Skip to main content
U.S. flag

An official website of the United States government

Understand your infrastructure.

Crossfeed lets you monitor and discover your public-facing infrastructure, as well as bring better visibility to vulnerabilities.

Learn more

About Crossfeed

Crossfeed is a tool that continuously enumerates and monitors an organization’s public-facing attack surface in order to discover assets and flag potential security flaws. By operating in either passive or active scanning modes, Crossfeed collects data from a variety of open source tools and data feeds to provide actionable information about organization assets. Crossfeed is offered as a self-service portal and allows customers to view reports and customize scans performed.

Crossfeed is a collaboration between the Cybersecurity and Infrastructure Security Agency and the Defense Digital Service.

Alt text

Analyze your entire inventory of public-facing sites.

Users only have to give Crossfeed a root domain, and it will discover related assets that they may not have been aware of before. Crossfeed can discover all related subdomains and help users understand when certain websites or webpages were unintentionally exposed.

Alt text

Manage and triage your vulnerabilities.

Users can view detailed information about CVEs on the Vulnerabilities page, as well as mark vulnerabilities identified by Crossfeed with different statuses, such as “False Positive” or “Remediated.”

Alt text

Control automated scans on your assets.

Users can view a list of which scans were performed on their assets and enable or disable certain scans at any time. Additionally, all Internet traffic from Crossfeed to customers’ assets are clearly marked and identifiable as so.

Alt text

View an “at-a-glance” dashboard for a risk summary overview.

Users have access to a “Risk Summary” dashboard that has graphs / charts to highlight the most important vulnerabilities and assets to focus on.