Complete Visibility IntoYour Digital Assets
Discover, monitor, and protect your organization's entire digital footprint with real-time alerts for security changes.
Subdomains
456
Across 25 domains
Findings
156
0 critical · 0 high
Active Scans
3
Running now
| Subdomain | Status | Resolved |
|---|---|---|
| api.acme-corp.com | 200 | Yes |
| mail.acme-corp.com | 403 | Yes |
| shop.acme-corp.com | 404 | Yes |
| cdn.acme-corp.com | 403 | No |
| auth.acme-corp.com | 200 | Yes |
| sso.acme-corp.com | 200 | Yes |
Instant Security Assessment
See your exposed subdomains, open ports, and breached credentials the way an attacker would — in seconds, with no signup.
Domain Security Scanner
Comprehensive security analysis and vulnerability detection
Latest CVE Alerts
Stay informed about the latest security vulnerabilities
CVE-2024-3094
Red Hat XZ Utils (liblzma)
CRITICAL
A backdoor was introduced into the XZ Utils compression library, allowing a remote attacker with a crafted SSH key to bypass authentication and execute arbitrary code on affected systems.
See what attackers see
RedGem gives you complete external visibility — into your digital assets and your attack surface. Spot public-facing vulnerabilities and leaked credentials before attackers do, and stay ahead of new CVEs, exploits, and security news.
Complete external visibility
See your organization exactly as an attacker would.
Critical risk identification
Surface public-facing vulnerabilities and leaked credentials first.
Proactive threat intelligence
Real-time alerts on new CVEs, exploits, and security news.
Digital footprint monitoring
Automatic discovery and tracking of every public-facing asset.
Discover, scan, and defend — automatically
Four connected modules give you everything an attacker can see about your organization — and a head start on fixing it.
Map and watch your entire attack surface
You can't secure what you don't know about. RedGem keeps a live inventory of every subdomain, IP, port, and service — and tells you the moment something changes.
- Automatic subdomain, IP & port inventory
- SSL, web-service & technology change detection
- Real-time alerts on every new or changed asset
New subdomain
12m agostaging-api.acme-corp.com
First seen · resolves to 91.76.180.216
Port opened
1h agovpn.acme-corp.com
TCP 3389 (RDP) now open
SSL expiring
3h agoshopacme.com
Certificate expires in 9 days
Technology changed
5h agogetacme.io
nginx 1.21 → 1.25 · added Cloudflare
New IP
7h agoacme-internal.net
New host 183.97.222.87 (DigitalOcean)
Title changed
9h agoacme-pay.com
Home page title changed
Find the weaknesses attackers would exploit
Thousands of vulnerability, misconfiguration, and exposure checks run continuously against every live asset, then rank each finding by severity.
- Known-CVE, misconfiguration & exposure detection
- Severity ranking with triage & status workflow
- Continuous re-scanning as your assets change
Fastjson 1.2.62 — Remote Code Execution
api.acme-corp.com
Default Grafana credentials accepted
monitoring.acme-corp.com
Spring Boot Actuator endpoints exposed
api.acme-internal.net
Exposed .git directory
dev.acme-corp.com
CORS misconfiguration (wildcard origin)
api.acme-pay.com
Stay ahead of every new vulnerability
Browse 62,000+ CVEs and get instant alerts when a new vulnerability or exploit matches the vendors, products, and severities you care about.
- 62k+ CVEs across 10+ intelligence sources
- Exploit & security-news monitoring
- Rule-based alerts routed to your channels
Red Hat · XZ Utils (liblzma)
Microsoft · Outlook
IETF · HTTP/2 Protocol
Jenkins · Jenkins CI
Apache · Struts 2
Catch leaked credentials before they are used
Continuously hunt for employee and customer credentials across infostealer logs, breach databases, and dark-web and Telegram channels.
- Employee & customer credential exposure
- Infostealer-log & dark-web monitoring
- Force a reset before account takeover
Stealer log · RedLine · 2026-06-13
Stealer log · Lumma · 2026-06-12
Combolist · antipublic · 2026-06-11
Telegram · tg: cloudleaks · 2026-06-10
Stealer log · Raccoon · 2026-06-09
How RedGem works
Four steps from a single domain to a continuously defended attack surface
Connect a domain
Add a domain and RedGem starts mapping everything attached to it.
Discover assets
Subdomains, IPs, ports, and services are inventoried automatically.
Scan & enrich
Continuous scans surface vulnerabilities, leaks, and CVEs that affect you.
Get alerted
Severity-ranked alerts reach your team the moment something changes.
Inside the RedGem Dashboard
A look at the security monitoring workspace teams use every day. Discover subdomains, monitor IPs, track vulnerabilities, and receive real-time security alerts — shown here with sample data.
| Subdomain | Status | Resolved |
|---|---|---|
| api.acme-corp.com | 200 | Yes |
| mail.acme-corp.com | 403 | Yes |
| shop.acme-corp.com | 404 | Yes |
| cdn.acme-corp.com | 403 | No |
| auth.acme-corp.com | 200 | Yes |
| sso.acme-corp.com | 200 | Yes |
Comprehensive Security Features
Subdomain Discovery
Automatically discover and monitor all subdomains associated with your domain. Get instant alerts for new subdomains or changes to existing ones.
IP Address Monitoring
Track all IP addresses associated with your organization. Receive alerts when new IPs are discovered or existing ones change.
Vulnerability Detection
Monitor for exposed credentials across the dark web and data breaches. Get notified when your organization's credentials are compromised.
Real-time Alerts
Stay ahead of security threats with real-time CVE monitoring. Get filtered alerts based on severity and your technology stack.