Frequently asked questions

Yes — RedGem is free forever for getting started. The Free plan includes 1 domain, 1 workspace, and 1,000 monthly credits so you can run real discovery and scans with no credit card required. Upgrade to Starter or Team any time for more domains, seats, and credits.

Your plan sets your limits — domains, team members, workspaces, and a monthly credit allowance (1,000 on Free, 5,000 on Starter, 20,000 on Team). Credits are then deducted only as you actually run discovery, scans, and lookups, so you pay for what you use. Need more before your next cycle? Top up your wallet at any time.

It scales with your plan: Free covers 1 domain and 1 seat, Starter covers 5 domains with 3 seats and 3 workspaces, and Team unlocks unlimited domains with 20 seats and 20 workspaces. Need more than Team? Contact sales for a custom enterprise package.

RedGem diffs every scan against the previous one and notifies you in real time when something changes — a new subdomain or open port, an expiring certificate, a fresh CVE that affects your stack, or leaked credentials. Route alerts to the channels your team already uses: Telegram, Slack, Microsoft Teams, email, or a custom webhook.

Yes. API access is included on the Starter and Team plans, so you can pull assets, findings, and alerts into your own tooling. Outbound webhooks let you push events into SIEMs, ticketing systems, and automation pipelines, and the Team plan adds advanced automation for hands-off monitoring.

RedGem provides comprehensive global IP coverage. We continuously scan the entire IPv4 address space (~3.8 billion addresses) and an extensive portion of IPv6 (~300 million addresses), with clear data-type identification through an IPv6 field indicator. This includes DNS resolution data for both protocols, giving you complete visibility across the modern internet.

We scan over 1,300 ports across all monitored assets, prioritising the "interesting ports" actively exploited by attackers in the wild. The port list is regularly updated and expanded to include new high-value services, and the full list is available in our technical documentation.

RedGem monitors continuously, with scan frequency tuned to asset criticality and change patterns. Critical assets are scanned multiple times daily, while standard assets get comprehensive scans every 24–48 hours. Real-time monitoring alerts you the moment your attack surface changes.

Our infrastructure uses globally distributed sensors and advanced detection algorithms, cross-validating findings across multiple scan sources and applying machine learning to cut false positives. Data accuracy exceeds 98% for active services and open ports.

RedGem's discovery engine combines subdomain enumeration, certificate transparency logs, DNS reconnaissance, and passive network analysis to continuously find new assets tied to your organisation — and adds them to your monitoring scope automatically.

We keep comprehensive history for every monitored asset. Standard accounts retain 12 months of data and enterprise accounts up to 24 months, enabling trend analysis, compliance reporting, and forensic investigation.

Yes. RedGem is SOC 2 compliant, encrypts data in transit and at rest, and never sells or shares your data. Workspaces isolate each organisation, and role-based access keeps findings visible only to the team members you choose.

Yes. We actively negotiate TLS across scanned ports and record certificate details (validity periods, issuer, and cryptographic info), and we leverage Certificate Transparency Logs for broad certificate discovery — giving you visibility into both active deployments and historical records.

Yes. We perform OS fingerprinting (Linux, Windows, SunOS, FreeBSD, and more) and identify ~20,000 distinct software and hardware technologies using standardised CPE normalisation. We also run CVE lookups, focusing on remotely exploitable, unauthenticated vulnerabilities with a CVSS score of 7.5 or higher.

RedGem uses a globally distributed scanning network with nodes across Europe, the United States, Hong Kong, and Singapore. This lets us detect region-specific accessibility and configuration patterns, and you can filter results by scan location to see how your assets appear from different parts of the world.