Many of Cyver Core’s users deliver pentest-as-a-service to our clients. That often involves stacking scans, pentests, and even code review together to offer comprehensive and ongoing security. To enable that, Cyver Core offers tool integrations as well as an API to allow you to seamlessly upload results from scans to projects. With the API and webhooks, you can automatically share scanner results to the portal and then update that status in your own tooling.
In addition, with our Continuous Assessments project type, you can run the same scan again and again, with results uploaded to the same place, and seamless tracking of results over time, remediation, re-occurrences, time-to-fix, and more. Perfect for helping you manage the client’s security profile over the long-term.
Still, we wanted to make it even easier. That’s why we offer an integrated scanner, so you can schedule and run scans directly inside the platform, without needing external tooling.
What Can You Do with Cyver’s Integrated Scanner
Cyver Core uses reNgine as our basic integrated scanner. Once you have the Add-on in your dashboard, you can use it to run full reNgine scans directly inside the Cyver platform.
That means you can:
- Set up scan projects with Continuous Assessments and run reoccurring scans automatically
- Schedule scans and have them run automatically on a recurring basis or at every date selected (E.g., Every Wednesday or on Friday the 12th of March)
- Automatically load findings from the scan into the portal, map to vulnerability library data, and (if desired) publish to the project
Essentially, you can fully automate the scanner process to deliver DAST, SAST, and PTaaS, without having to use external tooling or having to set up an API. With everything happening automatically, you can be as hands-on as you want by stepping in to check findings results and descriptions or add remediation tips where you’d like, or allow everything to run fully automated as part of your service to the client.
Introducing reNgine
Cyver Core uses the reNgine 2.0 scanner as our basic integrated scanner. This open-source tool offers a solid
- Subscans and parallel scanning to immediately start scanning new vulnerabilities, subdomains, etc., without waiting for your primary scan to finish
- Continuous monitoring capabilities
- LLM-powered attack-surface generation
- Preconfigured YAML-based scan engines for full scan, passive scan, screenshot gathering, OSINT scans, and more
- Nuclei/WHOIS and WAF Detection vulnerability scans
Essentially, it’s a powerful, open-source scanner and it’s directly integrated into Cyver Core. See more here.
Would you like to see more? Request a demo to get started!