VeilScan is a continuous external attack surface intelligence platform built for mid-market companies — the organisations too large to ignore their exposure, but too lean to run a full-time red team.
Most companies have no idea what their external attack surface looks like right now. Subdomains spin up, ports open, certificates expire, and S3 buckets go public — while internal teams are focused on features and firefighting.
Existing security scanners either produce unverified lists of potential issues with no proof, or require a dedicated security team to interpret the output. Neither is useful to a 200-person company with a two-person IT function.
VeilScan runs a 16-stage automated reconnaissance pipeline against your external infrastructure. Every finding is validated against a strict proof standard before it reaches your report — Critical findings require a reproducible proof of impact, High findings require confirmed evidence. Unverified signals are downgraded automatically.
Where multiple findings connect, our exploit path engine chains them into a narrative: this is how an attacker moves from this subdomain, through this open port, to this exposed credential. That is the output that drives real remediation decisions.
VeilScan is built and operated by CodeCrypse IT Solutions LTD, a company registered in England and Wales. Our infrastructure runs exclusively in AWS eu-west-2 (London). Customer data does not leave the UK.
We are a small, focused team. If you have questions about whether VeilScan is right for your organisation, email us directly at hello@veilscan.net — you will reach a founder.
For support, billing, and technical questions: see our contact page.