You run the business. We turn cyber signals into decisions.

Every finding ships with a decision: act today, wait a week, or call a specialist. No CVEs, no jargon, no "contact sales".

Пассивный анализ · Без установки · Без доступа к серверу

О системе

You pay for monitoring. A specialist is called only when we find a real risk.

Соответствие
152-ФЗ187-ФЗГОСТ Р 57580ст. 274.1 УК РФ
5+
источников данных
24/7
непрерывный мониторинг
02 — Почему Sycrion

A security specialist isn't needed every month.

In-house CISO. Always on payroll.
per month
€6,000
Agency retainer. Day-scale response.
per month
€3,500
Sycrion. Only when something happens.
per month
€950
03 — What you'll see in the report

What you'll see in the report.

What we typically find online.

01
Passwords in code

Accidentally uploaded .env files with passwords.

02
Cloud keys

AWS, Google, Azure — sitting in a public repo.

03
Customer DB in archive

An old database copy still reachable by direct link.

04
Keys to your admin

Secrets that let anyone sign in as your company.

05
Docs visible to Google

Drive files with "anyone with link" turning up in search.

06
Name on a breach list

Your company posted on a ransomware group's page.

04 — Источники

5 sources. One scan.

All five every day. In parallel.

GH
GitHub

When passwords end up in public code by accident.

WB
Wayback Machine

When forgotten files stay in the internet archive.

CT
Certificate Transparency

When attackers see all your hidden subdomains.

PB
Paste sites

When people talk about your company on hacker forums.

RL
Ransomware leak sites

When your name shows up on a breach list.

05 — Как работает

Three steps — from your domain to first evidence.

01

Submit your domain

You give us your company domain. No agent install, no system access, no credentials. We only inspect what is already public.

02

We collect evidence

We scan GitHub, paste sites, the Wayback archive, public forums and ransomware leak sites. Every finding carries a hash, timestamp and source link.

03

You get the report

A PDF with findings ranked by risk. The decision on what to do is yours — we provide evidence, we do not act on your behalf.

06 — Периметр

Observation, decision, boundary.

In perimeter
Public attack surface.
Code, key, and file leaks.
Executive-ready decision.

We do not invent figures — every amount references a law article and publication date.

Out of perimeter
Interference with your systems.
Critical infrastructure without consent.
Legal counsel.

The boundary is explicit. For what is outside it, we will point you to a licensed contractor.

07 — Тарифы

Pricing without "contact sales".

Start with a free scan. Decide on monitoring once you see what we find.

Free Scan
€0

1 scan, no commitment.

  • Full PDF report
  • All 5 sources checked
  • Risk-ranked list
Run a scan
One-time Audit
€650one-off

Deep scan plus a specialist walkthrough.

  • 5 sources plus deep correlation
  • Decision Memorandum L1–L4
  • 30-minute video walkthrough
Order the audit
Most popular
Reveal Watch
€950/ mo

1 domain. 24/7.

  • Daily checks
  • Email alerts on findings
  • Monthly report
Start Watch
Reveal Pro
€2 500/ mo

5 domains. Priority.

  • Up to 5 domains
  • Alerts within 15 minutes
  • Board summary report
Start Pro
08 — Вопросы

Questions we get most often.

Is this just a GitHub scanner?

No. GitHub is one of five sources. We also monitor the Wayback Machine archive, Certificate Transparency logs (crt.sh), public paste sites and ransomware leak sites — every source runs on every scan and on every Watch/Pro monitoring cycle. GitHub is the most famous source; it is not the most common one for finding leaks.

Are you replacing my cybersecurity consultant?

No. Sycrion Reveal monitors public sources and delivers evidence. Strategy, security policies, incident response — those stay with a human. We take the routine "who watches five sources every day" off your desk.

Do you need access to our systems?

No. We only inspect public sources: GitHub, paste sites, Wayback Machine, certificate transparency, ransomware leak sites. No agent installed, no credentials taken, no entry into your infrastructure. By design — it shrinks the trust surface.

Where is data processed?

A standard Data Processing Agreement is available on request. Scan data is retained per the policy described in the Terms of Service. Specific hosting region and applicable data-protection regime are disclosed in the DPA on a per-engagement basis.

What does "24/7 monitoring" mean in practice?

Every 24 hours we run an automated sweep across all five sources, indexed against your company keywords (domain, email patterns, project names). Email alert fires within 1 hour (Watch) or 15 minutes (Pro) of detection.

What if you find nothing in the first scan?

Good. But it is important to keep checking — leaks are published every week. Watch subscription pays for itself the first month something appears. Annual contract: –20%.

Can I cancel any time?

Yes. Monthly subscription — cancel before the end of the billing period. Annual — 30-day notice before renewal. No penalties, no hidden terms.

Is this legal advice or an audit?

No. Sycrion Reveal is an information service — it does not replace an audit, legal opinion or the decision of a qualified specialist. We provide evidence and context; final judgement stays with the recipient.

Узнайте, чего не знаете о своей компании.

Один скан — ясная картина. Без договоров, без NDA, без установки.

Scan for free