Rescan cadence
0h
every internet-facing asset, revisited daily
FIRE list, plus optional KEV lists or your custom CVE list
Know which assets are vulnerable to financial loss breaches.
See your real financial risk like never before.
Evidence Scan identifies Financial Risk Exposures (FIREs) in your externally exposed assets, so you can stay safe from costly breaches.
Most CVEs have never cost anyone a dime.
FIREs have cost millions of dollars.
Only Evidence Scan knows the difference.
Evidence Scan uses a proprietary list of FIREs (Financial Risk Exposures), including every CVE known to have caused a documented financial loss in one or more organizations. No other company looks at CVEs through the lens of financial loss.
A vuln scanner
laser-focused on what matters.
First results
Minutes
not months
coverage starts on day one
Financial risk
$0.00M
tied to your organization
sized by impacted assets, your industry and company size
Evidence Scan revisits every internet-facing asset every 24 hours to detect vulnerabilities of interest on the FIRE list, as well as optional coverage of KEV lists or your org's custom list of CVEs of concern.
You'll also see a financial risk number tied to your organization, based on the number of impacted assets in your perimeter as well as your industry and company size.
Coverage starts on day one. You'll have your initial results in minutes, not months.
Before your first scan: Evidence Surface sees it all.
Evidence Scan starts by discovering your perimeter with our pre-built EASM tool, Evidence Surface.
Evidence Surface is built on Evidence Graph, a dynamic model that continuously observes every public-facing host, domain, certificate, and service on the internet. Evidence Surface identifies which assets belong to your org through eight independent signal types.
Meet Evidence Surface →0
independent signal types
If it's in your scan…
…it's real… …it's reachable…
…and it cost someone money.
Every FIRE vulnerability in your scan results will meet three criteria:
Externally reachable
The detected vulnerability has to be exposed to the outside world. The platform verifies reachability directly, looking at your assets from the outside, like an attacker would.
Documented loss history
The CVE has appeared in cyber insurance claims or as publicly disclosed losses. Any dollar amount lost qualifies.
Definitive evidence
Yes and no answers only. The scan never returns "potentially affected" results or partial matches that push triage work back onto your team.
New breach somewhere in the world?
We're already on it.
When the world changes
New financial loss breaches will happen worldwide, and Evidence keeps watching for new CVEs causing those breaches. When a new CVE is found to cause loss, it moves onto the FIRE (Financial Risk Exposure) list immediately. Your next scan will find any instances within your environment.
When your side changes
It works the same for changes on your side when a new subdomain appears, or a cloud instance spins up with a FIRE on it. Your perimeter automatically expands, and your team sees any risk right away.
Got CVEs you care about
beyond the FIRE list?
Bring them.
FIRE sets the baseline, but your team can also identify CVEs of interest based on what matters most to you, including:
ICE
Incident-Causing Exposures are vulnerabilities DFIR teams encounter in active engagements or CVEs on KEV lists that have not been correlated to a loss (yet).
KEVs
Known Exploitable Vulnerability lists, like those from CISA and VulnCheck, for organizations under federal or contractual mandates.
Custom CVE lists
Any CVE your team flags as critical for regulatory, contractual, or supply-chain reasons. The scan can identify these findings every time it runs.
What if you could fix every vulnerability that has ever caused a financial loss?
Many organizations can. We call it "FIRE zero."
Most first scans reveal a single- or low double-digit FIRE count. Reducing this number to zero is in reach for many organizations, so we track your streaks of days without any FIREs in your environment.
FIRE zero streak
0
days without a FIRE
longest streak 63 days
Your team's work has always had value.
Now you (and the board) can see it in dollars and cents.
Evidence Scan tracks every dollar of risk exposure you retire, based on which assets have had FIRE vulnerabilities remediated. Every time you remove the FIREs from a FIRE-vulnerable asset, the dollar value goes up, showing real value from your security program like never before.
Retired risk
$0.00M
in the last 90 days
Ready to start fighting FIREs?
Evidence Scan has the simplest setup in cybersecurity, with no installation work required from your team. Within minutes, you'll get a FIRE list mapped to specific assets. We've made big claims: if you want to see proof, now's your chance.
Request a demo