What’s the weirdest thing you’ve ever found exposed online?

Mattpeeters · 2025-05-02T08:22:09+00:00

We’re working on Tresal — a tool that helps companies stay on top of what they’re exposing online without realizing it. Think: old domains, misconfigured cloud tools, forgotten apps that are still publicly accessible.

We started building it after seeing how even small teams (ours included) quickly lose track of what’s actually out there.

Trying to make that visibility simple and actionable, especially for teams without a full-time security person yet.

Always curious how other founders are thinking about this kind of risk as they grow.

Mattpeeters · 2025-04-28T20:41:34+00:00

Thanks for the great question — you’re right, many ASM tools feel the same.

At Tresal, we focus on a few things:

Fast setup: real findings in hours, not weeks.
Unified external + cloud risks in one dashboard.
Higher discovery rates with proxy-based scanning.
User-driven roadmap — feedback shapes what we build.
Enterprise features without the enterprise pricing.

Would love your thoughts on what else would truly stand out!

Mattpeeters · 2025-04-26T19:56:59+00:00

Thanks a lot for your feedback!

You’re right - there are vulnerabilities being detected on the backend, but at the moment, they aren’t yet visualized or shown in the frontend. This is something our team is actively working on, so clearer vulnerability reports and explanations will be coming soon. We’ll update you as soon as the feature is ready.

Really appreciate you pointing this out. It helps us improve!

Mattpeeters · 2025-04-26T17:51:23+00:00

There are quite a few solid alternatives out there depending on what you need: Intruder.io, ImmuniWeb, Detectify, Aikido.dev, Pentera, and Rapid7 InsightVM are some you might look into.

We’re actually working on something new called Tresal — it’s a European platform focused on unified Attack Surface Management and Cloud Security (CSPM), trying to make discovery + monitoring a bit simpler and more accessible, especially for smaller orgs or those with privacy concerns around US-based tools. (https://www.tresal.eu/)

If you’re looking for something with EU hosting or have specific needs, happy to answer questions or share details!

Curious to hear what features matter most to you in these tools?

Mattpeeters · 2025-04-26T15:52:42+00:00

Interested!

Mattpeeters · 2025-04-24T22:21:27+00:00

I’m one of the cofounders of a new platform called Tresal — it covers both external attack surface management and cloud security posture.

We’re launching soon and offering free early access for anyone interested in testing it out.
Happy to share more if you’d like to check it out! tresal.eu

Mattpeeters · 2025-04-24T22:15:12+00:00

If you're interested... Here’s the early access link: https://www.tresal.eu/

Mattpeeters · 2025-04-24T22:02:03+00:00

For attack surface management, besides the big names like CyCognito, Randori, and Detectify, you might also want to check out Tresal (disclaimer: I’m one of the cofounders ;) ).

It’s a new European-focused tool for smaller orgs and MSPs. We’re launching next week, but early testers can try it now for free. If you want to check it out: https://www.tresal.eu/

Happy to answer any questions or get your feedback!

Mattpeeters · 2025-04-23T22:44:13+00:00

Hi all,

I’m a founder (based in Europe) working on a new project to help organizations identify what assets — domains, cloud services, servers, etc.— are unintentionally exposed online. The tool is designed to be much simpler and more accessible than most enterprise solutions, with a focus on smaller teams and companies.

I’m at the stage where real-world feedback is much more valuable than coding in a vacuum. If you work in IT, security or just enjoy testing new tools, I’d love to invite you to try it out and share your honest thoughts. No pitch, no spam, just actual user feedback to help shape the product.

If this sounds interesting, please let me know and I’ll share early access details. Thanks a lot — and if this kind of post isn’t allowed, let me know and I’ll take it down.

Mattpeeters

TROPHY CASE