We asked how often teams check their external footprint...
We asked how often teams check their external footprint. 85% said: rarely or never.
When we launched a small poll last week, we expected some variation.
What we didn't expect?
85% of respondents saying they rarely — or never — check their external footprint.
That's not a criticism — it's a wake-up call.
Because from a technical standpoint, it makes sense. And it's also exactly why we built Tresal.
⚠️ Why this happens
Most companies don't ignore external risk on purpose.
But visibility often depends on:
- manual scans (when someone remembers)
- limited tools (that only check DNS or IPs)
- internal processes (infra is secured — I think?)
- and dashboards that show compliance but not exposure
Meanwhile, your external footprint changes constantly:
- new SaaS tools = new subdomains
- marketing campaigns = temporary cloud functions
- development environments = live staging with prod data
- expired vendors = orphaned DNS entries or exposed IPs.
All public. All indexed. All ignored — until they aren't.
👨💻 Why this matters
From the outside, attackers don't care what's in your CMDB.
They care what's reachable. What's exposed. What responds to a curl.
If it's online, it's in scope — whether your team knows it or not.
That's why we need to shift from occasional awareness to continuous visibility.
And that visibility needs to be:
- automated
- externally validated
- accessible to smaller teams (not just SOCs with 6-figure budgets)
🔍 What we're doing at Tresal
At Tresal, we're focused on giving teams a clear view of their attack surface and cloud posture, from the outside in.
We built it because we were tired of reactive security.
Because we've seen how easy it is to miss something obvious.
And because we believe visibility shouldn't be a luxury.
⚡ Not sure what's exposed in your environment?
You can run a free quickscan here:
👉 www.tresal.eu
No setup. No sales call.
Just visibility.
Related Articles
5 red flags that your attack surface Is out of control
Your attack surface is every digital asset your company has exposed to the internet. Websites, cloud apps, APIs, IPs, subdomains, third-party integrations — they’re all part of it. And here’s the truth: Most companies have a much larger attack surface than they think.
Shadow IT is your biggest risk in 2025 – here’s how to spot it early
In most organizations, security teams focus on what’s known: the official tools, the approved systems, the assets documented in spreadsheets. But in 2025, the biggest risks often come from what no one is watching.
What attackers see first — and how to see it before they do
If someone tried to break into your house, they wouldn’t start by picking the safest lock. They’d look for the window you forgot to close. That’s exactly how attackers approach your company.
What we discovered when scanning 50+ companies’ attack surfaces
Most companies assume they have a good handle on their external IT footprint. They believe their attack surface is under control — until they actually take a closer look.
Tayfun
Cloud Security Architect
Security expert specializing in attack surface management and cloud security.
Protect your systems from vulnerabilities
Discover and address security risks in your infrastructure with our comprehensive scanning tools.