NetDefenders FAQ
Frequently asked questions
Clear answers about NetDefenders, external exposure monitoring, manual security testing, pricing, safety, and what happens when you start.
General questions
What NetDefenders does
NetDefenders helps businesses understand what attackers can see from the outside and what should be fixed first.
What is NetDefenders?
NetDefenders is a cyber exposure monitoring and security testing service. We help businesses identify external risks across websites, domains, public services, DNS, email security, exposed credentials, and other public-facing assets.
Who is NetDefenders for?
NetDefenders is built for small and growing businesses that want practical security visibility without needing a full internal security team. It is also useful for IT providers who want clearer prioritisation for their clients.
What makes NetDefenders different?
Most tools produce technical findings. NetDefenders focuses on turning those findings into plain-English explanations, practical priorities, and next steps that business owners and IT teams can act on.
Do you only provide automated scanning?
No. Automated monitoring helps identify external exposure on an ongoing basis. Manual penetration testing and human-led security assessment work can also be provided separately when deeper assurance is needed.
Want to see the product first?
Use the live demo to understand how findings are presented before starting a trial or speaking to us.
Exposure monitoring
How the monitoring works
External exposure monitoring looks at what is visible from the internet and helps prioritise the risks that matter most.
What does external exposure mean?
External exposure means the websites, services, domains, IP addresses, DNS records, email settings, and public information that someone outside your business may be able to discover or interact with.
What checks are included?
Checks can include asset discovery, website exposure, DNS and email configuration, public service discovery, OSINT signals, known vulnerability checks, breach indicators, and prioritised risk reporting.
Do I need to install anything?
No. Standard monitoring is performed externally. You do not need to install agents on laptops, servers, or internal systems for the normal external exposure monitoring plans.
How often are checks performed?
This depends on the plan. Some businesses only need a monthly view, while others need weekly or more frequent monitoring for higher-priority assets.
Will I receive alerts?
Yes. High-priority and critical findings can be surfaced through the dashboard and email alerts so that important risks are not buried in technical noise.
Will the results be too technical?
No. The platform is designed to explain the issue, why it matters, who is likely to fix it, and what the next practical step should be.
Trial and onboarding
Starting with NetDefenders
The trial is designed to make it easy to understand what NetDefenders can show you before committing to an ongoing plan.
You provide your domain, website, and any known public assets. We then begin building a clearer view of your external exposure.
What happens during the 30-day trial?
You start with quick checks, such as website headers, DNS, and email configuration. Deeper discovery and exposure checks can then populate inside the portal as scans complete.
What information do I need to provide?
Usually your main website, company domain name, and any IP addresses or additional domains you already know about. The platform can then help identify additional related exposure.
Do I need to confirm authorisation?
Yes. You should only submit domains, websites, and assets that you own or are authorised to test. This protects both your business and the scanning process.
Can I cancel after the trial?
Yes. The purpose of the trial is to let you review the portal and decide whether ongoing monitoring is useful for your business.
Manual testing
Monitoring vs penetration testing
Continuous monitoring and manual testing are related, but they solve different problems.
Is NetDefenders the same as a penetration test?
No. NetDefenders monitoring provides ongoing visibility of external exposure. A penetration test is a deeper, human-led assessment of a specific system, application, or environment.
When would I need manual penetration testing?
You may need manual testing before launching a major system, after significant changes, for compliance, for client assurance, or when you want deeper investigation beyond automated monitoring.
Can you provide manual testing too?
Yes. Manual penetration testing can be scoped separately. This keeps ongoing monitoring affordable while still allowing deeper human-led testing when the business case is there.
Will testing disrupt our business?
External monitoring is designed to be low impact. Manual testing is scoped carefully in advance, including timing, rules of engagement, exclusions, and any systems requiring extra care.
What will we receive after manual testing?
You receive clear findings, evidence where appropriate, risk ratings, and practical recommendations. Reports can be written for both technical teams and business decision-makers.
Can you help us fix the issues?
Yes. We can help explain the findings, prioritise what matters, and provide tailored guidance and remediation steps so your team or provider can take action.
Pricing and plans
How pricing works
Plans are based on asset coverage, monitoring cadence, and the level of support needed to turn findings into action.
How much does NetDefenders cost?
Pricing depends on the number of domains, websites, public assets, scan cadence, and level of support required. The homepage pricing section outlines the starting plans.
Why is manual testing priced separately?
Manual penetration testing requires human-led investigation, scoping, reporting, and validation. Keeping it separate means businesses can use ongoing monitoring without paying for deep manual testing every month.
Can we start small?
Yes. Many businesses start with a smaller monitoring plan and expand coverage as they better understand their external footprint and risk priorities.
Do you offer custom plans?
Yes. If you have more domains, websites, IP addresses, or higher-frequency monitoring needs, a custom plan can be scoped around your business.
Not sure which plan fits?
Start with the trial or contact us with your website, domains, and rough asset count. We can suggest a practical starting point.
Trust, privacy and safety
How we handle sensitive work
Security work needs to be controlled, authorised, and handled carefully.
Is scanning safe?
External monitoring is designed around low-impact checks. Anything deeper or more intrusive should be separately scoped and authorised before it is performed.
Do you scan anything without permission?
No. You should only submit assets you own or are authorised to test. Manual testing work is scoped and agreed before it begins.
How do you handle confidential information?
Client information, findings, technical details, and business context are treated carefully and shared only with authorised contacts.
Can my IT provider access the results?
Yes, where you authorise it. The findings are designed to be understandable for business owners while still giving technical teams enough detail to fix the issue.
Are the results suitable for non-technical teams?
Yes. The aim is to explain the risk in plain English, not overwhelm users with scanner output. Technical detail can still be provided where needed.
What if a finding is wrong?
Findings can be reviewed, clarified, and retested. Automated tools are useful, but context matters, which is why prioritisation and validation are important parts of the service.
Still have a question?
Ask us directly
Tell us what you are trying to protect, what you already know about your external assets, or what you need help understanding. We’ll point you in the right direction.