Recon Wave is an External Attack Surface Management (EASM) platform positioned as a way to discover and monitor an organization’s exposed assets “from an internet perspective.” Using reverse DNS datasets and other OSINT sources, it automatically discovers root domains, subdomains, IP addresses, and related infrastructure, helping security and IT teams answer the fundamental question: “What exactly do we need to protect?”
In terms of protection coverage, it includes asset discovery, 24/7 continuous monitoring, DNS change detection, open TCP port scanning, vulnerability management, subdomain takeover risk detection, and Dangling VHOST detection. Its port scanning is said to cover ports 0-65535 and can run as frequently as daily. On the vulnerability side, it identifies exposed technologies and combines CVE and EPSS scores to help prioritize remediation. For management and alerting, the platform provides real-time alerts, AI-enhanced explanations, and mitigation steps. It also mentions output via third-party integrations, but does not list specific integrations.
Recon Wave is delivered as SaaS, with no Agent installation, no internal access, and no requirement to share sensitive data. Users only need to provide the organization name and a small number of known domains to begin automated discovery. On compliance, the official website says it can help meet NIS2 and SOC 2-related requirements, mainly through automated asset inventories, change tracking, and exposure visibility. However, it does not disclose whether Recon Wave itself has obtained certifications such as SOC 2. Pricing is fully customized with no fixed plans, based on domains, IPs, and infrastructure complexity. A proposal is usually provided within 24 hours after a demo, and special pricing is available for education, non-profits, and early-stage startups.
Its advantages are a low onboarding barrier, no need for internal connectivity, and a high degree of automation in asset discovery, making it suitable for quickly building visibility into an external attack surface. Customized pricing may also help avoid wasted resources from fixed plans. The downsides are opaque pricing, making costs hard to estimate before procurement; limited information about third-party integrations, payment methods, SLA, and actual compliance certifications. In addition, the product copy mentions both external entry points and internal components while also emphasizing that internal access is not required, so the actual coverage boundary for internal assets should be confirmed during the demo.
Recon Wave is suited to security teams that want to continuously inventory internet-exposed assets, manage open ports and DNS risks, and prepare NIS2/SOC 2 asset inventories—especially organizations with multiple domains, multi-cloud environments, or rapidly growing assets. The official website does not specify access conditions from China, and payment methods are not disclosed. If access, contracting, or local compliance requirements are a concern, teams may also evaluate Cortex Xpanse, Tenable ASM, Rapid7, SecurityScorecard, or domestic attack surface management products as alternatives.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on reconwave.com official site.
reconwave.com is an Unknown Cybersecurity provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach reconwave.com directly.