CyberProff Skanningspolicy
Last updated: March 2026
Summary: CyberProff performs passive OSINT-based analysis only. No exploitation, no intrusion, and no active vulnerability scanning.
This page describes how CyberProff performs external cyber intelligence analysis and what types of scanning activity the platform performs.
Purpose
CyberProff provides cyber intelligence and exposure insights for Norwegian organizations. The service aggregates publicly available signals and lightweight technical indicators to help organizations understand their external cyber footprint.
CyberProff is designed as an OSINT-based intelligence platform, not as an active penetration testing or vulnerability exploitation service.
Scope of Analysis
CyberProff performs limited, passive, and low-impact analysis of publicly accessible infrastructure.
- DNS configuration (MX, SPF, DMARC)
- Public domain configuration
- Presence of
/.well-known/security.txt - Public company registry information from Brønnøysundregistrene
- Basic infrastructure signals derived from publicly accessible sources
The service focuses on external visibility and cyber hygiene indicators.
Non-Intrusive Operation
CyberProff does not perform intrusive or disruptive security testing.
- vulnerability exploitation
- brute-force authentication attempts
- credential testing
- denial-of-service activity
- network port scanning
- authenticated system probing
- bypass attempts or active security testing
CyberProff relies only on:
- publicly available data
- passive DNS queries
- publicly accessible web resources
All lookups are designed to be low-frequency, safe, and non-disruptive.
Contact
If you have questions about CyberProff scanning behavior or believe your infrastructure has been incorrectly analyzed, please contact:
kontakt-cyberproff [et] proton [dot] me