FAQ
Common Questions
Everything you need to know about how Panotect works, what we assess, and what you receive.
Prediction is not Provenance. In data and computing, “data provenance” is a growing concern: the record of where a dataset came from, how it was collected, and what’s been done to it. This matters for reproducibility, and increasingly for AI training data. An AI model predicts from patterns – it cannot verify the live state of your DNS, authenticate against real-time threat intelligence feeds, or confirm that a record was probed and found exploitable today. Reliable Email Threat Intelligence requires provenance: a known source, a known method, and a verifiable moment in time. AI inference cannot provide that.
Don’t let the increasingly-sophisticated bad actors inside the perimeter in the first place. AI has eliminated the friction that once slowed attackers down: typos are gone, targeting is automated, and lures are indistinguishable from legitimate correspondence. The perimeter – your public email posture – is now the only layer that operates before a human is tricked. Panotect’s Email Threat Intelligence System Watches. Learns. Updates. Continuously.
Most assessments are completed and delivered within 15 to 30 minutes of submitting your domain. The process is fully automated – there is no manual review queue and no waiting on an analyst. Once your report is ready you receive it immediately.
No. Everything Panotect does is entirely external and non-intrusive. We do not require admin credentials, MX record changes, email gateway access, or any form of agent installation. We assess your domain exactly as an attacker would – from the outside, using only your domain name as the starting point.
We collect only publicly available information – DNS records, email authentication configurations, subdomain data, and routing infrastructure – all of which is already visible to anyone on the internet. We do not access, store, or process any of your internal data, email content, or user information.
The report is delivered to the email address you provide at checkout. It is designed for two audiences: an executive summary that translates findings into quantified business risk for leadership, and a detailed technical breakdown with prioritised remediation guidance for your security or IT team. It can only be shared with anyone within your organization.
Free DMARC checkers test a single record on a single domain and tell you whether it is present or absent. Panotect assesses your entire email attack surface – every subdomain, every sending source, every authentication control – across eight threat categories, cross-referenced against 50+ data repositories and 1 million+ known risk consequences. The output is a scored, graded intelligence report, not a pass/fail DNS lookup. It is the difference between knowing a lock exists and knowing whether your whole building is secure.
Yes. Each report covers one primary domain and all of its discoverable associated subdomains. If you operate multiple primary domains, for example across different brands, regions, or subsidiaries, you can order a separate assessment for each. See our pricing page for multi-domain options.
As many times as you like during the annual subscription term.