Passive-first external posture review

See the public signals your domain exposes before they turn into broader remediation work.

KMayer Exposure Lens AI starts with a passive_public review of public DNS, mail authentication posture, HTTPS and TLS basics, visible response headers, indexing signals, and a capped set of same-host public pages so teams can see what matters first and what to fix next. The same product family can deepen later into a governed authorized_deep lane when ownership, engagement, and approved evidence sources are in place.

The public entry lane stays passive-only and limited to public exposure signals. No exploit attempts, no logins, no brute-force discovery, and no hidden-path probing.

Start a private review Review how it works

Passive_public entry lane
Private results after verification
Authorized_deep when eligible

How it works FAQ Tool use policy

Phase 1 coverage

Passive external posture signals first, with a governed deeper lane available when the right prerequisites exist.

Public DNS, SPF, DMARC, TLS, headers, robots, sitemap, security.txt, and capped same-host public-page sampling remain the base layer.
Authorized deeper evidence can add read-only connector context, approved trusted exports, and ongoing history only after ownership, engagement, and review controls are in place.
Results stay private and explain what matters first, why it matters, and what to fix next.

Results delivery

Private results unlock after the request email completes a one-time verification step.

The unlocked page is designed to surface the executive summary, technical highlights, risk themes, recommended next steps, and the trust or business context available for that review.

When to use it

Use it for first-pass clarity, then deepen only when the domain and workflow justify it.

Use the passive review before remediation planning, audit preparation, or wider review work, then activate the governed deeper lane only when verified ownership, active engagement, connectors, exports, or monitoring continuity are needed.

What the review gives you

A safe first view of external posture, plus a governed path to deeper context.

What the tool checks

Public DNS records, MX posture, SPF, DMARC, and related mail-delivery signals.
HTTPS reachability, TLS certificate basics, HSTS, and the most relevant visible security headers.
Where the review is governed for deeper use, read-only connector context and approved trusted export evidence can add more evidence without changing the passive public boundary.

What passive_public means

No authenticated review, no exploit testing, no login interaction, and no brute-force discovery.
No subdomain brute forcing, no IP range scanning, and no following links outside the assessed public host.
Private results unlock after email verification and remain non-indexed and out of sitemap discovery.

What the results help with

Executive visibility into external posture without turning day one into a broad assessment project.
Technical prioritization for DNS, mail security, TLS, indexing exposure, trust posture, and visible platform hygiene.
Trust, business, monitoring, or history context where it exists, followed by a governed route into authorized_deep when deeper evidence is justified.

Request a private review

Start a protected passive review and keep the deeper lane governed.

The request flow asks only for the information needed to run the passive_public review and deliver the private results securely. After verification, the same product family can deepen only when ownership, engagement, and approved evidence sources are in place. Nothing here performs exploit activity, authenticated testing, or broad discovery work.

1

Submit the request

Provide a business email, domain, and a little business context so the findings and the private handoff are easier to interpret later.

2

The passive_public review is queued

KMayer Exposure Lens AI runs the passive-first scan asynchronously so the review completes cleanly without slowing the page experience.

3

Verify once, then open the private results

The one-time verification link unlocks the private results route, including the executive summary, technical highlights, risk themes, recommended next steps, and any governed deeper context the review qualifies for.

Protected request

Start the review with only the business context needed.

Required details come first. Structured context helps KMayer frame the passive findings and the private results without widening the scan scope or treating the form like an unrestricted prompt.

Required details

Business email Full name Company name Domain to assess

Optional context

Role or department Country Company size Primary objective

Website I agree that KMayer may use these details to run this private review and related follow-up, subject to the Tool Use Policy, Privacy Policy, and Terms and Conditions.

After you request the review, KMayer Exposure Lens AI queues the passive_public review and emails a one-time verification link that protects the private results. Authorized deeper context appears only when ownership, engagement, and approved evidence sources are in place.

What the unlocked result can include

Private delivery, grounded findings, and deeper context where the review qualifies.

Executive summary

A calm summary of current visibility posture, the most important themes, and why they matter to the organization right now.

Technical highlights

DNS, email-authentication, TLS, header, indexing, and other passive findings, plus governed connector or trusted-export context when that evidence is part of the review.

Risk themes and next steps

Prioritized actions, trust or business context, and the route into monitoring, history, or deeper KMayer support when that continuity adds value.

Need deeper support?

Move from passive triage into authorized deeper review, monitoring continuity, and remediation planning.

When the passive review surfaces priorities that need more context, KMayer can help activate the governed authorized_deep lane for verified domains, connect read-only evidence sources, interpret trusted exports, and turn the result into a practical delivery path.

Verified ownership and active engagement before deeper authorized context is used
Read-only connector and approved export evidence tied back to findings and business impact
Monitoring, history, and remediation planning for infrastructure and security stakeholders

Request a consultation

Quick answers

Fast answers to the questions teams usually ask before they start.

What happens after I submit a domain?

KMayer Exposure Lens AI validates the domain, queues the passive_public review, and emails a one-time verification link plus the private results URL. The review runs asynchronously so the public form stays fast.

What do I receive after I verify my email?

You unlock the private results page for that review. The page can include the executive summary, technical highlights, risk themes, recommended next steps, and the trust or business context available for the current result.

What is the difference between the passive public review and the authorized deep review?

passive_public is the default entry lane and uses public passive evidence only. authorized_deep is a governed lane for verified ownership plus active engagement, and it can add approved read-only connector context, trusted export intelligence, monitoring, and deeper explainability.

When does the deeper authorized review apply?

It applies only when verified ownership, an active authorized engagement, and the right approvals are in place. It is not anonymously available and it does not replace the passive public boundary.

Read the full FAQ

The public lane starts with passive public observations only. The wider product family can deepen into a governed authorized_deep lane when verified ownership, an active engagement, and approved evidence sources are in place, but the tool should never be treated as an exploit or penetration-testing system.