OSINT monitoring of youroperational footprint.
Point Horizon at any organization and it becomes a live Target: sites, control systems, exposure, and known vulnerabilities, assembled into one picture and kept current. New risks surface as Discoveries, each cited to its source.
What Horizon watches.
Not an IT security score. Horizon builds the operational picture an adversary would assemble, and keeps it current.
Sites and assets
Plants, stations, and reservoirs placed from permits and public facility registries (EPA FRS, SDWIS, ECHO), the operational spine everything else hangs from.
Control technology
PLCs, SCADA, and HMI identified from hiring signals, integrator case studies, and control-portal certificates in Certificate Transparency, tied to the sites that run them.
People and roles
The named leaders and operating roles that make up the human attack surface, corroborated across public sources.
Known vulnerabilities
CVEs on the CISA KEV catalog and ICS advisories matched to the exact technology families in the picture, not a generic scan.
Digital footprint and exposure
Public-facing portals and subdomains, expired certificates, mail-security gaps, and look-alike domains, surfaced from Certificate Transparency and public DNS.
Suppliers, hazards, and events
Supply-chain dependencies, natural-hazard exposure, and breach or advisory events that touch the sector, monitored over time.
See a live Horizon dossier.
A full, working target dossier for a fictional utility, Cascadia Water Cooperative: the map, the posture read, recent developments, key facts, and the evidence behind every item. Opens full-screen.
How it works.
Point Horizon at an entity
A vendor, a peer, an acquisition target, or your own organization. No agents to install and nothing to touch on their network.
It becomes a live Target
Horizon assembles the external picture — sites, technology, people, suppliers, and exposure — into one labeled, filterable model.
Discoveries surface as things change
New vulnerabilities, exposures, and events arrive as Discoveries, each banded confirmed or worth a look so you know what to act on.
Every finding cites its source
Open any item to its evidence: the dataset, the passage, and the date. The picture is built to be forwarded, not just believed.
Powered by.
Horizon reads only what is already public, and runs the sources for you. No keys to manage, no agents, and nothing touched on the target’s network. Every finding is credited to the source it came from.
Source names and marks are the property of their respective owners; each is credited on the findings it produces.
Built to be forwarded.
A Horizon picture is only useful if it holds up. So every item shows its confidence and cites where it came from.
Passive and public-source
Horizon reads what is already observable in the open. It does not scan, probe, or touch a target’s systems.
Graded for trust
Every item carries a band — Regulator-confirmed, High-confidence, Corroborated, or Single-source — so confidence is on the face of it.
A critical-infrastructure lens
Horizon reads the operational picture — sites, control systems, and the risk to service — not just an IT security score.
Watch your first entity today.
Horizon is $169/mo and runs on Lodestar, which is free. Point it at anyone, and see what the outside world already can.