What is Pentest-as-a-Service?
Pentest-as-a-Service digitizes pentest workflows, replacing manual communication and reports with digital workflows. It means real-time results, live communication with clients, and findings as tickets. It also means standardized costs with a credit payment system and a delivery model in our secure cloud platform. No more email, no more 30+ page reports, just modern digital dashboards and tickets that make resolving vulnerabilities as easy as possible.
How is the platform secured?
Cyver Core is fully secured, regularly pentested, and regularly backed up. We maintain SOC2 compliant infrastructure, as verified by external auditors. All user data is stored redundantly and automatically backed up inside Microsoft Azure architecture, with fully redundant server architecture and network connectivity. We take security seriously, and you can see a full list of our security practices in our security policy.
When I onboard clients to Cyver Core, do they stay my customers?
Some pentest-as-a-service platforms function as pentest corporations in their own right and hire pentesters as part of their platform. When you onboard a customer, it’s the platform’s customer. Cyver Core doesn’t work like that. Cyver Core is a tool. When you onboard customers, they stay your customer and they never interact with Cyver Core. It’s your business, powered by Cyver Core.
How does Cyver Core automate my workflow?
Cyver Core utilizes standardized workflows to automatically progress projects based on pre-defined parameters and settings. You set up project templates and Cyver Core automatically performs workflows inside those, to move the project from one stage to the next, to create Findings tickets from imported data, to notify stakeholders, and to schedule the next pentest. Click our features to learn more.
How Can I Promote my Brand with Cyver Core?
When you onboard with Cyver Core, you essentially add a digital layer between you and the client. At the same time, Cyver Core is fully white label. When you onboard your clients to our platform, they see your branding and brand name. You can also fully customize reports, project templates, and other digital assets. Your clients, your brand, powered by Cyver Core. You get to market your business as selling Cyver Core’s capabilities, just like you would if you were using Nessus or Burp.
How can I learn more about Cyver Core?
Cyver Core offers a free trial. We also have an extensive demo to help you decide if the platform is right for you. Onboarding your team to Cyver Core’s platform will mean considerable investment and commitment, so it’s important to make sure you set up correctly to get the most out of your trial. That’s why we offer 30 days of free trial. However, you should be serious about implementation before taking the time to set up processes, project templates, and report templates in the platform.
Can I Use My Own Pentest Tools?
Cyver Core is not a pentesting tool, it does not replace your pentesting tools or handle any aspects of pentesting. Instead, it’s a pentest project management and delivery tool. Cyver Core integrates your existing tools like Burp, Nessus, NMap, and OpenVas to automatically import findings and build ticket and report deliverables for clients. Your pentesters continue to do work in the tools they know and love. Check our integrations here.
How Does Implementation Work?
Onboarding to Cyver Core is a lot like onboarding to any other digital work management tool. You create user accounts, link tooling, and set your preferences and templates. Implementing a new digital tool is always about how your teams adapt. On the one hand, Cyver Core is simple, easy to use, and designed to be intuitive. On the other, moving to new, digital workflows will take time. Chances are, you’ll take a few pentests to get used to using the system, unless your pentesters are already ready to adapt.
Does Cyver Core Offer Support During/After Onboarding?
Cyver Core offers full support and documentation throughout your relationship with our company. The platform is designed for ease of use, so we hope you won’t need help with onboarding. At the same time, we know it’s always useful to have. That’s why you can always call to get a hands-on demonstration, walkthrough, and help with your implementation.
How Do I Deliver Work with Cyver Core?
Cyver Core imports work data from tools like Nessus and Burp and automatically generates findings tickets and work data. The pentester managing the uploads can go through the created tickets, make notes, add comments, or upload more files as needed, and then click publish to automatically send those tickets to the client. You or the client can generate a findings report using real-time work data at any point in time. Everything stays in our secure cloud, where clients can log in to access it in real time.
What does Pentest-as-a-Service mean for clients?
We believe the pentest market is rapidly shifting away from clients who want once-a-year pentests for audit purposes and towards digital organizations that want and need to remain secure. Companies are more often integrating pentests and security into agile development cycles, using pentesting as a means of improving and fixing pentests, and ensuring that everything is secure before they go live. Cyver Core allows you to deliver work in real-time, so developers can immediately see and act on findings, collaborate with pentesters to resolve findings, and request retesting to ensure things are fixed. Essentially, you offer more value to digital companies while simplifying deliverables and improving customer service.