, and read the results across five categories.

 02

Monitor

Know, over time

Track every domain and get told the moment your posture drifts — a weekly exploitability digest, nine alert types, and a score-and-narrative timeline per domain.

 03

Blueprint

Reduce

Capture your business and environment once. Soreva reweights every finding, names an owner, and produces a prioritized control-gap roadmap with effort estimates.

 04

Proof

Prove

Generate a board-ready Evidence Pack and publish a sender-safe Trust Profile. Audience-locked, signed, expiring, revocable — share it in one link.
The proof layer · what a scan returns

A score, five categories, and the evidence behind each one

Sample · example-corp.com
0 / 100
Fair 12 findings · 248 assets

Solid foundation — two things worth fixing this week

Transport, DNS, and reputation are healthy. Email authentication and a missing content policy are pulling the score down — both quick wins with named owners.

Web0
Email0
DNS0
Exposure0
Reputation0
DMARC policy is none

Spoofed mail won't be rejected. Move to p=quarantine.

~15 min · dns-admin
CSP header missing

Fewer guardrails against injected scripts. Start report-only, then enforce.

~1 hr · developer
Transport security is solid

TLS 1.3, HSTS enforced, cert valid 214 days. Evidence it's covered.

no action

External posture insight — not a penetration test or a guarantee. Every finding is evidence-backed, deterministic, and reproducible on the next scan.

The proof layer · what a recipient sees

Proof you're monitored — and nothing else

When a customer, partner, or auditor opens your Trust Profile, the public payload is a security-critical allowlist: status, cadence, passing categories. No findings. No subdomains. No score. It never leaks.

01One render, no drift. The page you preview is the page they see — the same component, byte for byte.
02Always current. Re-checked every 24 hours; the public view refreshes only at controlled events.
Open a live Trust Profile
Security posture

Northwind Labs

northwindlabs.com
Strong
Monitored since
January 2026
Re-checked
Every 24 hours
External checks passing
TLS configuration Email auth Security headers DNS hygiene
Verified by Soreva · Continuous monitoring
How we operate

Trusted by design, not by promise

01

Passive & read-only

We never touch your systems. Every check is external and non-intrusive — no agents, no probing.

02

Authorization required

Scans run only on domains you confirm you're authorized to assess. Consent is on the record.

03

Findings never leak

Public proof surfaces carry no findings, subdomains, or scores. The allowlist is enforced server-side.

04

Evidence over verdicts

Results are deterministic and reproducible. Every claim links to evidence — never a black box.

05

Insight, not a full audit

External posture insight you can act on. It complements a pen test and audit — it doesn't replace them.

Know · Reduce · Prove

Know your external security. Prove it.

Run your first scan in about 30 seconds. No agent, no card, no obligation — just the evidence.

See how it works See the proof layer