Same audit experience as Scope-only, plus ongoing exposure monitoring activates the moment your report is delivered. New exposures detected after the audit get alerted in real time. 9 steps total — the first 7 are identical to Scope-only, then Steps 8–9 are about the ongoing protection.
Scope + Monitoring purchase
Stripe Checkout completes the order. Monitoring billing starts after a 90-day trial (included with Scope) and can be cancelled at any time via the billing portal. Payment confirmation arrives within a minute.
Confirmation and audit scan
You receive an intake email confirming payment. Our scan runs in the background — credential exposure, breach corpora, paste sites, domain impersonation, public-facing infrastructure tied to your company.
Audit Ready notification and monitoring activation
The "Your forensic audit for [your company] is complete" email arrives with your audit dashboard link. At the same time, your monitoring dashboard goes live and the 90-day trial clock starts.
Find your audit report → Find your monitoring dashboard →Findings review
Findings grouped by severity. Each finding has plain-English remediation steps. This is where you decide what to fix yourself and what needs help.
Read findings and action items →Remediation path selection (DIY or Implementation)
Same fork as Scope-only. DIY for simple things (password rotation, MFA, DNS records). Book Implementation for technical work (M365 conditional access, DMARC, anything you don't recognize) — Tier 1 covers basic remediation, Tier 2 adds the Hardening Certificate. See tier and pricing details.
How tiers work →Remediation, mark-done, and reverification
You (or your IT, or our contractor) make the change. Click "I've done this" on each finding, then "Reverify." Status flips to Resolved, Mitigated, or Still present. Repeat per finding until all closed.
Reverify a fix →Alert routing configuration
By default monitoring alerts arrive by email. If you want them in Slack, Microsoft Teams, or your SIEM, add a webhook from the audit dashboard's Webhooks tab. Severity threshold and category filters are configurable from the monitoring dashboard's Settings page.
Configure outbound webhooks →Monitoring alerts
Real-time email (and webhook, if configured) the moment a new credential, paste-site mention, or breach-corpus appearance involving your domain is detected. Each alert links straight to the affected entry in your monitoring dashboard. Most customers get 0–2 alerts per quarter once their initial findings are remediated.
Receive and act on alerts →Trial-to-paid conversion (or cancellation)
The 90-day trial ends and Stripe begins billing at the rate you selected at checkout (monthly or annual). Cancel anytime via /account/ — access continues to the end of the paid period. No partial refunds for the current period, but no penalty either. Current rates: /pricing/.
Pause or cancel monitoring →Other things you can do anytime
Available throughout the lifecycle. Not steps you have to take in order.
Download PDF reports
Executive summary, technical report, or compliance evidence package — all available from the audit dashboard at any time.
Download PDF reports →Share evidence with an outside reviewer
Time-limited read-only link for your insurance broker, CPA, compliance auditor, or vendor-security reviewer.
Share with a reviewer →Tune alert volume
Switch from real-time to daily/weekly digest, raise the severity threshold, or pause noisy categories — from the monitoring dashboard's Settings.
Tune your monitoring alerts →