Every open port on your server is a door. Some of those doors need to be open — but many shouldn’t be, and some you might not even know about. PortVigil scans your servers from the outside, exactly the way an attacker would, and tells you precisely what’s exposed, what’s running on each port, and which services need your attention.
Free External Port Scan
See what the outside world sees. Our one-time scan maps every open port on your public IP, identifies the services behind them, and highlights the ones that could put you at risk.
✔ Complete open port enumeration
✔ Service and application identification
✔ Version detection for running software
✔ Initial risk assessment per port
✔ Free — no registration needed
Continuous External Monitoring
Ports can open unexpectedly — a software update enables a new service, a firewall rule gets misconfigured, or someone installs something they shouldn’t have. We scan your servers continuously and alert you the moment your attack surface changes.
✔ Ongoing automated external scanning
✔ New open port alerts in real time
✔ Port state change tracking (open, closed, filtered)
✔ Full scan history for auditing
✔ Attack surface dashboard
What’s Running on Your Ports?
An open port alone doesn’t tell you much. We go deeper — identifying the exact application and version on each port and cross-referencing it against CVE databases to flag software with known vulnerabilities.
✔ Precise application fingerprinting
✔ Version-level identification
✔ CVE matching and vulnerability flagging
✔ Upgrade and patching recommendations
✔ Risk score for every exposed service
Attack Surface Reduction
The fewer ports exposed, the smaller your risk. We provide a clear roadmap showing which ports to close, which services to move behind a firewall, and which configurations need tightening — with before-and-after tracking to prove progress.
✔ Full attack surface mapping and analysis
✔ Port-by-port closure and hardening recommendations
✔ Firewall rule suggestions
✔ Before-and-after comparison reports
✔ Practical remediation steps for each finding
Multi-Server Coverage
Monitoring one server is easy. Monitoring a fleet — across data centers, cloud providers, and client environments — is where things get complicated. We make it simple with one dashboard for all your IPs.
✔ All servers under one account
✔ Centralized attack surface view
✔ Per-server and aggregate reporting
✔ Built for MSPs, hosting companies, and DevOps teams
Compliance-Ready Reporting
PCI DSS, ISO 27001, and other frameworks require regular external vulnerability assessments. Our continuous scanning and detailed reporting help you stay compliant without scheduling manual pen tests.
✔ External scan reports for compliance audits
✔ Hardening documentation and change logs
✔ Supports major compliance frameworks
✔ Post-fix verification scanning
Want to Know What’s Exposed?
Send us your details and we’ll help you understand your server’s attack surface — and what to do about it.