Features

A Complete Pentest Management Platform

Scoping

No more Scope creep

Take control of pentest projects and management with asset management, clearly defined pentest goals, and methodology worked directly into the Statement of Work so projects stay on budget, on time, and in scope. 

Asset Management

Upload assets and access management and link these as targets into pentest projects, so scope and target are fully defined before work starts. 

Customer Portal

Onboard stakeholders to the client portal, so everyone can see work, methodology, assets, & timelines, with direct communication to pentesters. 

Quotes & Credits

Generate quotes to request signature for pentests and scope changes. Plus, with credits, allow stakeholders to pay for pentests and changes right away. 

Statement of Work

Deliver clear Statements of Work complete with full pentest scope and get sign-off on work to be completed before starting the pentest. 

Checklists & Benchmarks

Structure your Testing Methodology

Gain real pentest oversight & insight with team and task management tooling. Cyver Core’s pentest management platform enables accountability and transparency across projects.

Benchmarks

Map findings to controls like CIS Benchmarks, SANS Top 25, or ISO27001 complete with pass/fail ratings to help clients stay secure. 

Workflows

Build custom workflows based on how your team pentests, to deliver traceability, and predictability to your team and your clients.

Pentest Checklists

Deliver accountability and save time with customizable pentest checklists for OWASP Top 10, OWASP Testing Guide, ASVS & more.

Task Assignment

Assign & schedule work, request reviews, and collaborate on pentesting & pentest reporting no matter the size of your team(s).

Vulnerability Management

Your tools, Your work, in one place

Integrate your tools, content, and vulnerability libraries, automatically import from tooling, and deliver every finding as a ticket with remediation and long-term tracking. 

Vulnerability Libraries

Import and build vulnerability libraries to automatically populate new findings with data, so you re-use writeups and expertise again and again. 

Upload Files

Upload files directly from tools like Burp, Nessus, Qualys, & more, batch import, or automate with API and merge new imports with existing library content.

GenAI Copilot

Automatically generate vulnerability writeups and reccomendations based on industry best practices with our GenAI copilot, edit, and publish in a few clicks. 

API & Custom Files

Automate imports, project creation, and vulnerability ticketing with our API. Or, talk to us about your custom tooling for integration and file import. 

Streamline Pentest Reporting

Hassle-free report generation

Auto-populate reports with project data, import vulnerability libraries and canned content, and use GenAI to streamline summaries and writeups. We do the repetitive work so you can stick to pentesting. 

Markdown Editor

Seamlessly customize pentest reports and templates with a markdown editor and CSS to quickly make changes, add custom styling, and get the look and feel you want. 

Dynamic Tokens

Autopopulate reports with vulnerabilities, project data, and pre-canned content using tokens as placeholders in report templates to automatically pull data. 

Content Libraries

Pull content and sections from your libraries to quickly build dynamic reports for even complex pentests & red teaming – customized to every test. 

Report Templates

Build report templates, sections, and content, and complete with your own branding, and seamlessly generate pentest reports based on those templates. 

Delivery & Retesting

Strengthen the bond with your clients

Deliver more than just the report with a full suite of client-facing tools designed for collaboration, remediation, and project management – for full visibility of vulnerability findings, trends, and fixes.

Retesting

Deliver vulnerability level and project level retesting so clients can track fixes, resolve vulnerabilities, and stay both secure and audit ready. 

Collaborative Pentest Processes

Deliver secure in-app communication, vulnerability findings as tickets, and workflow management to put client teams in control.

Remediation

Deliver vulnerability management, complete with remediation and reoccurrence tracking so clients have insight into their vulnerability profile. 

White-Label Portal

Brand Cyver Core’s URL, client portal, reports, and templates to deliver improved customer experience under your own brand with our white-label portal. 

Planning & Collaboration

Stay in control of projects & teams

Gain real pentest oversight & insight with team and task management tooling. Cyver Core’s pentest management platform enables accountability and transparency across projects.

Real-time Notifications

Update stakeholders in real-time as project status changes, tasks become available, & clients make requests.

In-app Communication

Offer a better experience with real-time, in-app communication, so you never have to share data over email.

Planning & Availability

Automatically assign tasks to relevant roles and start pentests with full oversight of who’s responsible and why.

Role Management

Build teams and assign roles to automate project setup and offer stakeholder collaboration as a standard.

Cut manual work on pentest reporting without sacrificing control & customization 

Vulnerability Scanning

Automate Scans & Continuous Assessments

Streamline vulnerability scanning and assessments with a full suite of tools to automate and manage scans and their results including an integrated scanner in your Cyver Core Portal. 

Magnifying glass over web page icon

Integrated Scanner

Leverage integrated scanners like reNgine to offer PTaaS, DAST, and attack surface management, or bring your own tooling.

continuous icon

Continuous Projects

Create project templates and automatically run them again and again so you don’t have to spend more time on scans than you have to. 
Page icon

Continuous Reporting

Automatically generate reports from scan data, map vulnerabilities to your library, and add templates or custom report sections.

two gears icon

Vulnerability Management

Automatically add data to findings, merge results between scans, and count instances so scan data helps clients stay secure.

Hosting & Deployment

Compliant & Secured Hosting

Cyver Core offers a standard multi-tenant hosting in the Azure cloud as part of our base plan. Cyver Core also offers solutions for organizations with more specific or custom security and deployment needs. We’re also fully SOC2 compliant, so your and your customer’s data stays secure. 

Deployment Region

Choose a deployment region in the EU, US, or UK to meet compliance or regulatory requirements.

Icon of a computer in Cyver.io

Data Isolation

Get full database and storage isolation to protect your or customer data & meet regulatory requirements.

 

two gears icon

Full App Isolation

Fully isolate your Cyver Core app in deployment with a separate webapp, database, and storage.

Toolbox icon

Private Hosting

Maximize security with private hosting on a SOC2 compliant stack in an Azure region of your choice. 

API & Integrations

Easy to Connect

Integrate your toolkit, extend Cyver Core functionality, and seamlessly pull data into one central platform with our API and integrations. 

Link External Tooling

Link project management tooling and seamlessly integrate data across your tooling with either a custom connection or one of our integrations.

Icon of a computer in Cyver.io

Vulnerability Connectors

Link your tooling to automatically import vulnerability findings, libraries, descriptions, & more so everything is right where you need it.

two gears icon

Full API Extensibility

Need custom push data? Our REST API allows you to connect to any tooling or sources you like, so everything shows up in your portal. 

Toolbox icon

Events and WebHooks

Set up events and webhooks for project management, pentesting, scanners, & more, so your tooling automatically updates as you work. 

Cut manual work on pentest reporting without sacrificing control & customization 

Cyver Features list - full features
 product brochure 

Download the full feature list & product tour

Download our Product Tour Brochure to see features, benefits, and Cyver Core’s offerings in a shareable and printable PDF format.

Improved customer experience

A work management platform
for pentesters

Get fully-secure pentest management and collaboration in the cloud, complete with a responsive UI and integrated support portal. We’ve thought of everything so you don’t have to. It's not Asana or Jira, it's made for pentest professionals.

Multi-language

Deliver reports, dashboards, portal access, and content in a language that makes sense for you and your clients. Cyver Core offers full multi-language support, so your dashboards and content are delivered in ways that work for your business.

Cloud Access

Digitize pentest deliverables with a cloud interface between you and the client. Cyver Core delivers cloud access for you and your end-clients, so pentest management, communication, and deliverables are as accessible as possible.
Page icon

API

Connect Cyver Core to the apps and tools that drive your firm, with full API access. Import data from tools, export tickets to client work platforms, and integrate tooling directly into Cyver Core's process so you get more from our platform.

Responsive UI

Get complete freedom to access, share, and manage data across devices, with a fully responsive UI. Cyver Core adapts to your device, whether you’re accessing findings, uploading files, or generating & viewing reports or dashboards.

Support Portal

Cyver Core is designed to be as intuitive and user friendly as possible and that means having a support portal built in. We offer full documentation, user guides, and end-user guides, so you don’t have to.

Security

Share project details, communication, and findings in a SOC2 compliant environment. Cyver Core encrypts traffic, access, and data storage, with 2-factor authentication for portal logins, to ensure you stay safe. See our security standards.

Any questions?

We're here to help

What is a Pentest Management Platform?

Pentest Management Platforms like Cyver Core digitize pentest workflows, replacing manual communication and reports with digital workflows. It means real-time results, live communication with clients, and findings as tickets. Plus, we offer automated pentest reporting, complete with integrations for tools like Burp Suite, Nessus, NMap, & more. Our goal is to help pentesters save time (70-85% of time spent on every report), reduce overhead hours for pentest management, and deliver pentest-as-a-service to clients.

How is Cyver Core Secured?

Cyver Core is fully secured, regularly pentested, and regularly backed up. We maintain SOC2 compliant infrastructure, as verified by external auditors. All user data is stored redundantly and automatically backed up inside Microsoft Azure architecture, with fully redundant server architecture and network connectivity. We take security seriously, and you can see a full list of our security practices in our security policy.

Will My Clients See I Use Cyver Core?

No! Cyver Core is fully white label. When you onboard your clients to our platform, they see your branding and brand name. You can also fully customize reports, project templates, and other digital assets. Your clients, your brand, your digital privacy, powered by Cyver Core.

How Does Cyver Core Automate Workflows?

Cyver Core utilizes standardized workflows to automatically progress projects based on pre-defined parameters and settings. You set up project templates and Cyver Core automatically performs workflows inside those, to move the project from one stage to the next, to create Findings tickets from imported data, to notify stakeholders, and to schedule the next pentest. In addition, Cyver Core uses automation and Smart features to auto-fill tickets, to create projects, and to generate reports, so you have to do the minimum manual work possible. Visit our features page to learn more.