📡 Attack Surface Inventory

You Can't Protect What
You Don't Know Exists

Deploy a lightweight sensor. Discover every device, open port, and exposed service on your network — automatically. Know your full attack surface before attackers map it for you.

Start Free — 10 Devices →Book a Demo
✅ Passive — no network disruption✅ EU data residency · Frankfurt✅ DORA Article 8.4 compliant
⚠ Why unknown assets are your biggest risk
67%
of breaches involve an unknown or unmanaged device
Armis 2023
45%
of endpoints organisations can't account for
Ponemon Institute
+30%
more connected devices than IT knows about, on average
Claroty Research
Art. 8.4
DORA mandates ICT asset registers for all in-scope entities
EU Reg. 2022/2554

From Blind Spot to Full Visibility in Minutes

One Docker container on your network. No agents. No firewall rules. No disruption.

01
🐳
Deploy the Sensor

Run a single Docker container on your network. It registers to your Breachr tenant automatically using a token — no other configuration required.

02
📡
Passive Discovery + Active Scan

Passive ARP/DHCP sniffing finds devices the moment they appear. Every 4 hours, active nmap scanning maps open ports and services across your full estate.

03
🎯
Risk-Ranked Inventory

Assets appear in your dashboard ranked by risk score. CVE correlation runs automatically. New devices trigger instant email alerts — nothing goes unnoticed.

Deep Dive: Inventory Capabilities

🔍

Continuous Asset Discovery

Passive network sniffing detects new devices the moment they connect — no polling interval, no manual scans. Your inventory updates in real time as your estate changes. MAC address, IP, hostname, and vendor detected automatically.

ARP/DHCP passiveReal-timeMAC + IP + hostname
🗺

Port & Service Mapping

Active nmap scanning every 4 hours. Every open port, running service, and service banner catalogued per device. Know exactly what is exposed before an attacker maps it for you.

nmap active scanTop 1000 portsService banners
⚠️

Automatic CVE Correlation

Discovered services are matched against live NVD CVE feeds. Each asset shows its CVE exposure ranked by CVSS score — so you know which devices are most dangerous right now, without manual research.

NVD live feedsCVSS scoringPer-device CVEs
🏷

Asset Classification & Ownership

Tag assets with type, department, owner, physical location, and criticality. Build the ICT asset register DORA Article 8.4 requires — directly in your Breachr dashboard, kept current automatically.

Criticality tiersOwner assignmentDORA Art. 8.4
🔔

New Device Alerts

Every new device that appears on your network triggers an instant email alert with MAC, IP, hostname, and vendor. Rogue devices, contractor laptops, IoT — nothing is invisible. Cryptographic audit trail records every discovery.

Email alertsAudit trailAcknowledge workflow
📊

Risk Scoring Dashboard

Every asset receives a risk score from 0–100 based on open ports, CVE exposure, and criticality. Your highest-risk devices surface at the top — so remediation teams know exactly where to start.

0–100 risk scoreCritical/High/Medium/LowCSV export
📋

Asset Inventory Is a Regulatory Obligation — Not Optional

DORA and NIS2 both mandate that regulated entities maintain accurate, up-to-date ICT asset registers. Breachr Inventory builds one automatically and keeps it current.

DORA · EU 2022/2554
Article 8.4 — ICT Asset Management
Financial entities must identify, classify and document all ICT assets supporting their business functions, information assets, and ICT third-party service providers. The register must be kept up to date.
NIS2 · EU 2022/2555
Article 21(2)(a) — Asset Management
Essential and important entities must implement policies for asset management — including identification and cataloguing of network and information systems assets.

Inventory is Included in All Paid Plans

Start discovering your attack surface on Starter. Scale to full enterprise coverage on Professional and Enterprise.

STARTER
10 Devices
€159 / month
  • Passive + active discovery
  • Port & service mapping
  • CVE correlation
  • New device email alerts
PROFESSIONAL
100 Devices
€350 / month · Most Popular
  • Full risk scoring dashboard
  • Asset classification & ownership
  • DORA Art. 8.4 asset register
  • Jira / Slack / Linear alerts
ENTERPRISE
Unlimited Devices
Price on application
  • Multiple sensor deployments
  • White-label asset reports
  • On-premise sensor option
  • Cloud discovery (roadmap)

Inventory is not available on Freemium. Compare all plans →

Map Your Attack Surface Today

Join compliance teams using Breachr Inventory to satisfy DORA Article 8.4 and eliminate blind spots.

Start Free — 10 Devices →Book Enterprise Demo
✅ No credit card required✅ EU data residency✅ Passive — zero network disruption