Faster than attackers

Identify and harden your External Security Posture with Patrowl, the learder.

Let us manage time-consuming tasks and focus on remediation.

Join our customers that manage their External Exposure with Patrowl (CTEM / Continuous Threat Exposure Management)

Let’s take a look at our solution

Relax, don’t lose time and concentrate on your real mission


Loss of visibility on your Internet exposed assets? ​

Reduce your external attack surface, your risks, with Patrowl and our continuous (re)discovery.

Learn more


Drowned by all new threats and vulnerabilities?​

See how Patrowl identifies your vulnerabilities continuously and permanently.

Learn more


Difficulties to hire cybersecurity experts?​

Enjoy Patrowl's hyper-automation and orchestration to concentrate on remediation.

Learn more


Insufficient budget or cuts?

Reduct your costs with one single platform, with a predictable cost without any surprise, that have an average Return On Investment (ROI) of 287%​.

Learn more

A complete feature set

Patrowl includes all you need to easyly secure all your Internet exposed assets and focus on remediation.


(re)Discovery of assets

Continuous (re)discovery and change detection

Continuously detect the Shadow-IT (30% to 50% of your Internet exposed IT), responsible for 30% of hacks. Be able to continuously detect changes in your assets.


Vulnerabilities identification

CVE, Threats and pentesting

Continuously identify all your vulnerabilities and weaknesses: referenced (CVE, CNNVD) and unknown (OWASP, new threats...).
Get the same quality as a manual pentest but on an infinite perimeter and continuously.


Pragmatic and actionnable remediation

Focus on remediation

Patrowl do the detection job and provides you pragmatic and actionnable remediations.
Just focus on remediation.

use cases

Use cases

Have simplified views focused on your use cases

Have simplified views focused on your use cases:

  • ∘ All my certificates
  • ∘ My email security and best practices
  • ∘ My web app security
  • ∘ and many other

Prioritization of risks

Get vulnerabilities with real impact on your company, prioritized and contextualized

All the vulnerabilities are qualified (0-false positive), contextualized and prioritized.
We do not flood you with hundred of non-exploitable vulnerabilities or false positive. Patrowl helps you to focus on remediation of vulnerabilities that matter.

sercurity checks

Security checks

Get information about all security checks

Patrowl orchestrate thousands of security checks, organized in more than 30 security check families (Services Takeover, Default Login & Password, Authentication bypass, Misconfigurations, Exploitation code, Path Traversal, Injections, SSRF, Cookies protection ...).
At any time you will be able to know which control has been launched and when.
Each check is associated with associated references (CWE, OWASP Axx, CPE ...)

ip adress

All your Internet exposed assets

If it's exposed on Internet, it's eligible to Patrowl

All your Internet exposed assets are eligible : Web site/app/service, API (REST, SOAP, GraphQL ...), WAF/Firewall/Router/VPN, CDN, Cloud tenant...
All kind of technical elements are supported : IP address/range/subnet, DNS Zone, Domain name, FQDN, URL...


1-click report

Get a 1-click comprehensive pentest report

Generate a comprehensive report will all the vulnerabilities and associated remediations.
No result is a result, so get also all the launched security checks and the date of their last execution.


Alerts and notifications

Get notified when an asset has a vulnerability

When Patrowl finds a new (confirmed) vulnerability impacting a pentested asset, you'll be alerted by email, ticket, Slack, Teams...
When Patrowl finds a potential vulnerability on a non-pentested asset, you'll be warned as potentially impacted.



Manage organizations, sub-org...

Patrowl is build as a multitenant SaaS service allowing you to create parent organization and infinite hierarchical sub-organizations.
You are a big company ? Patrowl is build to cover your needs.


Issue Management / ITSM

Manage issue with tickets

You can apply Patrowl's remediation yourself or push it to the team in charge with a ticket (ITSM).
Patrowl supports : Service Now, Jira, GLPI

Stay up to date of your risks with Patrowl Dashboard

Dashboard Overview

Easy Dashboard

Patrowl Dashboard is easy to use and shows you all the KPI you need:

  • Clear overview of all the vulnerabilities that have a real impact on your business, your brand or your data
  • Prioritized action plan
  • Consolidated view of your External Exposure

Patrowl is also multi-tenant with role based (RBAC) and support Single Sign-On (SSO) on your identify provider (IdP).

Dashboard assets

Easy Monitoring of your External Exposure

All your assets (URLs, IP addresses, domain name, subdomain, FQDN...) are shown in a global view of your external exposure:

  • Complete repository of all your assets
  • Identification of Shadow IT, counterfeit...
  • Assets put under continuous pentest, according to your choice
  • View of the criticality level of each asset, with a score of its security level
  • View of EASM data (ports, services, certificates, associated domain names, banners...)

For each asset, you can view the list of all security controls used, the referential of the tests (OWASP, CWE...) and the know vulnerabilities checked (CVE).

Dashboard Remediation Plan

Pragmatic remediation plan

The remediation plan offers you the list of solutions to be implemented, prioritized according to:

  • The severity of the vulnerability and its origin
  • The cost (effort) of the remediation
  • The criticality of the asset

Patrowl is false positives free 😍.

Each remediation has been tested and is pragmatic, as well as transferable by ticket (ITSM), Slack, Teams, email... with ticket status tracking. Once the vulnerability is fixed, it will be retested by Patrowl but you can still run a retest manually.

Dashboard vulnerabilities

Critical vulnerabilities in one single view

View all your critical vulnerabilities with:

  • No false positives
  • The status of the correction, continuously check and in real time
  • The history of all events associated with the life cycle of the vulnerability

Upgrade your cybersecurity level and reduce your risks

Blog: Debunking an RCE which CVSSv3 is 10.0 CVE-2020-35489

Blog: OmniSpace, from automated 0day XSS to RCE

Blog: CVE-2023-4634 - Tricky Unauthenticated RCE on Wordpress Media Library Assistant Plugin using a good old Imagick

See how Patrowl is perfect for your organization