What Cysvera Scans

External scanning only

Cysvera scans your infrastructure from the outside in, the same way an attacker would. We never require access to your internal network, VPN, or servers. No agents are installed anywhere.

This means we scan what is publicly accessible on the internet from your domains and IP addresses.

Nuclei scans

Nuclei is an open-source vulnerability scanner used by security teams worldwide. Cysvera uses Nuclei to detect:

CVEs: Known vulnerabilities in web servers, frameworks, and applications with assigned CVE identifiers
Misconfigurations: Exposed admin panels, debug endpoints, directory listings, and default credentials
Exposed files: Backup files, configuration files, and sensitive data accessible without authentication
SSL/TLS issues: Weak cipher suites, expired certificates, and protocol vulnerabilities
Web application vulnerabilities: Reflected information, security header misconfigurations, and CORS issues

Every Nuclei finding includes the CVE ID where available, a CVSS score, severity rating, and a plain-English remediation summary.

Nmap scans

Nmap is the industry-standard port scanner. Cysvera uses Nmap to detect:

Open ports: Every TCP port accessible from the internet on your target
Running services: What software is listening on each port and its version where detectable
High-risk services: Telnet, FTP, RDP, database ports, and other services that should not be publicly exposed

Nmap findings are risk-scored based on the port and service type. An open port 3389 (RDP) is flagged as HIGH severity. An open port 443 (HTTPS) is informational.

What we do not scan

Internal network resources not accessible from the internet
Authenticated areas of your application (we scan unauthenticated endpoints only)
Mobile applications
Source code

Scan frequency

On the Starter plan, you can run one scan per week per target. On the Growth plan, you can run daily scans. There is no limit on how many scans you can trigger manually within your plan limits.