Inventory of the institution's digital presence
Starting from the root domain, CSURFACE maps portals, applications, APIs, and cloud environments across the entire organization — including what the official inventory does not register.
HEALTH
Operators, hospitals, and laboratories hold some of the most sensitive data that exist and depend on interconnected systems and partners to operate. CSURFACE discovers and continuously monitors the entire external attack surface of these organizations from the attacker's perspective.
THE CONTEXT
The healthcare sector handles sensitive personal information of patients—categories that the LGPD, under Article 11, subject to enhanced protection and whose exposure has severe consequences. Insurers and health plans comply with ANS regulations, and telemedicine follows CFM Resolution No. 2.314/2022. The operation depends on a web of interconnected systems: patient portals, telemedicine platforms, electronic medical records, integrations with laboratories and insurers. Each point in this web is a door in the external attack surface.
The blind spots accumulate: test environments that became accessible, old unit portals that remained active, legacy systems published without security knowledge, and reliance on suppliers processing clinical data. The official inventory covers only a fraction of this. An attacker enumerates the rest.
HOW CSURFACE HELPS
The platform discovers, categorizes, and prioritizes external exposure — with the context an organization in the healthcare sector needs to act.
Starting from the root domain, CSURFACE maps portals, applications, APIs, and cloud environments across the entire organization — including what the official inventory does not register.
Patient portals, telemedicine platforms, and internet-exposed applications are identified and continuously monitored as they change.
The order of treatment weighs observed exploitation and how much the asset touches patient data — clinical systems and portals with PII rise to the top before others.
Integrations with laboratories, insurance providers, and system suppliers are included in the same inventory, with an auditable trail of each finding — objective basis to support compliance with LGPD in handling sensitive health data and meeting ANS requirements.
| Asset | Type | Data |
|---|---|---|
| portal-paciente.exemplo.com.br | Patient portal | sensitive data |
| telemedicina.exemplo.com | Telemedicine | sensitive data |
| api-convenio.exemplo.com.br | Insurance integration | high |
| agendamento.exemplo.com.br | Scheduling | public |
Assets that custodiate patient data are highlighted — supporting the protection required by LGPD and ANS.
FREQUENTLY ASKED QUESTIONS
No. The discovery is entirely external and identifies assets exposed on the internet from the root domain, without accessing content, internal systems, or clinical databases.
Platforms and applications with an internet presence — including telemedicine portals and clinical system interfaces — are within the scope of discovery and continuous monitoring.
Yes. The platform maintains an auditable trail of each asset, finding, and change on the external surface — objective material to demonstrate diligence in handling sensitive health-related personal data under Article 11 of the LGPD, and for ANS security requirements applicable to operators and insurers.
Enter the domain of your organization and receive a preliminary analysis of your external exposure. No card, no meeting.
Receive preliminary analysis