Circumference ARC

Outside-in visibility for modern teams. ARC maps your external footprint, runs 100+ non-invasive checks across DNS, SSL/TLS, email, web and infrastructure, and turns results into prioritized, reproducible fixes.

Go to ARC How ARC works
ARC logo and interface

Know what’s exposed—and what to do next

ARC (Assessment of Residual Cyber-Exposure) is a web-based scanning utility that uses keys, not user identities, to assess domains. It confirms what’s publicly reachable, evaluates risk across Exposed Personnel, Infrastructure Security, DNS Security, SSL/TLS Health, Website Security, and Email Security, and returns evidence-backed remediation you can ship today.

Continuous discovery of domains, subdomains, hosts, ports and tech stacks—built from the outside in.
Prioritized findings with severity, rationale, proof-of-finding and step-by-step remediation.
Executive-ready summaries, exportable reports, and progress tracking to show closure and reduce drift.
Go to ARC How ARC works

How ARC works

From pre-assessment to results you can act on—safe, scoped, and reproducible.

  1. 1

    Pre-assess DNS & WAF/CDN to set safe scope

    ARC fingerprints DNS and detects domain-level WAF/CDN protections up front, so scans aren’t wasted on blocked requests and your rate limits are respected.

    Why it matters

    Right-sizing the scan prevents noisy errors and produces defensible, repeatable results your teams can trust.

    Control & consent: ARC is key-driven. You can set Scan Restrictions in account management to limit who can scan your domain. Don’t want ARC to scan? Add a TXT record ARCNOSCAN and ARC will respect it.

  2. 2

    Discover assets & map services

    ARC builds a live external inventory—subdomains, hosts, open services, stacks—and ties each asset to likely ownership and purpose.

    Why it matters

    Service-aware discovery ensures ARC runs only relevant checks—no bombarding infra with noise—and helps you eliminate shadow services and stale DNS before attackers find them.

  3. 3

    Run 100+ non-invasive checks & prioritize fixes

    ARC evaluates each relevant host across DNS, SSL/TLS, website and email security, infrastructure posture, and exposure signals—probing only what’s publicly discoverable.

    Why it matters

    You get a ranked plan with severity, rationale, and proof-of-finding. Engineers understand the “why” and “how;” leaders see impact, owners, and measurable progress over time.

Getting started is as easy as…

1

Point ARC at your domain

Choose a one-time, pay-as-you-go, or bulk scan key, enter your domain, and select a window. ARC handles pre-assessment and safe probing automatically.

2

Get fast, accurate findings

Over 100 checks across DNS, SSL/TLS, website and email security, infrastructure posture, and exposure signals—summarized with evidence and next steps.

3

Track progress over time

Use the past reports dashboard to compare scans, schedule rechecks to confirm closure, and watch for drift. Restrict who can scan your domain from account settings.

What you get with an ARC license

Artifacts that travel from engineering to the executive table.

Full DNS map of your domain

A clear, navigable map of records and connected services—spot outliers, stale entries, and exposure paths quickly, then assign owners with confidence.

Complete, prioritized findings

100+ categorized checks with severity, rationale, and proof-of-finding—exportable, ticket-ready, and easy to track from open to closed.

Key-driven, consent-aware scanning

Start with a one-time or bulk key, upgrade to pay-as-you-go anytime. Control who can scan via Scan Restrictions—or opt out entirely with the ARCNOSCAN TXT record.

Pricing: One-time scan $250 • Pay-as-you-go $200 setup + $100/scan • Bulk $50/scan (100 scan minimum).

API access for automation

Build ARC into your workflows, products, and client services.

Made for engineers, teams, and platforms

Purchaseable API access lets MS(S)Ps and SaaS teams trigger scans, stream results, and store evidence your way—so you can assess domains faster, compare runs over time, and keep drift in check without adding tooling bloat or new accounts to manage.

Simple REST/JSON with token auth—no agents and no user identity coupling.
Kick off scans on demand and receive callbacks for status, findings, and artifacts.
Pull structured outputs—assets, DNS map, issues, remediation steps—ready for your datastore.
Safe by default: rate limits, scope guards, and respectful probing.
Multi-tenant friendly: separate keys and projects per customer or environment.
Request API access Email Sales Go to ARC

Built for these use cases

MS(S)P baseline & recheck loops

Automate first-pass discovery for new clients, then re-audit on your schedule to prove closure and catch drift.

Ticketing & workflow integration

Turn findings into ready-to-work items with severity, rationale, and remediation steps attached.

SaaS platform add-ons

Embed safe external posture checks inside your product and present executive-ready summaries.

Evidence & reporting pipelines

Store raw outputs and PoF artifacts in your lake or SIEM, then visualize trends your way.

API access is licensed separately and intended for approved, consented assessments. Use within your owned domains or with written authorization from the asset owner.

Who ARC is for

For teams that want signal over noise—and fixes they can ship today.

Lean security teams

Skip the alert storm. ARC delivers a clean queue of verified, outside-in issues—each with severity, evidence, and a clear fix—so you can protect the org without pausing real work.

Technology leaders

Turn posture into a plan. Show where you stand today, what reduces risk fastest, and how progress stacks up over time with owners, rationale, and executive-ready summaries.

Audit-bound orgs

Walk in ready. Use ARC’s built-in reports and scheduled rechecks to demonstrate control effectiveness, prep for frameworks, and keep “pass-once” momentum.

Ready to see your outside-in posture?

Spin up ARC, get evidence-backed fixes, and keep drift in check with scheduled rechecks.

Go to ARC See Full Circle