Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
GRAVITY.NET positions itself as “Agentic Perimeter Assessments”: an autonomous-intelligence-based service for external perimeter and attack surface assessment. According to the site copy, it uses large language models, graph analysis, and adaptive playbooks to continuously assess an organization’s external attack surface with AI, aiming to identify risks before attackers exploit them. It covers cloud, hybrid, and edge environments, and is primarily aimed at security, compliance, and infrastructure teams.
In terms of protection category, GRAVITY is closer to external attack surface management and attack surface validation than to traditional endpoint protection or firewalls. Its Autonomous Recon can map external assets, identify shadow infrastructure, and prioritize exposed surfaces. Attack Surface Validation uses LLM-guided playbooks to verify misconfigurations and credential leaks, then generates reproducible evidence packages. On the management side, it emphasizes executive risk briefings, technical remediation tickets, attack path visualization, and downstream validation tracking, addressing both board/CISO-level perspectives and the execution needs of frontline security teams.
The site does not clearly state whether the offering is SaaS, self-hosted, or delivered purely as a consulting engagement. However, terms such as “platform,” “engagement,” and recurring operation cycles suggest it is more like a platformized service. For compliance, GRAVITY does not disclose its own security certifications, but it can map findings to NIST CSF, SOC 2, and DORA to help accelerate compliance evidence gathering. Integration details are limited: it only mentions generating technical tickets and downstream validation tracking, without specifying support for Jira, ServiceNow, SIEM, SOAR, or cloud account API integrations.
Pricing is not publicly disclosed. Known delivery models include Continuous Coverage, which runs monthly or weekly and adapts as infrastructure changes; Campaign Readiness, intended for major product launches or pre-audit compliance preparation; and Incident Response Support, used for rapid perimeter scanning after a security incident. As a result, procurement will likely require booking a briefing and receiving a customized quote.
The main strengths are its focus on continuous attack surface assessment, LLM-based contextual analysis, autonomous validation, and actionable deliverables, which may help reduce noise and drive remediation through to closure. The drawbacks are the limited public information available: pricing, SLA, data residency, customer references, human review mechanisms, false-positive rates, and specific integrations are all undisclosed. GRAVITY is best suited to mid-sized and large organizations with fast-changing external assets, compliance preparation needs, or a desire to present exposure risk clearly to management.
The site does not provide information about access from China, payment methods, or local service availability, so real-world connectivity and procurement feasibility should be tested further and are currently unknown. If use in China is restricted, organizations may consider local attack surface management, vulnerability management, or cloud security vendors. International alternatives include Cortex Xpanse, Microsoft Defender EASM, Mandiant ASM, Rapid7, Tenable ASM, and others.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on gravity.net official site.
gravity.net is an United States Security provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach gravity.net directly.