Quick answer
Does this tool perform penetration testing?
No. Phase 1 is passive-only and does not attempt exploitation, login interaction, brute-force discovery, or hidden-path enumeration.
FAQ
Clear answers about scope, privacy, and how the review works.
These answers are written to stay extractable for search and answer engines while remaining precise enough for technical buyers, internal IT teams, and cybersecurity stakeholders.
Quick answer
Why do I need to verify my email before viewing results?
Results are private by design. Access requires both the opaque results URL and a one-time verification link sent to the request email address.
Quick answer
Does the tool scan third-party services mentioned on a website?
No. The scan is limited to the requested domain and a tightly capped set of same-host public pages. It does not continue into third-party domains discovered in content.
Quick answer
What kinds of issues can the tool help prioritize first?
Typical Phase 1 priorities include weak or missing email-authentication records, absent security headers, missing security.txt, TLS hygiene issues, and public indexing or platform-exposure concerns.
Quick answer
How long are results retained?
Phase 1 defaults to a 30-day retention period unless a KMayer administrator changes that setting.
Quick answer
What happens if AI summarization is unavailable?
The results page still shows the factual findings and next-step guidance. AI remains optional and never blocks result delivery.
Who this tool is for
Exposure Lens AI is built for business leaders, IT managers, infrastructure owners, cybersecurity teams, MSP evaluation processes, audit preparation, and transformation planning where public visibility needs to be understood quickly.
What this tool is not
It is not a penetration test, red-team exercise, exploit simulation platform, or authenticated assessment workflow. Phase 1 remains a bounded public-mode review focused on visible exposure signals only.
