AWS Partner Network (APN) Blog
Strengthening application security: How Detectify and AWS help enterprises control their attack surface
By: Parascovia Digori, Partner Solutions Architect – AWS
By: Carlos Villalon Herrera, Partner Solutions Architect – AWS
By: Rickard Carlsson, CEO and Co-Founder – Detectify
By: Haris Kabiljagic, Head of Cloud Operations – Detectify
 |
| Detectify |
 |
In an era where attackers identify vulnerabilities within minutes of exposure, static security can’t keep pace. Research shows that over 70% of organizations have experienced a cyberattack starting with the discovery of an unknown or unmanaged asset. As enterprises scale their AWS environments, they need more than just tools; they need a dynamic, community-powered security ecosystem that adapts as quickly as threats emerge. In this post, we explore how Detectify’s AWS-integrated solution provides the continuous visibility required to close these security gaps before they’re exploited.
Detectify, an AWS Advanced Technology Partner, helps security leaders move beyond point-in-time testing toward a resilient, automated posture that matures alongside their business. By combining Surface Monitoring, Application Scanning, and direct integration with AWS, Detectify’s enterprise solution continuously discovers, tests, and secures external assets. Together, Detectify and AWS help security and IT leaders align business growth and security maturity. This collaboration exemplifies the AWS Shared Responsibility Model in action.
The challenge: Visibility in the age of sprawl
Your organization builds for speed. Modern DevOps pipelines, microservices, and distributed teams have accelerated innovation, but they’ve also made it difficult for security teams to maintain visibility into every internet-facing asset. Shadow IT, mergers and acquisitions (M&A) activity, and multi-cloud environments only add complexity.
You now manage thousands of domains and web assets, many of which are created and forgotten during rapid development cycles. Traditional security scanning tools often rely on point-in-time tests, missing newly deployed or misconfigured assets between scans. As a result, you face a growing number of unknown vulnerabilities and blind spots where risk accumulates.
This reality demands a shift from reactive, periodic testing to continuous discovery and monitoring. Your security team can no longer rely on static lists; they need a solution that maps the unknown to establish a foundation of control. This is where Detectify excels, moving beyond basic asset management to provide a continuously updated inventory of internet-facing assets, backed by a global community of ethical security researchers who feed real-world exploit knowledge into the service.
Detectify and AWS: Security that scales with your business
Built on AWS, Detectify’s enterprise platform provides an always-on, automated way to identify and prioritize vulnerabilities across the entire attack surface. The solution combines two powerful components:
- Surface Monitoring: Continuously discovers and classifies internet-facing assets, including unknown domains, shadow IT, and inherited web properties. This provides security teams with a complete, dynamic map of their organization’s attack surface.
- Application Scanning: Goes beyond basic Common Vulnerabilities and Exposures (CVE) matching by using a stateful, payload-based engine to identify complex vulnerabilities such as Server-side Request Forger (SSRF), SQL injection (SQLi), and broken access control. What makes Detectify unique is our community-powered intelligence: we automate the latest findings from an elite group of ethical hackers. This means when a new exploit is discovered in the wild, it’s often turned into a scan check for our customers within hours, providing protection that traditional, database-reliant scanners miss.
Detectify’s architecture benefits from the scale, resilience, and flexibility of AWS infrastructure, which means that enterprises can use Detectify to scan global assets at speed without straining internal systems. Beyond identifying risks, we provide detailed remediation guidance for every finding, helping developers fix issues faster. Integrations with Amazon Route 53 to get DNS attack surface data and partner workflows, such as Jira, Slack, and continuous integration and delivery (CI/CD) pipelines, make it straightforward to embed security directly into existing processes.
See how automated classification turns a list of unknown assets into an organized inventory, with specific recommendations on which high-value applications and APIs require deep scanning.
Figure 1: Detectify Application Scanning recommendations
The result: faster detection, fewer blind spots, and a security posture that confidently scales with business growth.
Customer spotlight: ABC Fitness Solutions
A strong example of Detectify’s enterprise impact is ABC Fitness Solutions, a global leader in fitness software serving over 31,000 gyms and studios across 100 countries and processing nearly USD $11.5 billion in annual payments. Read the full case study to learn more about their security journey.
Like many fast-growing organizations, ABC Fitness expanded through multiple acquisitions, inheriting more than 15 websites and a variety of technology stacks hosted across AWS. Each acquisition brought valuable digital assets but also introduced potential risks: hidden vulnerabilities, outdated technologies, and configuration mismatches. For their security team, gaining visibility across this heterogeneous environment was an essential priority.
To bring order and control to their sprawling digital landscape, ABC Fitness adopted Detectify Enterprise. Quickly, the platform provided a unified view of internet-facing assets, highlighting forgotten domains and technologies in need of consolidation.
Detectify’s Surface Monitoring gave the team a real-time inventory of their external assets, while Application Scanning identified vulnerabilities that posed genuine business risk. Integration with Jira streamlined remediation by automatically converting high-signal vulnerabilities into tickets, so that developers can act without switching tools.
“Using Surface Monitoring identifies what technologies each of our acquisitions has, the versions of those technologies, and if they’re outdated, so we can align as an enterprise.” – Enterprise Security Architect at ABC Fitness
For ABC Fitness, Detectify provided more than visibility, it created a shared language between developers and security teams. Vulnerabilities became actionable tasks, not abstract reports. The result was a faster remediation cycle, stronger compliance readiness, and a consistent global security baseline.
Figure 2: Detectify Surface Monitoring discovery of Domains
How Detectify and AWS help enterprises stay ahead
Detectify operates as a continuous, outside-in security layer. By assuming the perspective of a sophisticated attacker, our platform identifies and tests your AWS-hosted assets from the public internet, exactly as a threat actor would, while using AWS connectors to help ensure no asset is left unmapped. Here’s how the joint approach benefits customers:
- Continuous discovery at cloud scale
Detectify doesn’t just scan; it integrates. By connecting directly to Amazon Route 53 and other AWS services, we ingest your DNS data to build a real-time inventory. This inside-out knowledge combined with outside in scanning helps ensure that even shadow assets or forgotten staging environments are brought under security’s control. - Comprehensive testing, inspired by real threat actors
Detectify’s community of ethical security researchers contributes real-world security issues that are continuously translated into automated tests. This allows the solution to reflect current cyber attacker behavior, using payload-based testing to verify exploitability rather than relying on static databases. - Streamlined remediation and DevSecOps integration
Through integrations with tools like Jira, Slack, and CI/CD pipelines, Detectify enables security findings to reach developers faster. Security becomes an enabler rather than a bottleneck, critical for enterprises adopting DevSecOps models. - Extending visibility with internal scanning agents
While our core strength is the external attack surface, we are expanding the hacker’s view to the private network. By using Detectify’s internal scanning agents, you are able to deploy our elite Dynamic Application Security Testing (DAST) capabilities inside your private VPCs to secure internal-only applications with the same precision as your public ones. - Simplified procurement and deployment through AWS Marketplace
Available on the AWS Marketplace, consumers can use Detectify to subscribe, deploy, and scale security capabilities through existing AWS contracts. This helps enterprise buyers align security procurement with cloud governance and budgeting practices. - Always-on security built on AWS
By running natively on AWS, Detectify benefits from the same reliability, scalability, and compliance standards that enterprises trust in their own AWS environments. Together, AWS and Detectify enable a secure foundation for continuous innovation.
Why it matters for AWS Partners and customers
For AWS Partners, the Detectify story illustrates how collaboration can unlock mutual value: combining AWS’s scale and infrastructure with Detectify’s security expertise to deliver measurable outcomes for joint customers.
For customers, it demonstrates that managing a sprawling attack surface is achievable without adding complexity. By using AWS and Detectify together, organizations gain:
- Full visibility into internet-facing assets
- Continuous vulnerability testing informed by live security research
- Streamlined workflows that accelerate remediation
- A scalable model for managing security across global operations
- In short, enterprises can move faster, without losing sight of what they’re exposing.
Getting started
Detectify’s enterprise security solution is available through AWS Marketplace, offering a streamlined path to deployment. Organizations can begin with a comprehensive attack surface assessment and scale seamlessly to continuous security monitoring, while maintaining integration with their existing AWS infrastructure.
To learn more about how Detectify can help secure your expanding digital footprint, contact us for a security discovery session or schedule a demo.
Detectify – AWS Partner Spotlight
Detectify is an AWS Advanced Technology Partner specializing in automated security solutions that continuously discover and test external attack surfaces. Their solution combines ethical hacker research with automated scanning to help enterprises maintain security confidence at scale.