Glasstrail features:
Get a heads up and head start protecting your organisation
Automatically detect issues and risks across your external attack surface
Account credentials
Finds any user accounts on your domain with password breaches and whether these are active Microsoft accounts. Finds breached email addresses for your domain (and whether they are active Microsoft Accounts). Finds webpages on your domains that are exposing a paid Google API key that could be abused.
DNS and domain security
Checks for missing or misconfigured DNSEC policy. Checks whether Certification Authority Authorization policy is implemented.
Email security
Checks whether DMARC policy is in use and configured correctly. Checks whether the SPF policy exists and is sufficient.
Reputation
Detects if the security.txt standard is being used. Finds any untrusted SSL certificates in use.
Website security
Identifies missing or misconfigured CSP and HTTP Strict Transport policies. Finds all JavaScript vulnerabilities on websites. Checks for several OWASP top 10 issues. Checks if site is using a Web Application Firewall. Gathers SSL certificate information and reports on expired and expiring certificates.
External/User added findings
Manually add findings from penetration test reports or other external sources – so all external attack surface findings are in one place.
Phishing
Checks if your website Favicon is in use by other sites. Finds domains names that are similar to your scanned domain.
See and track what external assets you have
Inventory
Informational findings about your external attack surface that can be used to keep track of all your internet-facing assets and cloud services. Automatically keep track of:
Technologies
All web technologies used (CMS, JavaScript libraries etc).
Domains
All domains, subdomains, domain contacts, domain registrars.
IP and ports
IP addresses, ports and services running on ports, IP address owners.
Website assets
Websites, webpages, URL redirects, URL status, favicons.
Cloud and SaaS
M365 tenants, SaaS providers and clouds like Azure and AWS.
Social profiles
Github, Facebook, Instagram, X and every other major network.
Understand risks, track progress, get notified
Dashboard
Results are presented in a visual and easy to understand dashboard to track risks, priorities and remediation activities.
Actionable tips
Use the clear and concise descriptions to understand how to resolve issues and risks. Actionable results at its best, with explanations suited to cyber and non-cyber experts.
Weekly status emails
Get a weekly status email update of what has changed in your attack surface.
Premium support
24x7 chatbot and help website plus email support on all plans.
Share results
Download and share your PDF report with your team. Share links to individual findings or groups of findings. Export filtered views, or all findings as colour-coded Excel files.
Notifications and integrations
Set up notification rules to get updates on new findings sent to your tool of choice. With Glasstrail’s advanced support for webhooks and cURL, any system with an API can receive updates from Glasstrail. E.g. get new account password breaches direct into your service desk tool, monitoring system or MS Teams. If preferred, our support team can set it up for you.
Scale up
Multi-brand management
Create secondary scan groups to segment your risk profile.
Big portfolios supported
Scan up to 200 root domains in a single account. Add a multi-organisation plan to scan even more.
Secure access
Admin and read-only roles secured by Microsoft work accounts for easy management.
For Partners
Multi-tenant
See all your customers from one dashboard. Optionally provide direct access for your customers. Read-only or admin roles supported.
Integrated
Get notifications from Glasstrail into your MSP tool of choice – Autotask, Connectwise and more using our cURL and Webhooks integrations.
Custom scan schedule
You and your customer can decide how often to run scans, from monthly up to once a year.
Customise reports
Add your own commentary to the scan reports before downloading or sending from Glasstrail. See a history of all scans and all generated reports.
Share
Download and share findings view as Excel. Use to make your own reports.
Secure
Use Microsoft accounts for single sign-on and easier onboarding and offboarding of users.
