About Moat Watcher

Moat Watcher, operated by Cutaway Security, is a passive external attack-surface (EASM) and OSINT monitoring service built for cooperatives and smaller critical-infrastructure businesses - electric, water, gas/oil, and manufacturing.

What it monitors

How it works

A deterministic engine runs weekly, normalizes and diffs the results against history, risk-tiers the changes, and a narrow AI layer turns each change into a plain-language recommendation grounded in a Cutaway-authored playbook. You receive an emailed report (a human-readable PDF plus machine-readable formats, delivered encrypted) and a login portal. It is passive - no active scanning of third-party infrastructure - human-gated at setup, and autonomous in operation.

Principles

Powered by

Moat Watcher integrates the OSINT sources and tools below. Sources marked with a key tier are bring-your-own-key: you supply the API key (encrypted at rest) on the Scope & keys page, and Moat Watcher only queries your own assets. The others require no key.

Service / toolWhat it addsAPI key
Shodan internet-exposed service discovery API key (paid/free tier)
Netlas exposure and TLS-certificate discovery API key (free tier available)
Have I Been Pwned credential-breach exposure for monitored accounts API key (paid)
NVD - NIST National Vulnerability Database CVE and CVSS vulnerability data free API key
CISA Known Exploited Vulnerabilities (KEV) actively-exploited CVE catalog none needed
dnstwist look-alike / typosquat domain detection none needed
Email authentication (SPF / DKIM / DMARC / MTA-STS) mail-security posture via public DNS none needed

Source names and marks are the property of their respective owners; each is credited on the findings it produces.

Sign in   Contact us →