external threat intelligence

FIND OUT WHAT
ATTACKERS SEE
WHEN THEY LOOK
AT YOUR COMPANY.

Before someone breaches you, sues you, or puts your name in the news — find out what's publicly exposed. We check the same sources attackers do and send you a plain-English report in 48 hours.

free domain check
$ parapet scan <your domain>
EMAILcan your domain be impersonated?
CREDSpasswords already in criminal hands?
SYSTEMSanything exposed on the internet?
FAKEScriminals pretending to be you?
48h
report delivery
13
public sources checked
0
system access required
$2,500
starting price
01 — what we find

Four things that keep leadership up at night.

Most companies have at least two of these. Many don't find out until there's a breach, a lawsuit, or a regulatory investigation.

High risk
Anyone can send email that looks like it's from you
A misconfigured DNS record means criminals can send email impersonating your CEO, your finance team, or your entire domain. It's the leading tool in wire fraud and business email compromise. Most companies have no idea their domain can be spoofed until it happens.
High risk
Employee passwords are already for sale
Data breaches from LinkedIn, Adobe, and hundreds of other sites end up in criminal databases. If your employees reuse passwords — and most do — attackers already have a way in. We show you exactly how many of your team are exposed and from which breaches.
Elevated
Systems you forgot about are still online
Old development environments, forgotten login pages, legacy servers — they show up in public internet scans and become easy targets. Attackers don't need to be sophisticated. They just need one unlocked door you stopped thinking about three years ago.
Elevated
Criminals are already setting up to impersonate you
Lookalike domains — yourcompany-secure.com, yoourcompany.com — get registered weeks before a phishing attack. By the time your clients report fake emails, the damage is done. We watch for these and flag them before they're active.
02 — how it works

Three steps. No access to your systems required.

01
You give us your domain
That's it. We don't need login credentials, network access, or an on-site visit. Everything we check is publicly available — the same sources attackers use for free.
02
We run the scan
We check 13 public sources: breach databases, internet-wide port scans, certificate logs, DNS records, GitHub, job postings, dark web forums, and more. Findings rated by severity.
03
You get a plain-English report
Within 48 hours. No 200-page technical document — a clear summary of what's exposed, what it means for your business, and what to fix first. Most findings are actionable in a day.
03 — pricing

Choose your depth.

T1 — one-time
Exposure Report
$2,500
Track A · 48-hour delivery
  • Full scan across all 13 sources
  • Risk summary in plain English
  • Email spoofing vulnerability check
  • Credential breach exposure count
  • Exposed systems and login pages
  • Attack narrative: how findings connect
  • Compliance mapping (NIST 800-171)
START T1 →
T2 — one-time
Deep Dive
$6,000
Track A · 5–7 day delivery
  • Everything in T1
  • Manual review of exposed systems
  • Dark web search: forums, Telegram, paste sites
  • Cloud storage buckets (S3, Azure, GCP)
  • Social graph: who's in your security team
  • 3–5 attack scenarios with step-by-step narrative
  • Priority remediation plan
START T2 →
Recurring
Ongoing Watch
$900/mo
Monthly monitoring · cancel anytime
  • Monthly scan across all T1 sources
  • Alert when anything new appears
  • New breach, new subdomain, new lookalike domain
  • R2 ($1,200/mo): adds dark web monitoring
  • R3 ($2,500/mo): adds biannual deep dive
START MONITORING →

Regulated industries (hospitals, financial advisers, utilities) pay 2–3× more — the regulatory risk framing and referral to certified assessors is a different product. Payment: 50% upfront, 50% on delivery for T1/T2. Monthly for monitoring.

04 — what you should know

We're direct about what we are and aren't.

What we do
We analyze publicly available information — the same sources anyone can access. No system access, no credentials, no intrusive testing. We report what's already visible.
What we don't do
We don't hack you, test your passwords, or send phishing emails to your staff. We're not a penetration testing firm. If your audit requires one, we'll refer you to a certified shop.
Validated at
Methodology applied at NATO DIANA Cluster 4 in Athens, April 2026 — red team assessments across 23 European defense companies. Findings retained 90 days. Liability capped at engagement fee.

Get your free domain check.

Enter your domain above or fill out this form. We'll run a preview scan and send back what we find — no commitment, no system access, results within 24 hours.

For full engagements we confirm scope, send an invoice, and deliver your report within 48 hours of payment.

mike@parapetsec.com
443-924-9795