Does Recon replace a security expert?

No. Recon automates the first‑pass mapping, validation, and report assembly so senior security experts can focus on judgment, remediation, and client strategy. Experts still review, interpret, and sign off.

What does Recon return?

A structured report covering attack paths, validated findings, evidence capture, severity and priority, remediation guidance, and an executive summary suitable for clients and operators.

Recon goes beyond scanning. It maps the external surface, validates exposures, chains findings into attack paths, captures evidence, and assembles a client‑ready report — so teams ship validated findings, not generic scanner noise.

Find real attack pathsbefore attackers do.

Legba Recon maps your external attack surface, validates real exposures, and turns the results into a client‑ready security report in minutes.

See sample report

SPEED

Minutes

not weeks

First‑pass recon under an hour.

PROOF

Validated

not scanner noise

Every finding is probed, not just enumerated.

SCALE

Portfolio

or one target

Run one assessment or a hundred.

From target to validated report.

Legba Recon handles the first‑pass work: mapping the surface, probing exposures, chaining findings, and assembling evidence for expert review.

01MAP

Map the surface

Legba identifies domains, subdomains, exposed services, login portals, APIs, and public‑facing assets.

02VALIDATE

Validate what matters

It tests findings, filters noise, and prioritizes exposures based on real exploitability.

03REPORT

Return the report

Your team gets attack paths, evidence, severity, and remediation guidance in a format ready for review.

What goes in. What comes out.

Hand Recon a target. Get back a structured assessment your team can review, edit, and send.

Three-stage Recon pipeline: external surface map at the top, a network of locked nodes traced by a red dashed validation route in the middle, and a structured report on a red-trimmed base at the bottom. — Recon pipeline · 3 stages

INExternal surface

Root domain
Subdomains, exposed services
Login portals, admin consoles, APIs
Public cloud assets and storage

OUTValidated report

Attack paths across exposed assets
Validated findings with evidence
Severity and prioritization
Remediation guidance
Executive summary

> WHY_TEAMS_RUN_IT

Built to clear the work, not replace the judgment.

Less manual recon

Automate the repetitive mapping, probing, and evidence‑gathering work that slows down assessments.

Fewer false alarms

Prioritize validated exposures instead of dumping another noisy scanner report on the team.

More assessment capacity

Run more targets, serve more clients, and scale security work without adding headcount linearly.

Cleaner client deliverables

Generate structured findings, attack paths, evidence, severity, and remediation steps.

Human review stays intact

Experts still review, interpret, and sign off. Legba accelerates the work before judgment is applied.

Built for repeatable workflows

Use it across one‑off assessments, recurring scans, portfolio reviews, and pre‑engagement recon.

> WHO_IT_HELPS

Your experts stop burning hours on first‑pass recon.

Legba handles the repetitive mapping, probing, chaining, and report assembly so senior security talent can focus on judgment, remediation, and client strategy.

01External asset discovery
02Exposure validation
03Attack path mapping
04Evidence capture
05Severity and prioritization
06Report assembly
→Expert review handoff

01External asset discovery

02Exposure validation

03Attack path mapping

04Evidence capture

05Severity and prioritization

06Report assembly

Expert review handoff

> THE_REPORT

What Legba returns.

A structured security assessment your team can review, edit, and send.

legba recon — scoped runlog

session a3f1

target loaded
external surface mapped
exposed services identified
login portal detected
misconfiguration validated
attack path assembled
evidence captured
severity assigned
remediation drafted
report ready for reviewready

elapsed

08m 14s

findings

validated

[01]

Attack paths

How exposed assets and weaknesses connect into real risk.

[02]

Validated findings

Confirmed exposures with supporting evidence, not generic scanner output.

[03]

Evidence capture

Screenshots, request and response detail, affected assets, and reproduction notes where applicable.

[04]

Severity and priority

Clear ranking so teams know what to fix first.

[05]

Remediation guidance

Plain‑English next steps for closing the exposure.

[06]

Executive summary

A readable overview for clients, operators, and non‑technical stakeholders.

// WHAT LEGBA DOES

Automates first‑pass external recon.
Validates exposed risks where scoped.
Maps attack paths.
Produces structured findings and evidence.
Helps teams move faster across many targets.

// WHAT LEGBA DOES NOT DO

It does not replace senior security judgment.
It does not remove the need for authorization and scope.
It does not replace formal compliance sign‑off by itself.
It does not fix issues without human remediation.
It does not turn scanner output into truth without review.

Legba does not replace the expert. It removes the repetitive work before the expert steps in.

Related surfaces

Recon is one Legba surface, not the whole engine.

Recon is the assessment-automation surface inside the broader Legba family. Use the related pages below to evaluate browser isolation, isolated agent execution, and the research that supports the engine.

Chrome plugin01

Browser isolation for everyday workflows

Same disposable browser engine, shipped as a Chrome extension for individual users and teams who want isolation without changing how they browse.

Explore

OpenClaw02

Run autonomous AI agents in an isolated sandbox

Evaluate coding agents in a one‑click cloud environment that has zero access to your real machine and is destroyed on close.

Explore

Research03

Read the engine and isolation explainers

Browser isolation, AI security, and threat explainers that support the commercial product story with practical detail.

Explore

Your agent needs its Legba.

Read the docs