(re)Discovery of assets
Continuous (re)discovery and change detection
Continuously detect the Shadow-IT (30% to 50% of your Internet exposed IT), responsible for 30% of hacks. Be able to continuously detect changes in your assets.
Faster than attackers
Identify and harden your External Security Posture with Patrowl, the leader.
Let us manage time-consuming tasks and focus on remediation.
Join our customers that manage their External Exposure with Patrowl (CTEM / Continuous Threat Exposure Management)
Reduce your external attack surface, your risks, with Patrowl and our continuous (re)discovery.
Improve my visibilitySee how Patrowl identifies your vulnerabilities continuously and permanently.
Discover my vulnerabilitiesEnjoy Patrowl's hyper-automation and orchestration to concentrate on remediation.
Make my job easierReduce your costs with one single platform, with a predictable cost without any surprises, that have an average Return On Investment (ROI) of 287%.
Reduce my costsPatrowl includes all you need to easily secure all your Internet exposed assets and focus on remediation.
(re)Discovery of assets
Continuous (re)discovery and change detection
Continuously detect the Shadow-IT (30% to 50% of your Internet exposed IT), responsible for 30% of hacks. Be able to continuously detect changes in your assets.
Vulnerabilities identification
CVE, Threats and pentesting
Continuously identify all your vulnerabilities and weaknesses: referenced (CVE, CNNVD) and unknown (OWASP, new threats...).
Get the same quality as a manual pentest but on an infinite perimeter and continuously.
Pragmatic and actionable remediation
Focus on remediation
Patrowl does the detection job and provides you pragmatic and actionable remediations.
Just focus on remediation.
Use cases
Have simplified views focused on your use cases
With Patrowl, I can have all-in-one:
Prioritization of risks
Get vulnerabilities with real impact on your company, prioritized and contextualized
All the vulnerabilities are qualified (0-false positives), contextualized and prioritized.
We do not flood you with hundreds of non-exploitable vulnerabilities or false positives. Patrowl helps you to focus on remediation of vulnerabilities that matter.
Security checks
Get information about all security checks
Patrowl orchestrates thousands of security checks, organized in more than 30 security check families (Services Takeover, Default Login & Password, Authentication bypass, Misconfigurations, Exploitation code, Path Traversal, Injections, SSRF, Cookies protection ...).
At any time you will be able to know which control has been launched and when.
Each check is associated with associated references (CWE, OWASP Axx, CPE ...)
All your Internet exposed assets
If its exposed on the Internet, it's eligible for Patrowl
All your Internet exposed assets are eligible : Web site/app/service, API (REST, SOAP, GraphQL ...), WAF/Firewall/Router/VPN, CDN, Cloud tenant...
All kinds of technical elements are supported : IP address/range/subnet, DNS Zone, Domain name, FQDN, URL...
1-click report
Get a 1-click comprehensive pentest report
Generate a comprehensive report with all the vulnerabilities and associated remediations.
No result is a result, so also get all the launched security checks and the date of their last execution.
Alerts and notifications
Get notified when an asset has a vulnerability
When Patrowl finds a new (confirmed) vulnerability impacting a pentested asset, you'll be alerted by email, ticket, Slack, Teams...
When Patrowl finds a potential vulnerability on a non-pentested asset, you'll be warned as potentially impacted.
Multitenant
Manage organizations, sub-org...
Patrowl is built as a multitenant SaaS service allowing you to create parent organizations and infinite hierarchical sub-organizations.
You are a large company ? Patrowl is built to cover your needs.
Issue Management / ITSM
Manage issues with tickets
You can apply Patrowl's remediation yourself or push it to the team in charge with a ticket (ITSM).
Patrowl supports : Service Now, Jira, GLPI
Patrowl Dashboard is easy to use and shows you all the KPIs you need:
Patrowl is also multi-tenant with role based (RBAC) and supports Single Sign-On (SSO) on your identify provider (IdP).
All your assets (URLs, IP addresses, domain name, subdomain, FQDN...) are shown in a global view of your external exposure:
For each asset, you can view the list of all security controls used, the referential of the tests (OWASP, CWE...) and the know vulnerabilities checked (CVE).
The remediation plan offers you the list of solutions to be implemented, prioritized according to:
Patrowl is false positives free 😍.
Each remediation has been tested and is pragmatic, as well as transferable by ticket (ITSM), Slack, Teams, email... with ticket status tracking. Once the vulnerability is fixed, it will be retested by Patrowl but you can still run a retest manually.
Blog: We Wanted to Talk About Cyberattacks During the Olympics, but We Have Nothing to Say
Patrowl Raises €11m in Series A Funding: Continuous Protection of Internet Exposed Assets
Blog: regreSSHion, critical vulnerability on OpenSSH CVE-2024-6387
Customers that trusted us