GetApp offers objective, independent research and verified user reviews. We may earn a referral fee when you visit a vendor through our links.
Our commitment
Independent research methodology
Our researchers use a mix of verified reviews, independent research, and objective methodologies to bring you selection and ranking information you can trust. While we may earn a referral fee when you visit a provider through our links or speak to an advisor, this has no influence on our research or methodology.
How GetApp verifies reviews
GetApp carefully verified over 2 million reviews to bring you authentic software experiences from real users. Our human moderators verify that reviewers are real people and that reviews are authentic. They use leading tech to analyze text quality and to detect plagiarism and generative AI.
How GetApp ensures transparency
GetApp lists all providers across its website—not just those that pay us—so that users can make informed purchase decisions. GetApp is free for users. Software providers pay us for sponsored profiles to receive web traffic and sales opportunities. Sponsored profiles include a link-out icon that takes users to the provider’s website.
FractalScan Surface
Identify your vulnerabilities before the hackers.
Rating criteria
Reviews by rating
Astra Pentest
Action1
Aikido Security
Recommended
Scott H.
Automotive, 201-500 employees
Used weekly for 1-2 years
Review source
Share this review:
Since using the product, we discovered quite a few vulnerabilities and security misconfigurations in our environment which were previously overlooked. It also provided us with actions to take, and prioritized the risks for us, so we knew what to focus on fixing first. Best of all, as time marches forward, the product keeps aware of the changes to your infrastructure automatically, and will keep you informed of new risks and exposures that your environment may have. It's a fantastic tool to help you be proactive at preventing cracks from forming in your infrastructure
The tool automatically monitors for changes in the security posture of the assets under management. This tool automatically scans and explores the domain and subdomains, and other DNS records for items to monitor, and then automatically scans these assets for known vulnerabilities, versions, and highlights common security misconfigurations and items you may overlook, such as ensuring strict transport security is enforced. The support team has been great to work with. It was entirely painless to get set up and have a huge breadth of monitoring and awareness, right from the start with very little effort or time required. For the money, you get a lot of visibility, depth, notifications, and value out of the product. I'm very glad we are using it.
The product does a good job of showing you changes over time, but (and this is really minor) it would be useful to keep the history of a previously mitigated vulnerability/risk to know exactly what it was mapped to.
Darren L.
Government Administration, 201-500 employees
Used weekly for less than 6 months
Review source
Share this review:
So easy to get going with, and a massive win for identifying vulnerabilities, and have them analysed in terms of risk so you can focus attention in the right area at the right time.
Ease of setup, ease of use, auto update, very little to do
Manual rescan is part of a higher subscription level, which could be annoying for some, but an overnight rescan is more than suitable for our organisation
Peter N.
Telecommunications, 1,001-5,000 employees
Review source
Share this review:
Setup for this tool took only minutes and the results returned were much more accurate and relevant than other tools we tried.
The tool appears to be lacking in some integrations but is a good standalone product.
Caolan K.
Computer & Network Security, 11-50 employees
Used monthly for less than 6 months
Review source
Share this review:
It's a great tool, having a single place which groups together all IP addresses, domains, services, and components for web applications is particularly useful for assessments.
Overall, the tool is easy to navigate and requires no prior training to be understood.
The graph tab is confusing and difficult to use/interpret. It feels a little unnecessary and clunky. Something like dropdown menus might work a little better for expanding sections.
robin c.
Real Estate, 201-500 employees
Used daily for 1-2 years
Review source
Share this review:
Easy to use, easy to configure, straightforward results and details.
Domain based scanning with effective reporting and reliable results.
Out of the box integrations with ticketing solutions would be nice.
Andy K.
Financial Services, 1,001-5,000 employees
Used weekly for 6-12 months
Review source
Share this review:
We may not be privy to sites or sub-domains other parts of the business may implement. FractalScan gives us a discovery tool to identify previously unknown public infrastructure, we can reduce our external attack surface by identifying and resolving issues and getting "old" public infrastructure decommissioned.
Simplicity - give it a domain and it will find out what it can about subdomains, related domains and any issues it identifies with them.
FractalScan sometimes identifies unrelated domains as being related, so there is some clean up of the discovery required.
Jason C.
Financial Services, 1,001-5,000 employees
Used monthly for 6-12 months
Review source
Share this review:
Really impressed with the product and the after-sales service we have received
FractalScan Surface provides a compact and concise overview of vulnerabilities that have been identified on our assets. It is important for teams to be able to understand the issue, prioritise remediation activities and focus on removing vulnerabilities from our estate....this tool enables all of this and has proven to find vulnerabilities that other tools do not.
There is nothing of note at the moment that causes us to dislike the FractalScan Surface product
Richard S.
Security and Investigations, 11-50 employees
Used weekly for 6-12 months
Review source
Share this review:
Using Fractal Scan and working with the team at Red Maple has been an absolute pleasure. Fractal Scan is a powerful but elegant tool that we use to protect ourselves as well as to help other clients.
It's simplicity and ease of set up - you get extensive results just from entering one domain name
Some of the language is tech heavy - it could be dumbed down just a little for the non expert user
Jack S.
Information Technology and Services, 11-50 employees
Used monthly for less than 6 months
Review source
Share this review:
FractalScan Surface delivers an exceptional experience, principally by enhancing our understanding of customers' digital assets. The platform's intuitive interface facilitates a user-friendly experience that our team appreciates. This, in turn, allows us to proactively identify vulnerabilities and address them before they escalate. We've found the platform to be markedly superior to its market counterparts in terms of capability and efficiency. Integration into our existing business processes was seamless, minimising any potential operational interruptions.
There are no cons to mention as the platform has met and exceeded our specific requirements for cyber security analysis and client service.
Simon H.
Information Technology and Services, 51-200 employees
Used monthly for 6-12 months
Review source
Share this review:
Fantasstic relationship managers who are always happy to help and provide support. Software has helped with gap analysis and assesments of new and exisiting clients.
Fractal scan is easily onboarded and provides access to useful data almost immediatley.
Initially we had some suggestions which the dev team have made implemented which has made the tool and its reporting much easier to action.
Jonathan T.
Information Technology and Services, 11-50 employees
Used weekly for 6-12 months
Review source
Share this review:
Very simple and easy way to get a overview of external surfaces of exposed endpoints.
Not really, even during our initial period of use new features have been added to a constantly evolving product.
Tim N.
Information Technology and Services, 51-200 employees
Used daily for less than 6 months
Review source
Share this review:
FractalScan allowed be to better support my clients. As a security testing company, we need to help our customers identify, test and reduce risk. FractalScan has empowered myself and my team more easily and quickly identify risk with our customers.
What I appreciate the most about FractalScan is the level of accuracy this platform provides while maintaining a passive approach to data collection. As someone who works in technical sales and consulting, I have a lot of clients working with products in this space. The common problem is the overwhelming amount of results and the operational overhead required to make those results actionable. FractalScan's unique solution provides results that are immediately accurate and actionable.
The current public API is lacking some key features to support full process integration. While this is what I like least about the current product, I do have to add that this "complaint" will not last long. The FractalScan team takes feedback very seriously and actively work to dev the gaps that their customers highlight. While this is current gap, I do not foresee this being a gap much longer.