For MSPs & MSSPs

Watch every client's attack surface without touching their network

SurfaceLoop continuously maps what each client exposes to the internet — forgotten subdomains, open ports, expiring certificates, spoofable email — and hands your team plain-English findings with the evidence to prove fixes happened.

14-day free trial on real domains. Nothing installed at the client. No card details.

Why MSPs use it

Recurring security value you can show, not just claim

“Are we secure?”

Every client asks it; few give you budget to answer it. Continuous external monitoring gives you a concrete, evidenced answer instead of a shrug between annual reviews.

The estate nobody documented

Client environments accumulate subdomains, trial services, and old vendors' leftovers. Discovery maps what each client actually exposes — including the assets no handover doc ever mentioned.

Findings you can forward

Scanner output you have to translate is a cost. SurfaceLoop findings are written in plain English — what it is, why it matters, how to fix it — ready to drop into a ticket or a service review.

Built to sit inside your service

Runs alongside your stack, not on top of your clients

Nothing to deploy at the client

Purely external scanning. No agents on client machines, no firewall changes, no credentials to hold — nothing to get approved through a change window.

Proof your work happened

Every scan is compared with the last. When you close an exposure, the change history shows it — evidence for the client that the service is doing something.

Alerts routed to your team

Email, Slack, or webhooks, configured per severity — so a critical finding on a client estate reaches your engineers, not an unwatched inbox.

API for your own tooling

A full REST API exposes every scan result, so findings can flow into the systems your team already runs.

Curious what a scan covers? Every asset is checked across seven risk categories — ports, panels, TLS, headers, CVEs, DNS/email, and subdomains.

Frequently asked questions

Can I monitor multiple client estates?
+
Yes. SurfaceLoop is used by MSPs as well as in-house teams. The domains in scope — including multiple clients and brands — and the pricing for that scope are agreed on your demo call.
Do my clients need to install or approve anything?
+
No. SurfaceLoop scans purely from the outside, the same view an attacker has. There are no agents, no firewall changes, and no access to client networks — so there's nothing to schedule or get signed off.
How does the trial work for an MSP?
+
The same as for any customer: a short demo call, then 14 days of the full product free — typically on your own domain plus a client estate you nominate, so you see real findings before committing. No card details are taken.
How does billing work?
+
By invoice from AMVIA, the company behind SurfaceLoop — no card on file, no separate payment platform. Multi-client pricing is agreed on the demo call and billed to you as the service provider.

Bring one client estate to the demo

We'll walk through what SurfaceLoop finds, agree multi-client scope and pricing, and set up your 14-day trial.