logo CyberSAM

Frequently asked questions

Answers to commonly asked questions about our platform

CyberSAM uses passive and active techniques. We start from your root domain, collecting data from public sources (e.g. certificate logs, DNS records) and actively explore linked assets to identify the full attack surface.
Yes. Discovery replicates what attackers already do externally. All security tests are reviewed and validated to minimize any risk to your systems.
CyberSAM focuses on exploitable vulnerabilities, not just version mismatches. We reduce false positives and highlight real threats that could be used in an attack.
CyberSAM is SaaS. There’s no deployment needed. If you use WAFs or IP filtering, just whitelist our source IPs to avoid blocking scans.
Yes. We provide APIs for exporting data, integrating with SIEMs, and automating workflows.
Discovery runs daily by default. You can also trigger on-demand scans whenever needed.
Absolutely. You can define domains, IP ranges, or exclude specific assets from scans.
As an Italian company, we comply with GDPR requirements and follow the ISO/IEC 27001 standard to ensure data protection. Your data is encrypted in transit and at rest, and we never sell or share it with third parties.