SecureSky Technology Adds "Information Leakage Investigation" as Standard to Attack Surface Assessment Service

SecureSky Technology Inc. (Headquarters: Chiyoda-ku, Tokyo; Representative Director: Gen Ohki; hereinafter "SecureSky"), which provides vulnerability assessment and cloud-based WAF to realize secure websites, will add "Information Leakage Investigation" as a standard survey item to its "Attack Surface Assessment Service," which investigates potential attack paths and methods that attackers may use for intrusion. This new service will be available starting April 1, 2026 (Wednesday).

With the addition of this survey item, the scope of investigation will be expanded to include information leakage related to companies and organizations from the internet and the dark web, in addition to the conventional investigation of potential attack paths and methods that attackers may use for intrusion, thereby supporting more effective security measures.

● Background With the acceleration of digital transformation (DX), the risk of cyberattacks targeting corporate websites is increasing. Zero-day attacks, ransomware, and unauthorized access exploiting leaked credentials are also on the rise. In this context, it is crucial to understand and manage the attack surface and proactively address potential intrusion paths, as attackers aim to identify "gaps" in defenses. Meanwhile, in recent years, cases of leaked credentials and internal information published or circulated on the internet and dark web being exploited in attacks have also increased, making it increasingly important to understand risks stemming from externally exposed or circulated information. SecureSky, addressing these challenges, will provide this service, which includes expert investigation and reporting, and will continue to support continuous risk assessment and effective security measures.

● About the "Information Leakage Investigation" Item This investigation item targets external information sources, including the internet and the dark web, to determine the presence or absence of leaked credentials and confidential information related to companies and organizations.

Investigation Item | Report Content ---|--- **Credential Leakage Investigation** | Leaked credential information (such as IDs and passwords) from external web services, SaaS, SNS, etc., used by employees. **Device Leakage Investigation** | Leaked credential information (such as IDs, passwords, and cookies stored in web browsers) from malware-infected devices. **File/Document Leakage Investigation** | Information on files and documents (such as images, office documents, and PDFs) related to companies and organizations published on the internet and the dark web.

● Service Details and Pricing To understand the needs for information leakage risk and promote its utilization, the "Information Leakage Investigation" will be provided as a standard feature (at no additional cost) with the Attack Surface Assessment Service until December 31, 2026. For 2027 and beyond, it is planned to be offered as a paid option, with the final offering format to be determined based on market needs.

**Information Leakage Investigation (Provided in 2026)**

Offering Format (2026) | **Standard inclusion with Attack Surface Assessment Service (Basic fee: 600,000 JPY (excl. tax)) (No additional cost)** ---|--- | *Planned to be offered as a paid option from 2027 onwards.* Number of Reports | Up to 50 items per investigation category.

*The standard number of reports for each investigation item is up to 50. If detailed disclosure of 51 or more items is required, an additional fee of 300,000 JPY (excl. tax) will be incurred for every 3,000 items per investigation category.

● About the Attack Surface Assessment Service Experts analyze IT assets accessible from the internet and information spread externally from an attacker's perspective. The service visualizes and evaluates risks, and investigates potential initial access methods and paths that attackers may use.

Service Details: https://www.securesky-tech.com/service/asa/

--- **[SecureSky Technology Inc. Company Profile]**

SecureSky Technology Inc. is a specialized Web application security company established in 2006, rooted in the desire to "make the internet safe." We provide comprehensive Web security services to protect website safety, focusing on education and support services for secure design and development, vulnerability assessment, cloud-based WAF "Scutum," and domestic EASM service "Dredger," across various development and operation phases.

Company Name: SecureSky Technology Inc. Headquarters: PMO Kanda Iwamotocho II 10F, 2-2-4 Iwamotocho, Chiyoda-ku, Tokyo Established: March 2006 Representative: Gen Ohki, Representative Director Business Activities: Security services specializing in Web applications ・Vulnerability assessment services ・Security education and support services ・Cloud-based WAF services ・EASM (ASM) services ・Other security consulting URL: https://www.securesky-tech.com/

**[Contact Information]** SecureSky Technology Inc. Public Relations: Chiyoko Okura E-mail: pr@securesky-tech.com TEL: 050-5445-8822