
Introducing Apex Discovery to secure every domain you actually own
Most tools will only test the domains you already know about. We’ve decided that’s not enough. TLDR: Detectify’s new Apex Discovery automatically identifies root domains …

As of today, researchers can report security issues in Detectify services to earn a spot on our Hall of Fame as well as some cool prizes. The Detectify team has participated in most Responsible Disclosure programs out there (including Facebook, Nokia, Google, Microsoft, and Soundcloud, so we felt the time is here to have one of our own.
But our service is made for finding web vulnerabilities, how come we need a Disclosure program? Well. Even though our services are based around finding security bugs in web applications, we are not as naive as to think that our own applications are 100% flawless. We take security issues seriously and will respond swiftly to fix verifiable security issues. If you are the first to report a verifiable security issue, we’ll thank you with some cool stuff and a place at our hall of fame page.
It’s a 5 step process:
Any typical web security bugs such as:
Any typical low impact/too high complexity such as:

Most tools will only test the domains you already know about. We’ve decided that’s not enough. TLDR: Detectify’s new Apex Discovery automatically identifies root domains …

We are launching the Detectify MCP Server to deliver real-time vulnerability data and attack surface insights directly into your AI-powered workflows. Built for developers and …