Exposure Intelligence Platform

See your company through an attacker's eyes.

Vestige continuously scans the public surface of the internet, correlates it with your own assets and alerts you the instant a domain, infrastructure, brand or sensitive data of yours appears exposed.

Start freeLook inside
No collectors to run·Near real-time alerts·Isolated per company·PII redacted
Continuous
24/7 collection of the public surface
5 sources
CT, BGP, indexes, crawler and feeds
360°
Per-host profile: DNS, IP, ASN, cert
Real time
Notification + webhook on every match
What powers the engine
Certificate TransparencyBGP / routingOpen indexes (index-of)Own HTTP crawlerThreat feeds / IOCMulti-source reverse DNS
The platform

Everything you need to watch your exposure.

Six surfaces, one product. You register what matters — Vestige discovers, correlates, alerts and lets you investigate.

Hosts
12.8k
Matches
23
Fontes
6
☣ Risco
5

Dashboard

The state of your exposure at a glance: collection progress, open matches, risk and trend.

host
cert
ioc
ip

Lake search

Search the collected surface by host, IP, ASN, certificate and term — with facets and filters.

novo
novo
visto

My matches

Every time one of your terms hits the collection it becomes a match — grouped by term, with triage.

Host 360°

From the lone finding to the infrastructure: DNS, IP, ASN, certificates and history, all in one profile.

malicioso
suspeito
limpo

Reputation & feed

A risk verdict per host and a threat feed built from the indicators already collected.

···
···
···

Alerts & webhooks

In-app bell, email and webhook (Slack/Teams) the instant something of yours appears. You just act.

Inside

From the loose finding to the infrastructure behind it.

  • 360° per-host profile brings DNS, IP, ASN, country, certificates and the timeline into one place.
  • Pivot from an IP to the whole range, from a certificate to its subdomains, from an ASN to the operator.
  • Automatic, additive enrichment — reverse DNS, reputation and provenance, without you lifting a finger.
  • Stable identifier per asset: the same exposure is always the same record, traceable over time.
The difference

Not another search engine. It's your exposure.

Most tools hand you a third-party database to dig through. Vestige is correlation-first: it continuously crosses what you watch against everything it collects and enriches, and alerts you when something of yours appears.

You see what matches your assets — not other people's data. More defensible, and used every day, not once in a while.

Ordinary search — hands you a lake of third-party data to dig through
My Exposure — only what matches your assets
Correlation — from the finding to the host, from the host to the infra
Proactive alerting — notification and webhook in near real time
Governance — per-company isolation and redacted PII
Who it's for

Who uses Vestige every day.

MSSPs & consultancies

Monitor the exposure of many clients in isolated panels, with API and webhooks to plug into your SOC.

Brand teams

Know when your name and domains show up on the public surface — abuse and typosquatting, early.

SOC & security

Discover forgotten assets, subdomains and IPs from your range before they become an entry point.

Researchers

Pivot by host, ASN and certificate over your own collection base — fast, traceable investigation.

From collection to alert

A continuous machine working behind the scenes.

01 · COLLECT
Continuous scan

Certificates, open indexes, threat feeds and BGP, in a stream.

02 · ENRICH
Automatic context

Reverse DNS, reputation, ASN/country and provenance — always additive.

03 · CORRELATE
Crosses with you

The engine matches your terms against the lake — every hit becomes a match.

04 · ACT
You get alerted

Notification, webhook, 360° profile and export. You triage and act.

Plans

Start free. Grow when you need to.

From the solo researcher to the SOC. Catching one exposure before the attacker pays for the year.

Community
R$ 0
To get to know the platform
  • Public search (limited)
  • 2 monitored terms
  • 7 days of history
Start free
Explorer
R$ 129/mo
Researcher, journalist, freelancer
  • Full search
  • 25 terms
  • 30 days of history
  • CSV export
Subscribe
MOST POPULAR
Team
R$ 890/mo
MSSP, consultancy, lean SOC
  • 500 terms · 5 users
  • API (100k/mo)
  • Unlimited webhooks
  • 1 year of history
Subscribe
Business
R$ 2,490/mo
Enterprise, SOC
  • 2,500 terms · 20 users
  • Extended API (1M/mo)
  • Reports
  • Priority support
Subscribe
Also: Professional (R$ 390) and Enterprise (on request).
Frequently asked

What people usually ask.

Does Vestige hack or exploit?

No. It only observes the public surface of the internet — what is already open. No authentication, bypass or exploitation.

Do you show PII?

We detect the presence of document types (e.g. tax IDs) in the collection — by presence, never the value. Sensitive data is redacted.

Do I need to run collectors?

No. Collection, enrichment and correlation run behind the scenes. You just register what to watch and receive the alerts.

Does one company's data leak to another?

No. Each company is isolated: you see the public lake and what matches your assets — never another organization's matches.

Is there an API?

Yes, from the Professional plan — read-only, scoped per organization, with rate limiting and a key you can revoke in the interface.

How do I start?

Create a free Community account in minutes, register your first terms and watch the collection correlate. No card required.

Discover your exposure before someone else does.

Create your free account in minutes. No card, no collectors to run — only what matters to your organization.

Start freeRead the docs