AI-driven exposure validation, from an attacker's eyes

The watchtower that proves what's exploitable

heimdallX scans like a world-class hacker and reports like a trusted advisor — then proves what's actually exploitable with EPSS, CISA KEV and safe active testing. One dashboard for web, exposure and code security, powered by AI.

Scan your domain freeSee it in action

No credit card required · Real results in minutes · Cancel anytime

EPSS + KEV
exploitability validation
< 2 min
to first findings
24/7
continuous discovery
5
compliance frameworks mapped
heimdallx.021flow.com/appheimdallXPROsign outWeb & AssetsDigital ExposureCode SecurityNew Web Scanacme-corp.comRun scanRecent scansABCARisk scoreA92Strong posturePipelineDNS & subdomainsTLS / certificateSecurity headersTech fingerprintAI analysisFindings3 totalHIGHMissing HSTS headerMEDWeak TLS cipher suiteLOWServer version disclosed

A live look at the dashboard

One platform, three watchtowers

Most teams juggle a scanner, a breach monitor and a code tool. heimdallX unifies them — with the same AI analyst behind every finding.

Web & Asset Scanner

Point heimdallX at a domain and an orchestra of AI agents probes it like an attacker would — then explains every risk in plain language.

  • DNS & subdomain discovery
  • TLS / certificate analysis
  • Security-header & cookie audit
  • Tech fingerprint & exposed services
  • AI-prioritized findings + fixes

Digital Exposure Monitoring

Know what the internet knows about you. Continuous breach, credential-leak and OSINT footprint monitoring for your people and brand.

  • Breach & leaked-credential alerts
  • Email / domain / username lookup
  • Dark-web & paste monitoring
  • Continuous re-checks
  • Takedown guidance

Code Security

Connect a repository and let AI hunt the business-logic flaws scanners miss — the bugs that actually get exploited.

  • Business-logic vulnerability detection
  • Secret & credential scanning
  • Dependency risk analysis
  • Per-finding remediation
  • PR-ready guidance
Beyond detection

Validation, adversary emulation & enterprise controls

Detection is table stakes. heimdallX proves what's exploitable, emulates the adversary, watches your surface around the clock, and ships the governance enterprises require — each with its own deep-dive page.

Exploit validation

Exploitability Validation Core

Stop chasing severity. Rank by what's actually exploitable — EPSS probability, CISA KEV, and proven reachability.

  • EPSS exploit-probability weighting
  • CISA KEV known-exploited priority floor
  • Version-aware CVE matching — zero invented CVEs
Learn more
Active validation

Proof-based Active Testing

Confirm vulnerabilities by safely triggering them — reflected XSS, error-based SQLi and open redirects, proven not guessed.

  • Consent-gated, non-destructive GET probes
  • Reflected-XSS, error-SQLi & open-redirect proof
  • Same-origin, rate-limited, self-identifying agent
Learn more
Adversary emulation

Attack Simulation & MITRE ATT&CK

See findings the way an adversary chains them — mapped to MITRE ATT&CK tactics and techniques.

  • MITRE ATT&CK coverage matrix
  • Tactic → technique mapping per scenario
  • Severity-weighted kill-chain view
Learn more
Continuous EASM

Continuous Attack-Surface Discovery

Watch your external footprint change over time — new hosts, shadow IT and disappearing assets, run after run.

  • Snapshot + delta across every run
  • New / gone host detection
  • Shadow-IT (risky new host) flagging
Learn more
SCA / SBOM

Software Composition Analysis

Find vulnerable dependencies — most of your risk lives in code you didn't write.

  • npm + PyPI manifest parsing
  • OSV-backed vulnerability matching
  • SBOM inventory · CVEs flow to Validation Core
Learn more
Continuous compliance

Continuous Compliance Evidence

Map every finding to the frameworks auditors ask about — with a timestamped evidence trail.

  • OWASP / PCI-DSS / ISO 27001 / SOC 2 / CIS mapping
  • Per-control "last checked" freshness
  • Timestamped evidence trail
Learn more
Enterprise

Enterprise Controls

SSO, SCIM, granular roles and an append-only audit log — the controls security teams must have.

  • SAML SSO + SCIM provisioning
  • Granular RBAC (owner / admin / analyst / viewer)
  • Append-only audit log + team workspaces
Learn more
Explore all capabilities
In action
Exploit validation

Exploitability Validation Core

Stop chasing severity. Rank by what's actually exploitable — EPSS probability, CISA KEV, and proven reachability.

Learn more
Exploitability Validation CoreLIVEAKCRITApache httpd 2.4.49 — path traversal & RCEsrc: tech fingerprint · acme-corp.com · CWE-22CVE-2021-41773KEVEPSS97.5%NVDexploit: ActivePriorityfix-first queueseverity-only21+ EPSS · CISA KEV floor90KEV floor90Priority
Adversary emulation

Attack Simulation & MITRE ATT&CK

See findings the way an adversary chains them — mapped to MITRE ATT&CK tactics and techniques.

Learn more
Attack Simulation & MITRE ATT&CKLIVEAKMITRE ATT&CK coverage6 tactics · 8 techniquesReconT1595Initial AccessT1190T1133ExecutionT1059PersistenceT1505Cred. AccessT1110T1552ImpactT1499HIGHMEDLOWkill-chain path
Continuous compliance

Continuous Compliance Evidence

Map every finding to the frameworks auditors ask about — with a timestamped evidence trail.

Learn more
Continuous Compliance EvidenceLIVEAKFrameworks79avgOWASP82%PCI-DSS76%ISO 2700188%SOC 271%CIS80%ControlscontinuousA06 Vulnerable Componentslast checked · 2h agoPASSPCI 6.3.3 Patch mgmtlast checked · 2h agoPASSISO A.8.8 Tech vulnslast checked · 1d agoGAPtimestamped evidence trail

Built on the CTEM loop

Continuous Threat Exposure Management — the model Gartner calls essential for 2026. heimdallX runs the full loop for you, continuously.

1

Scoping

Define the assets and surfaces that matter to your business.

2

Discovery

Continuously find assets, subdomains, services and misconfigurations.

3

Prioritization

Rank risk by exploitability and real-world impact with AI.

4

Validation

Confirm findings are real, not scanner noise.

5

Mobilization

Ship clear, actionable remediation to the right people.

Pricing that scales with you

Start free. Upgrade when you're ready. Web checkout via Paddle, mobile via in-app purchase — entitlements synced everywhere.

Free
$0/forever
  • 1 asset
  • 3 scans / month
  • Web security module
  • Community support
Start free
Pro
$19/month
  • 10 assets
  • 100 scans / month
  • Web + Exposure modules
  • Continuous monitoring
  • AI remediation guidance
  • Email support
Start Pro
Business
$99/month
  • 100 assets
  • 1,000 scans / month
  • All modules incl. Code security
  • Team workspaces
  • Alerts & integrations
  • Priority support
Start Business

Frequently asked

What can heimdallX scan?

Domains and URLs you own or are authorized to test. The web module runs real reconnaissance — DNS, subdomains, TLS, HTTP security headers, technology fingerprinting and exposed-service checks — and an AI layer turns the raw data into prioritized, fixable findings.

Is it safe to run against my production site?

Yes. Passive checks are non-intrusive. Active port scanning only runs on assets you've verified you own and explicitly consent to — we never launch intrusive tests without permission.

How is billing handled?

On the web we use Paddle as the merchant of record (cards, taxes, invoices handled for you). In the mobile app, subscriptions go through native in-app purchases. Your plan and entitlements stay in sync across every device.

Do you support Google and Apple sign-in?

Yes — sign in with Google or Apple on web and mobile. Your workspace, assets and scan history follow you across platforms.

What makes the findings different?

Traditional scanners drown you in false positives. heimdallX pairs deterministic checks with an AI analyst that explains why each issue matters and exactly how to fix it — modeled on how elite offensive-security teams work.

See what attackers see — before they do

Run your first scan in under two minutes. Free, no credit card, real findings.

Launch heimdallX
heimdallX — AI Security Platform for Domains, Exposure & Code