Sold by: RiskProfilerÂ
Gain complete visibility and control over your organization's internet-facing assets, identify vulnerabilities, and map attack paths to proactively strengthen your security posture.
Overview
Image
Ad-Hoc Recon
Image
Cloud Connectors
Image
Internet Inventory
Image
Breach Look Up
Image
Real-Time Alerts
RiskProfiler's External Attack Surface Management module empowers organizations to uncover their entire internet-exposed asset inventory, including cloud connections, mobile applications, and on-premise systems. Leveraging advanced vulnerability intelligence and threat detection, it identifies risks and attack paths that hackers could exploit. With integrations for AWS, GCP, Azure, and other platforms, this module provides actionable insights, attack path analysis with security graphs, and real-time threat intelligence to help you mitigate risks effectively. Additionally, the Trust Center and seamless integrations ensure robust protection tailored to your digital ecosystem.
Highlights
- Discover internet-exposed systems with seamless integrations across AWS, GCP, and Azure for full visibility of your digital footprint.
- Leverage real-time vulnerability insights, threat detection, and attack path analysis with visual security graphs to identify and mitigate risks efficiently.
- Monitor mobile applications, streamline workflows with advanced integrations, and centralize threat insights in the Trust Center for actionable security management.
Details
Sold by
Categories
Delivery method
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Essential Plan | Gain foundational visibility into your attack surface with continuous monitoring for up to 1,000 assets. Strengthen security by identifying and addressing vulnerabilities. | $36,960.00 |
Professional Plan | Expand monitoring to 6,000 assets with advanced vulnerability scanning, detailed reporting, and seamless tool integrations for comprehensive protection. | $55,440.00 |
Enterprise Plan | Unlimited asset monitoring with tailored solutions, enterprise-grade threat detection, and dedicated support for large-scale environments. | $92,400.00 |
Vendor refund policy
Contact us at support@riskprofiler.ioÂ
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
Please reach out to our Support at support@riskprofiler.ioÂ
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
RiskProfiler Intelligence Platform
By RiskProfiler
A unified solution combining external attack surface management, brand risk management, and third-party risk management to reduce external threat exposure holistically.
RiskProfiler Physical Security Intelligence
By RiskProfiler
Gain complete visibility and control over physical security risks with RiskProfiler. Protect employees, offices, events, and supply chains by tracking threats, monitoring regional risks, and ensuring resilience to emergencies.
Risk Profiling for Credit Evaluation
By Quantiphi
Revolutionize your credit scoring approach by harnessing Quantiphi's ML-powered Credit Scoring Platform, which blends conventional and unconventional data sources for precise risk profiling.
RiskProfiler Brand Intelligence
By RiskProfiler
Protect your brand reputation with advanced detection and remediation of brand abuse, impersonation, and online threats across social media, surface, deep, and dark web.
Customer reviews
0 ratings
0 AWS reviews
|
91 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Sandeep Kumar N.
Actionable Intelligence for Client-Specific Threat Surface Validation.
Reviewed on Jul 31, 2025
Review provided by G2
What do you like best about the product?
As consultants, we need high-fidelity insights fast. RiskProfiler’s modular platform lets us spin up client-specific views that identify exposed assets, misconfigurations, and domain hijacks within minutes. The real-time correlation between assets and known attacker infrastructure is especially valuable during breach simulations and red teaming.
What do you dislike about the product?
Export formatting could better support consulting workflows.
What problems is the product solving and how is that benefiting you?
It shortens client onboarding and risk discovery timelines significantly. We’re able to conduct external assessments without relying on incomplete asset inventories. This elevates our threat modelling quality and delivers quantifiable risk metrics upfront.
Information Technology and Services
From Shadow IT to Strategic Threat Reduction
Reviewed on Jul 31, 2025
Review provided by G2
What do you like best about the product?
The platform uncovers shadow cloud services, rogue DNS records, and unmanaged dev apps—then links them to potential breach paths or compliance failures.
What do you dislike about the product?
Would benefit from an executive-level reporting view that simplifies complex tech flows.
What problems is the product solving and how is that benefiting you?
Reduces unmanaged exposure from decentralized teams. We now enforce asset ownership and remediation through linked ticketing workflows
Rohini S.
Unifying Threat Signals for the SOC and GRC Teams
Reviewed on Jul 31, 2025
Review provided by G2
What do you like best about the product?
RiskProfiler bridges the operational gap between security operations and compliance by aligning indicators (phishing, misconfigs, exploits) with risk controls and policy deviations.
What do you dislike about the product?
The integration options for regional cloud services are really good, but can be improved further.
What problems is the product solving and how is that benefiting you?
Creates a shared threat language across teams. Helps SOC prioritize alerts that impact compliance and risk scoring.
Information Technology and Services
Proactive Risk Mitigation from Recon to Takedown
Reviewed on Jul 31, 2025
Review provided by G2
What do you like best about the product?
Combines domain discovery, attack simulation, phishing kit analysis, and impersonation alerts. Helps us detect attackers at infrastructure setup stage—before emails or payloads are delivered.
What do you dislike about the product?
Timeline visualization across threat stages could be more interactive.
What problems is the product solving and how is that benefiting you?
We’ve moved from reactive detection to proactive disruption of attacker infrastructure, reducing exposure windows across multiple brands.
Information Technology and Services
Questionnaire Automation Meets Threat Context - kartikey
Reviewed on Jul 31, 2025
Review provided by G2
What do you like best about the product?
Enables external detection of exposed APIs, shadow apps, and outdated libraries across dev and staging environments. Includes threat intel overlays so we can triage critical issues faster. We get a unified view of vendor risks, their third-party relationships, and associated attack paths. Even lateral risks from shared hosting or exposed components are surfaced in real time. RiskProfiler connects vendor risk questionnaires with actual threat data. Automated scoring, evidence flagging, and control maturity validation help us eliminate low-value assessments. Monitors misconfigs, orphaned assets, and cloud drift across AWS, Azure, and GCP. Auto-tagging and blast radius scoring streamline issue prioritization in fast-changing environments.
What do you dislike about the product?
Language filtering and version context for third-party components could be more granular. UI search filters across tiers and risk categories can be a bit complex to learn. More visual summaries per vendor would speed up reviews for non-technical stakeholders. Dashboard loading slows with too many filters applied across regions and projects.
What problems is the product solving and how is that benefiting you?
Helps us surface vulnerable and forgotten apps in dev cycles that bypassed SAST/DAST scans. Keeps dev and security aligned. Identifies weaknesses beyond just primary vendors, extending protection to supply chain subnets and inherited risks. This expanded view is critical for resilience. Transforms compliance questionnaires into real security validation. It detects when vendors underreport risks, improving due diligence. Helps us reduce manual cloud audits and enforces policy adherence across decentralized teams. It’s become a key zero-trust enabler.