Product
Exposure Monitoring
Continuous alerting on credentials and identities tied to your verified domains. Breach data, stealer logs, and combolists in one stream.
What you get
- Verified domains. Add a domain and prove ownership. From that point on, any credential matching the domain (and on Business+ tiers, its subdomains) is tracked.
- Identity-level alerts. Each exposed email becomes a row in
exposureAlertswith severity, source, and a recommended next step. - Stealer log integration. Same dataset across every paid tier. Higher tiers unlock weaponizable context (session cookie + browser fingerprint) for response.
- Webhook fanout. Send alerts to email, Slack, PagerDuty, or any custom HTTPS endpoint (Business+).
Add your first domain
1
Go to Dashboard → Domains and click Add domain.
2
Enter the apex domain (for example example.com). LeakJar generates a verification token.
3
Add the token as a DNS TXT record at _leakjar-verify.example.com, or upload the verification file to https://example.com/.well-known/leakjar-verify.txt.
4
Click Verify. Once verified, scans begin within the tier’s freshness SLA.
Tier differences at a glance
See the full matrix on the Exposure Monitoring pricing page. Key differences:
- Domains and identities — 1/250 → 3/2,500 → 10/25,000 → unlimited.
- Freshness SLA— ≤72h on Team, ≤24h on Business, ~1h on Scale, real-time push on Enterprise.
- API access— Read-only on Business, full read/write on Scale, bulk export on Enterprise.
- Weaponizable context — Session cookie and browser fingerprint surfaced from Scale onward.
Next steps
- Configure webhooks to route alerts into your incident tooling.
- Billing & overage if you need to understand quotas and how Stripe charges work.
- Compare tiers to pick a plan.