Malaysian Cybersecurity Technology

Know Your Exposure
Before Attackers Do

RISIQ continuously monitors your attack surface — discovering vulnerabilities, leaked credentials, and security weaknesses across your digital assets. Automated. Actionable. Malaysian-made.

Free Security Scan Explore Features
0 Scanner Modules
Intel Analysis Engine
24/7 Monitoring
PDF Executive Reports
Scroll to explore
CISA KEV Integrated
Enterprise-Grade Encryption
Real-Time Progress Tracking
Intelligence-Driven Insights
Board-Level Reports
Capabilities

Complete Attack Surface Visibility

Six integrated scanner modules work together to give you a comprehensive view of your organization's external security posture.

Vulnerability Detection

Network scanning with NSE scripts identifies CVEs, misconfigurations, and security weaknesses across all your internet-facing assets.

CVE Intelligence EPSS Scoring CISA KEV

Dark Web Intelligence

Monitor leaked credentials, employee email breaches, and plaintext password exposures from global breach databases.

Credential Leak Breach Detection Password Analysis

Code Leak Detection

Scan public repositories for exposed API keys, secrets, database credentials, and sensitive source code references.

GitHub Scan Secret Detection Noise Filter

SSL/TLS Analysis

Comprehensive certificate validation, protocol version checks, cipher suite analysis, and TLS configuration assessment.

Certificate Check Cipher Analysis Protocol Audit

DNS Health Check

Validate DNS configurations, email authentication (SPF, DMARC, DKIM), and detect zone transfer vulnerabilities.

SPF/DMARC DKIM Validation Zone Transfer

Domain Reputation

Multi-source threat intelligence from VirusTotal, AlienVault OTX, and URLhaus to assess domain trustworthiness.

VirusTotal AlienVault OTX URLhaus
Scanner Modules

Deep-Dive Security Assessment

Each module provides detailed findings with risk ratings, implications, and actionable recommendations.

Network Vulnerability Scanner

Automated discovery of live hosts followed by deep Nmap scanning with NSE vulnerability scripts. Results are enriched with:

  • CVE Threat Intelligence — CISA Known Exploited Vulnerabilities, EPSS scoring, and Exploit-DB links
  • IP Reputation — AbuseIPDB integration for flagged IP addresses
  • Active Probing — Nuclei templates verify web exposures and misconfigurations
  • Shodan InternetDB — Passive port discovery for stealth reconnaissance
Critical High Medium Low Info
nmap_scan.py
$ RISIQ Scanner v3.11
[*] Target: example.com.my
[*] Subfinder: discovered 12 hosts
[*] Shodan InternetDB: passive lookup
[✓] Stage 1: Port discovery complete
[!] 3 Critical CVEs detected
[!] EPSS 82.5% — nginx 1.14.1
[*] IP Reputation: checking 12 IPs
[*] Nuclei: verifying exposures...
[✓] Scan complete: 21 findings

Dark Web Intelligence

Searches breach databases for exposed credentials associated with your domains. Intelligent analysis classifies findings by:

  • Account Type Detection — Identifies admin, service, developer, and finance accounts
  • Breach Recency — Recent breaches flagged with urgent remediation timeline
  • Password Analysis — Strength assessment with zxcvbn scoring
  • Risk Multipliers — High-value accounts (admin, VPN) escalate risk automatically
Plaintext Password Hashed Password Email Only
darkweb_search.py
$ RISIQ Dark Web Scanner
[*] Querying: example.com.my
[!] 25 credentials found
[!!] 3 plaintext passwords
[!] [email protected] — Admin
[!] [email protected] — VPN
[*] Breach: 2024 Data Leak
[*] Risk multiplier: 2.0x admin
[✓] Analysis complete

Code Leak Detection

Searches public code repositories and paste sites for exposed secrets, API keys, and sensitive references to your organization.

  • GitHub Code Search — Scans for keywords, API keys, database credentials
  • Smart Noise Filtering — Eliminates false positives from benign public mentions
  • Secret Classification — Identifies private keys, tokens, passwords, and connection strings
  • Multi-keyword Support — Search multiple keywords simultaneously
code_leak.py
$ RISIQ Code Leak Scanner
[*] Keywords: example, example.com.my
[*] GitHub Code Search...
[!] API key found in config.py
[!] DB credentials in .env
[*] Noise filter: 12 → 4 results
[✓] 4 actionable findings

SSL/TLS Certificate Analysis

Comprehensive assessment of SSL/TLS configuration across all discovered subdomains.

  • Active Scanning — testssl.sh for deep protocol and cipher analysis
  • Passive Fallback — crt.sh + openssl for non-intrusive checks
  • 14 Checkpoints — Certificate validity, chain, protocols, ciphers, HSTS
  • Multi-host Coverage — All subdomains assessed individually
domain_ssl.py
$ RISIQ SSL Scanner
[*] Target: example.com.my
[*] Mode: Active (testssl.sh)
[*] Checking 12 subdomains...
[✓] www.example.com.my — Valid
[!] TLS 1.0 still enabled
[!] Cert expires in 14 days
[✓] Scan complete: 5 findings

DNS Health Assessment

Validates DNS infrastructure and email authentication configuration for security and deliverability.

  • MX Record Validation — Mail server configuration and priority
  • Email Auth — SPF, DMARC, DKIM policy verification
  • Zone Transfer Test — Attempts AXFR to detect misconfigured DNS
  • Subdomain Handling — Correctly inherits parent zone records
dns_scan.py
$ RISIQ DNS Scanner
[*] Domain: example.com.my
[✓] MX records: 2 found
[✓] SPF: configured
[!] DMARC: missing
[!] DKIM: not found
[✓] AXFR: properly restricted
[✓] Scan complete: 3 findings

Domain Reputation Monitoring

Multi-source threat intelligence aggregation to assess your domain's trustworthiness across global security databases.

  • VirusTotal — Aggregates 90+ security vendor verdicts
  • AlienVault OTX — Threat pulses, malware families, attack indicators
  • Abuse.ch URLhaus — Known malware distribution URLs
  • Actionable Delisting — Specific vendor contact info for dispute resolution
domain_reputation.py
$ RISIQ Reputation Scanner
[*] Domain: example.com.my
[*] VirusTotal: 0/91 vendors
[✓] Clean — no flags
[*] OTX: checking pulses...
[✓] No threat pulses
[*] URLhaus: no malware URLs
[✓] Reputation: Clean
Process

How RISIQ Works

From domain submission to executive report in four streamlined steps.

01

Submit Your Assets

Register your domains and keywords through the RISIQ dashboard. Our system automatically discovers subdomains and live hosts.

02

Automated Scanning

Six scanner modules execute in parallel across distributed processor nodes. Real-time progress visible on your dashboard.

03

Intelligent Analysis

Results are correlated and intelligently analyzed to generate executive summaries, risk ratings, and prioritized remediation guidance.

04

Report & Remediate

Download professional PDF reports for board-level presentation. Track findings, assign remediation tasks, and rescan to verify fixes.

Platform

Intelligent Dashboard

Multi-role access control lets your entire security team benefit from RISIQ insights.

Multi-Role Access

System Admin, Client Admin, and Basic User roles with granular permissions.

PDF Executive Reports

Board-ready reports with risk overview, methodology, and remediation roadmap.

Real-Time Progress

Watch scans execute with live progress tracking and stage descriptions.

Multi-Domain Management

Manage and monitor multiple domains across your organization from a single dashboard.

Client Admin
Dashboard
Domains
Users
Reports
5Domains
3Critical
12Active Users
Last Scan
corp.example.myCritical1,241 findings
portal.example.myHigh89 findings
api.example.myLow3 findings
About RISIQ

Home-Grown Malaysian
Cybersecurity Technology

RISIQ is developed by ZetVest Sdn Bhd, a Malaysian cybersecurity company based in Petaling Jaya, Selangor. We believe cybersecurity must be built into every organization by design, not as an afterthought.

Our attack surface monitoring platform is designed to make enterprise-grade threat intelligence accessible to organizations of all sizes — from SMEs to government-linked companies.

Cyber Security Enabler Raising the bar in threat detection and data protection beyond traditional security services.
Home-Grown Technology Advanced solutions built locally with deep understanding of the Malaysian threat landscape.
Digital Transformation Enabling organizations to grow their core business while we handle their cyber security posture.
Protection
24/7 Monitoring
Intelligence
Compliance
ZetVest Sdn Bhd Cybersecurity Solutions Petaling Jaya, Selangor, Malaysia

Try a free external scan

Passive DNS and domain reputation check — sample report to your inbox.

Start free scan

Ready to Secure Your
Attack Surface?

Get a comprehensive security assessment of your organization's digital assets. Our team will walk you through the RISIQ platform and demonstrate how it identifies threats across your internet-facing infrastructure.

Request a Demo Visit ZetVest
[email protected]
Petaling Jaya, Selangor, Malaysia