UpGuard BreachSight features

One solution to cover your attack surface management needs

Monitor

Security ratings
Custom notifications
?
Create custom notifications for in-app and email alerts, or webhook triggers.
Your security rating
?
Instantly understand your overall security posture.
Domain security ratings
?
Instantly understand your domain security posture.
Continuous security monitoring
Incidents & news feed
?
Stay on top of publicly disclosed data breaches.
Risk profile
?
Understand risks shared across your infrastructure.
Domains & IPs
?
Dive deep into individual domain and IP risks.
Asset Portfolios
?
Efficiently organize your domains and IP addresses into groups
Attack surface reduction
Vulnerabilities
?
Discover vulnerabilities in software on your website.
Typosquatting
?
Monitor and identify domain permutations.
Data Protection
Data Leak Detection
?
Detect sensitive data exposed publicly

Remediate

Data protection
Identity breaches
?
Discover credentials exposed in data breaches.
Workflows and waivers
Remediation workflows
?
Seamless inbuilt workflows to remediate risks.
Remediation planner
?
Plan your remediation on the impact on security ratings.
Risk waivers
?
Accept specific risks that have been identified.
Templates
?
Standardize security related communication with vendors.
Security profile
Your security profile
?
Eliminate repeated security questionnaires.

Manage

Reporting and insights
Executive reporting
?
In-built executive reports for the Board and C-Suite.
Custom report templates
?
Create and save custom report templates
Business operations
Roles and permissions
?
Tailor access for your team to protect sensitive info.
Account security
?
Support for Azure, Okta, Ping Identity and more.
Collaboration notes
?
Attach notes and info for your teammates.
Subsidiaries
?
Monitor the security posture of your subsidiaries in one place.
Audit log
?
Keep track of important events and users.
Scheduled reports
?
See all report exports queued from anywhere in UpGuard.
Third-party integrations
Jira integration
?
Send issues directly from UpGuard into a Jira project
Slack integration
?
Send UpGuard notification directly to Slack channels
Zapier integration
?
Connect UpGuard to thousands of apps to automate your work.
UpGuard API
?
Access your account programmatically.
Shield tick icon

Acknowledge risks

UpGuard risk profile
Rating icon

Security ratings

Use our security ratings to get a data-driven, objective, and dynamic measurement of your organization’s security posture. Our security ratings are generated through the analysis of trusted commercial, open-source, and proprietary threat intelligence feeds and non-intrusive data collection methods.

Custom notifications

UpGuard comes with a host of default notifications, and allows you to create and manage custom notifications as well. These can be used for in-app and email alerts, or webhook triggers.
  • Check icon
    Get notified when you organization score drops
  • Check icon
    Get notified when a vendor's score drops below a threshold
  • Check icon
    Custom notifications can also be used to trigger webhook integrations
  • Check icon
    Customize notifications based on labels and vendor tiers

Your security rating

Instantly understand your organization’s overall security posture.
  • Check icon
    Easy to understand for non-technical stakeholders and senior management
  • Check icon
    Updated multiple times a day
  • Check icon
    Based on the analysis of each of your underlying domains and their security ratings

Domain security ratings

Explore the security posture of individual domains and drill into issues.
  • Check icon
    Based on the analysis of hundreds of individual risks across five risk categories
Shield icon

Continuous security monitoring

Get real-time information about misconfigurations, understand your risk profile, and get started in minutes, not weeks, with our fully integrated solution and API. Because we use externally verifiable information, you won’t have to lift a finger to get started.

Incidents & news feed

View all of the recent security incidents or just the ones related to you and your vendors, or even view news and incidents separately.
  • Check icon
    Stay on top of important security trends and news related to your industry and your vendors
  • Check icon
    See incidents based on severity for you organization and your vendors
  • Check icon
    Easily search an organization, or an incident
  • Check icon
    Filter the incidents by company, time, threat actor, threat actor location or the type of data exposed

Risk profile

Instantly understand your risk profile and drill down into individual risks shared across your infrastructure.
  • Check icon
    Transparent security ratings
  • Check icon
    Intelligent risk categories
  • Check icon
    Updated daily
  • Check icon
    Real-time risk insights

Domains & IPs

View the domains and IPs that belong to your organization and their corresponding cyber risks.
  • Check icon
    See the security rating of each domain and associated risks
  • Check icon
    Automatic domain discovery, no manual input needed
  • Check icon
    Label domains based on owner, use, or any other category

Asset Portfolios

Organize your domains and IP addresses by different use-cases into separate lists. Once setup, you can control user access for each of the portfolios.
  • Check icon
    Easily filter, view and report the performance of individual portfolios
  • Check icon
    Maintain and report on separate asset portfolios for different departments or groups within your organization
  • Check icon
    Manage permissions so that users only have access to the portfolios and assets they need
Shield globe icon

Attack surface reduction

Reduce your attack surface by discovering exploitable vulnerabilities and permutations of your domains that are at risk of typosquatting.

Vulnerabilities

Discover vulnerabilities that may be exploitable in the software that is running on your websites.
  • Check icon
    Detect vulnerabilities related to server operating systems and vendor software including the MOVEit transfer appliance, and common Javascript libraries
  • Check icon
    Indicates high value vulnerabilities that are listed on the CISA Known Exploited Vulnerabilities (KEV) catalog
  • Check icon
    Each vulnerability has CVE ID information and a CVSS, a numerical score between 0 and 10 that reflects the severity

Typosquatting

Monitor and identify permutations of your domains that are at risk of typosquatting.
  • Check icon
    Prevent bait and switching, domain parking, imitators, phishing, and other typosquatting-related risks
Shield icon

Data protection

Failure to detect exposed data can have serious consequences on your business, from enabling corporate espionage to customer identity theft. This data provides attackers with a huge advantage: enabling reconnaissance, providing a foothold in the network for further exploration, selling data to the highest bidder, or holding data at ransom.

Data leak detection

UpGuard's proprietary Data Leak Search Engine scans every corner of the Internet, and identifies data that presents a risk. It doesn't just monitor your Internet presence but also scans every website we can find, cloud storage buckets, source code repos like GitHub, the Dark Web, pastebin, exposed databases like Mongodb, and many other sources.
  • Check icon
    Detect sensitive documents that aren’t meant for distribution
  • Check icon
    Protect customer data and avoid reputation, business, and regulatory damage
  • Check icon
    Find exposed employee credentials before attackers do
  • Check icon
    Automatically classify identified leaks
  • Check icon
    Identify API keys from hundreds of providers, database connection strings, SSL certificates, and more
  • Check icon
    Monitor for data exposures that occur at third-party party vendors that reference your organization
Terminal icon

Remediate risks

UpGuard remediation request
Data leak icon

Data protection

Failure to detect exposed data can have serious consequences on your business, from enabling corporate espionage to customer identity theft. This data provides attackers with a huge advantage: enabling reconnaissance, providing a foothold in the network for further exploration, selling data to the highest bidder, or holding data at ransom.

Identity breaches

Discover credentials exposed in third-party data breaches on the open, deep, and dark web and notify affected employees before their accounts are compromised.
  • Check icon
    Notify impacted employees from inside the platform
  • Check icon
    Archive remediated breaches
  • Check icon
    Automated severity assessment
  • Check icon
    Know what data has been exposed
Workflows icon

Workflows and waivers

Simplify and accelerate how you remediate issues, waive risks, and respond to security queries. Use our real-time data to get information about risks, rely on our workflows to track progress, and know exactly when issues are fixed.

Remediation workflows

Use inbuilt workflows to remediate risks identified by the UpGuard platform.
  • Check icon
    Fix man-in-the-middle risks
  • Check icon
    Find insecure SSL/TLS certificates
  • Check icon
    Understand email security
  • Check icon
    Enforce HSTS
  • Check icon
    Close unnecessary open ports
  • Check icon
    Fix vulnerable software
  • Check icon
    Prevent HTTP accessibility
  • Check icon
    Secure cookie configuration

Remediation planner

See the potential improvement in security ratings from remediating a risk or set of risks instead of knowing the impact after the fact.
  • Check icon
    See how specific risks impact security ratings
  • Check icon
    Prioritize risks to be mitigated based on the improvement in rating
  • Check icon
    Securely create and share a remediation plan with your team or your vendors within UpGuard
  • Check icon
    Collaborate with internal teams and third-party vendors within UpGuard
  • Check icon
    Track the progress of each remediation request in a centralized location

Risk waivers

Accept specific risks that have been identified by the UpGuard platform.
  • Check icon
    Stop risks from appearing in your risk profile and impacting the internally-reported score of your company
  • Check icon
    Choose which risk waivers you want to share, along with justifications

Templates

Templates lets administrators set up templates for remediation requests, risk assessments, questionnaires, and identity breach notifications emails sent from the UpGuard platform.
  • Check icon
    Save time and ensure consistency
  • Check icon
    Uniformity across teams and processes
  • Check icon
    Reduce mistakes and errors caused by copying and pasting text across documents
User profile icon

Security profile

Eliminate security questionnaires and stop answering the same questions over and over. Create an UpGuard security profile and share it before being asked.

Security profile

Save time by proactively and securely sharing your security information in one place. This includes your security rating, industry comparison, completed security questionnaires, and supporting documents. Save time and let companies assess you without email tennis and configure who has access in a few clicks. 
  • Check icon
    Avoid responding to the same security-related queries
  • Check icon
    Embeddable on your website
  • Check icon
    Streamlined workflows
  • Check icon
    An access log of who has viewed your profile
  • Check icon
    Control who can access your profile, including sending a request to you, and having to agree to an NDA, before access is granted
  • Check icon
    Publicly available security and privacy pages
Check bracket icon

Manage risks

UpGuard Executive Summary
Pie chart icon

Reporting and insights

The Reports Library makes it easier and faster for you to access tailor made reports for different stakeholders, all in one centralized location. See all risks–across different domains, IPs, and categories–in the UpGuard platform or extract the data directly from the API.

Executive reporting

Use our prebuilt executive reporting suite to get insights right inside the platform. With structured access to your data, you can do things such as: see your current security rating and twelve-month history, compare your organization to your competition, and breakdown your security rating into various risk categories like website security and email security.
  • Check icon
    Summarized Breachsight Executive Summary report provides snapshot of key infomation for executives and middle-management
  • Check icon
    Prebuilt reportings for company security rating, competitor analysis, and risk category breakdown
  • Check icon
    Filter executive summary based on labels
  • Check icon
    Customizable report
  • Check icon
    Export report to PDF

Custom report templates

Ensure consistency and standardization of your reports by creating and saving custom report templates.
  • Check icon
    Add custom commentary and configure which elements to include in your report
  • Check icon
    Save time and create templates that can be utilized by your team to run custom reports
User profile icon

Business operations

Share access to your UpGuard account with other team members with confidence. Each user gets an individual account with fine-grained access control.

Roles and permissions

Tailor access for your team to ensure that sensitive information and actions are protected. Keep track of who has access to your UpGuard account and remove team members easily.
  • Check icon
    Get fine-grained control on providing specific users access to specific products and features
  • Check icon
    Create roles, and associate permissions with these
  • Check icon
    Grant users access to a role
  • Check icon
    A change in permission associated with a role applies to all users with that role
UpGuard roles and permissions

Account security

Secure access to the UpGuard platform and your account data. Integrate with various SSO options like Microsoft Azure, Okta, and Ping Identity. As long as your identity provider has a SAML interface we can integrate with it.
  • Check icon
    SSO options like Microsoft Azure, Okta, and Ping Identity
  • Check icon
    SAML integration

Collaboration notes

Attach notes for your teammates on remediation requests, risk waivers, and data leaks to give them context when they jump into the platform.
UpGuard collaboration notes

Subsidiaries

Allows complex organisations with multiple subsidiaries to be able to see their entire security posture in one place.
  • Check icon
    Entire security posture in one place
  • Check icon
    Drill into subsidiary's security performance
  • Check icon
    Easily navigate between subsidiaries
  • Check icon
    Whole-of-organisation view that lets you see how individual risks affect your entire portfolio

Audit log

Keep track of important events and who performed them inside the UpGuard platform.
  • Check icon
    Searchable
  • Check icon
    Real-time reporting and data
  • Check icon
    Filter by user, event type, and time
  • Check icon
    Streamline workflows

Scheduled reports

Use the reports feature to see the status of queued reports, and download, delete or archive completed reports.
  • Check icon
    See all exported reports in one place
  • Check icon
    Hit export and continue working while the report gets generated in the background
  • Check icon
    Create and manage schedules for any recurring reports
Cloud server icon

Third-party integrations

Integrate and extend the UpGuard platform with other tools with our easy to use API that can save hours of human time.


Jira integration

Quickly and easily push events and notifications from UpGuard into any Jira project, giving you the flexibility to manage workflows to address security risks promptly
  • Check icon
    Save time by quickly creating Jira issues, prioritizing, and assigning them to the relevant person
  • Check icon
    Ensure people receive the correct information so they can promptly investigate and remediate security risks
  • Check icon
    Easily maintain your workflow and present only the information you want to the relevant people in your team

Slack integration

Connect UpGuard to your Slack workspace to get the notifications you need directly into a Slack channel of your choice, giving you the flexibility to display the information you need to act promptly.
  • Check icon
    Easily integrate your Slack workplace to receive notifications from UpGuard
  • Check icon
    Setup triggers for notifications, decide what Slack channel to send them to, and customize your messages.
  • Check icon
    Get instantly notified on Slack, and remediate security faster

Zapier integration

Using Zapier, an automation platform that connects to thousands of apps, you can now connect UpGuard to any other app that Zapier supports.
  • Check icon
    Automate regularly used workflows without coding
  • Check icon
    Connect UpGuard to thousands of apps on the Zapier platform like JIRA, Trello, Google Sheets, ServiceNow and many more
  • Check icon
    Get instant notifications on Slack, Microsoft Teams and other collaboration apps and remediate security faster

UpGuard API

Access information about your UpGuard account programmatically.
UpGuard Executive Summary

UpGuard BreachSight Datasheet

UpGuard BreachSight monitors your attack surface, prevents data breaches, discovers leaked credentials, and protects customer data.
  • Check icon
    Key features and benefits of UpGuard BreachSight
  • Check icon
    More info on UpGuard BreachSight and UpGuard
UpGuard Product Datasheet
Pricetag icon

Simple, transparent pricing

Start monitoring your organization from $5,000 per year.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating

Book a free demo

Book a free, personalized onboarding call with one of our cybersecurity experts.