Platform module

External Footprint Monitoring

External footprint monitoring means keeping the public technical records around your domains under review: SSL, DNS, RDAP/domain expiry, and email authentication. CertPilot checks those public signals and turns changes, expiry risk, and missing records into evidence your team can review.

Start free 14-day trial See sample reports

What CertPilot checks

The checks are intentionally focused on public data sources. That keeps setup simple and avoids turning a governance evidence tool into a privileged scanner.

SSL and TLS

Certificate expiry, issuer, and validity are checked from the public TLS handshake. This helps catch certificates that are close to expiry or already invalid.

DNS records

CertPilot tracks public A, AAAA, MX, NS, TXT, and CAA records and highlights DNS drift when records change between checks.

RDAP/domain expiry

Domain registration data is read through public RDAP where available, including expiry dates and registrar context.

Email authentication

Public MX, SPF, DMARC, MTA-STS, TLS-RPT, and BIMI records are checked where applicable so email-authentication evidence sits with the rest of the domain record.

For the exact data-source boundaries, read the CertPilot methodology.

Why public-data-only matters

Public checks answer a narrow operational question: what can an outside party see about the domains your team is responsible for? That is enough to catch many governance problems without asking for sensitive access.

Typical evidence examples

SSL certificate expires in 14 days and needs an owner.
DMARC exists, but the domain is still at a monitoring-only policy.
MX or TXT records changed since the last check.
RDAP shows a domain renewal window that should be reviewed.

Reports this feeds

External footprint data is not just an alert stream. It becomes report evidence for the people who need to understand what changed and what needs action.

Domain Health sample Monthly Proof sample Weekly Governance sample

What this module does not do

CertPilot stays on the evidence side of the line. It checks public records and produces findings; it does not become a scanner or monitoring agent.

No uptime monitoring or response-time monitoring.
No vulnerability scanning, penetration testing, or exploit detection.
No credentialed scanning, agents, registrar login, DNS provider API keys, or website admin access.
No reading private pages, email bodies, documents, chats, AI prompts, or AI responses.

Related platform pages

Renewals & Vendor Register People & Accounts Assets Register Evidence Reports Access Reviews

External footprint FAQ

What is external footprint monitoring?

External footprint monitoring is the recurring review of public-facing technical records, including SSL certificates, DNS records, domain registration data, and public email-authentication records.

Why does public-data-only monitoring matter?

Public-data-only monitoring keeps the evidence narrow and easy to explain. CertPilot can show what it checked without asking for registrar credentials, DNS provider keys, website admin access, or private employee data.

What email authentication records does CertPilot check?

CertPilot checks public records used for MX, SPF, DMARC, MTA-STS, TLS-RPT, and BIMI where those records are applicable to the domain.

Does CertPilot scan websites for vulnerabilities?

No. CertPilot reads public technical records and TLS handshake data. It is not a vulnerability scanner, penetration test, uptime monitor, or page-speed tool.

What reports use external footprint data?

External footprint checks feed the Domain Health Report, Monthly Proof Report, and on-demand Weekly Governance Report.