Capterra’s researchers use a mix of verified reviews, independent research and objective methodologies to bring you selection and ranking information you can trust. While we may earn a referral fee when you visit a provider through our links or speak to an advisor, this has no influence on our research or methodology.
Capterra carefully verified over 2 million reviews to bring you authentic software and services experiences from real users. Our human moderators verify that reviewers are real people and that reviews are authentic. They use leading tech to analyze text quality and to detect plagiarism and generative AI. Learn more.
Capterra lists all providers across its website—not just those that pay us—so that users can make informed purchase decisions. Capterra is free for users. Software and service providers pay us for sponsored profiles to receive web traffic and sales opportunities. Sponsored profiles include a link-out icon that takes users to the provider’s website. Learn more.
Hexiosec ASM scans the Internet to discover your online infrastructure, assets and shadow IT. It checks for misconfigurations, security vulnerabilities, and exposed data to create a prioritised set of risks with built-in remediation advice. Quickly find & evaluate your own or 3rd parties online attack surface and continuously monitor it for changes. Hexiosec ASM uses non-aggressive, non-intrusive, passive scanning techniques - enabling you to perform due diligence on any business!
Provider
Hexiosec
Located In
United Kingdom
Open API
Yes
Deployment
Cloud, SaaS, Web-Based
Mobile Apps
iOS, Android
Training
In Person, Live Online, Webinars, Documentation, Videos
Support
Email/Help Desk, Phone Support, FAQs/Forum, Knowledge Base
Developed for IT cyber security & vendor management teams in organisations of all sizes. An Attack Surface Management platform that helps identify, understand & remediate issues in your online estate.
Content Source: Hexiosec ASM
Based on other buyer's searches, these are the products that could be a good fit for you.
Hexiosec ASM Reviews
Pros
It's a great tool, having a single place which groups together all IP addresses, domains, services, and components for web applications is particularly useful for assessments.
Really impressed with the product and the after-sales service we have received.
Using Fractal Scan and working with the team at Red Maple has been an absolute pleasure. Fractal Scan is a powerful but elegant tool that we use to protect ourselves as well as to help other clients.
Fantasstic relationship managers who are always happy to help and provide support. Software has helped with gap analysis and assesments of new and exisiting clients.
Cons
Manual rescan is part of a higher subscription level, which could be annoying for some, but an overnight rescan is more than suitable for our organisation.
The graph tab is confusing and difficult to use/interpret. It feels a little unnecessary and clunky.
There is nothing of note at the moment that causes us to dislike the FractalScan Surface product.
Some of the language is tech heavy - it could be dumbed down just a little for the non expert user.
"Very useful continuous monitoring product!"
Overall: Since using the product, we discovered quite a few vulnerabilities and security misconfigurations in our environment which were previously overlooked. It also provided us with actions to take, and prioritized the risks for us, so we knew what to focus on fixing first. Best of all, as time marches forward, the product keeps aware of the changes to your infrastructure automatically, and will keep you informed of new risks and exposures that your environment may have. It's a fantastic tool to help you be proactive at preventing cracks from forming in your infrastructure
Pros: The tool automatically monitors for changes in the security posture of the assets under management. This tool automatically scans and explores the domain and subdomains, and other DNS records for items to monitor, and then automatically scans these assets for known vulnerabilities, versions, and highlights common security misconfigurations and items you may overlook, such as ensuring strict transport security is enforced. The support team has been great to work with. It was entirely painless to get set up and have a huge breadth of monitoring and awareness, right from the start with very little effort or time required. For the money, you get a lot of visibility, depth, notifications, and value out of the product. I'm very glad we are using it.
Cons: The product does a good job of showing you changes over time, but (and this is really minor) it would be useful to keep the history of a previously mitigated vulnerability/risk to know exactly what it was mapped to.
"Refreshing approach to common problem"
Overall: FractalScan allowed be to better support my clients. As a security testing company, we need to help our customers identify, test and reduce risk. FractalScan has empowered myself and my team more easily and quickly identify risk with our customers.
Pros: What I appreciate the most about FractalScan is the level of accuracy this platform provides while maintaining a passive approach to data collection. As someone who works in technical sales and consulting, I have a lot of clients working with products in this space. The common problem is the overwhelming amount of results and the operational overhead required to make those results actionable. FractalScan's unique solution provides results that are immediately accurate and actionable.
Cons: The current public API is lacking some key features to support full process integration. While this is what I like least about the current product, I do have to add that this "complaint" will not last long. The FractalScan team takes feedback very seriously and actively work to dev the gaps that their customers highlight. While this is current gap, I do not foresee this being a gap much longer.
"Fractal Scan"
Overall: Easy to use, easy to configure, straightforward results and details.
Pros: Domain based scanning with effective reporting and reliable results.
Cons: Out of the box integrations with ticketing solutions would be nice.
"FractalScan Surface - starts simple, great discovery"
Overall: We may not be privy to sites or sub-domains other parts of the business may implement. FractalScan gives us a discovery tool to identify previously unknown public infrastructure, we can reduce our external attack surface by identifying and resolving issues and getting "old" public infrastructure decommissioned.
Pros: Simplicity - give it a domain and it will find out what it can about subdomains, related domains and any issues it identifies with them.
Cons: FractalScan sometimes identifies unrelated domains as being related, so there is some clean up of the discovery required.
"Easy Win Software"
Overall: So easy to get going with, and a massive win for identifying vulnerabilities, and have them analysed in terms of risk so you can focus attention in the right area at the right time.
Pros: Ease of setup, ease of use, auto update, very little to do
Cons: Manual rescan is part of a higher subscription level, which could be annoying for some, but an overnight rescan is more than suitable for our organisation