Skip to main content
Open-source platform for cybersecurity Attack Surface Management. Built to help security teams identify, monitor, and manage external assets and potential security exposures across their digital infrastructure. Dashboard

Features

  • Asset Discovery & Management: Discover and manage internet-facing assets (domains, IPs, services) with grouping and multi-workspace support.
  • Vulnerability Assessment: Scan for vulnerabilities and misconfigurations with issue tracking, risk analysis, and remediation guidance.
  • Technology Detection: Identify technologies and services running on discovered assets.
  • Distributed Scanning Engine: High-performance distributed workers that can be easily scaled for parallel scanning tasks.
  • Tool Integration: Extensible framework for integrating security scanning tools.
  • AI Assistant Integration: MCP server integration for AI assistants to query asset data via natural language.
  • Workflow Automation: Automated scanning schedules, alerts, and remediation workflows.
  • Real-time Monitoring: Monitor asset changes with instant notifications and a statistics dashboard.
  • Search & Analytics: Search and filter asset data with analytics for risk trends and reporting.

Quickstart

Run OASM with docker localy in minutes.