We show you
what attackers
already see.
Free external security audit for maritime companies. No intrusion, no commitment: just the truth about your exposure, delivered in 48 hours.
The attack surface
you don't know about
Every company with a website, email, and remote access has a public attack surface. Here's what we typically find in the maritime sector.
Systems open to the internet
Databases, admin panels, VPN login pages, and internal tools that respond to anyone who knows where to look. These are the first thing an attacker checks.
Email fraud risk
Missing or misconfigured email protections that let anyone send messages as your company. The number one vector for invoice fraud and CEO impersonation.
Leaked credentials
Employee email addresses found in known data breaches. Combined with password reuse, this gives attackers a direct way in, no hacking required.
Information visible in DNS
Client names, internal project names, and test environments exposed through your domain configuration. Competitive intelligence handed out at no cost.
Three steps.
Zero intrusion.
We look at your company exactly the way an attacker would: from the outside, using only public information. Nothing is touched, nothing is broken.
We map
Automated reconnaissance of your public infrastructure: domains, email configuration, exposed services, search engine footprint, known breaches.
We verify
Every finding is checked by hand. False positives are discarded. We include what we ruled out, so you can see the rigor, not just the headlines.
You get a report
A clear document with prioritized findings, what they mean for your business, and what to do about them. No jargon, no filler.
All reconnaissance is strictly passive: no authentication bypass, no exploitation, no active probing of internal networks. Compliant with French law (Articles 323-1 to 323-7 of the Penal Code). Active penetration testing, which requires the system owner's consent, is only conducted under a signed agreement.
From free audit
to continuous protection
Start with a free report. Move to active testing or continuous supervision whenever you want to go deeper. All prices excl. VAT.
Free external audit
Verified findings about your public exposure. What we found, what we ruled out, what it means. Delivered in 48 hours. The starting point of any engagement.
Penetration testing
Authorized active testing under signed scope. Three formulas: Discovery (1 external domain), Standard (up to 5 digital assets and phishing simulation), In-depth (full scope and web application).
Continuous supervision
Ongoing surveillance of your external surface. Three tiers: Watch (1 domain, monthly report), Pro (up to 5 assets, 48h alerts), Sovereign (extended scope, weekly reports, direct team access). 6-month minimum.
Maritime cybersecurity
is now a regulatory
requirement.
Maritime transport, ports, and their suppliers are now classified as essential entities under the European NIS2 directive and the French Resilience Act. Cyber risk management and incident reporting are required by law. Preparing ahead strengthens your position when partners assess your security posture.
NIS2 Directive & Resilience Act
EU-wide and French cybersecurity obligations for the maritime sector. Risk management and incident reporting are now required by law.
IMO Resolution MSC.428(98)
Cyber risk management must be integrated into ship safety management systems. Enforced during flag state audits.
Supply chain audits
Essential entities must audit their suppliers' security. If you serve a port or a shipping company, your exposure is their risk.
Know your exposure
before attackers do.
Request a free audit. No sales pitch, no commitment: just a verified report of what's visible from the outside.