Cyver Core
Cyver Core is a pentest reporting and management platform designed to streamline the entire penetration testing workflow. The platform supports the complete pentest journey from scoping to remediation through five key phases: 1. Scoping: Collects asset information and helps create quotes and statements of work 2. Testing: Enables direct uploads from pentest tools, provides findings libraries, and offers checklists and benchmarks 3. Reporting: Automates report generation with customizable templates 4. Delivery: Facilitates sharing findings through a white-labeled client portal 5. Retesting & Remediation: Tracks vulnerability remediation and supports recurring pentests The platform includes several core features to help security teams manage penetration testing operations: - Streamlined reporting with tool integrations and content libraries - Vulnerability management with reusable findings across projects - Checklists and benchmarks for compliance controls - Audit and compliance mapping for standards like OWASP Top 10 and PCI-DSS - Project and team management capabilities - Dashboards and insights for vulnerability analysis - White-labeled client portal for secure collaboration - Vulnerability scanning for continuous assessments - API and integrations with common pentest tools Cyver Core supports integration with various security testing tools and allows security consultants and pentest service providers to maintain their own branding through white-labeling options. The platform aims to reduce manual work in pentest reporting and improve client communication throughout the security testing process.
FEATURES
Pentest Reporting
Findings Libraries
Import from External Tools
Continuous Assessments
Workflows
White-label Client Portal
Retesting Workflows
Dashboards and Insights
Integrations and API
Collaboration
ALTERNATIVES
A standardized framework for describing and classifying cybersecurity incidents
A proof of concept for using the SSM Agent in Fargate for incident response
Incident response and digital forensics tool for transforming data sources and logs into graphs.
Incident response and case management solution for efficient incident response and management.
Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.
A collaborative and open-source incident response platform for sharing observables among analysts.
CrowdStrike Falcon Orchestrator is a Windows-based application for workflow automation and security response.
A collection of Cyber Incident Response Playbook Battle Cards (PBC) for combating cyber threats and attacks, following a prescriptive approach inspired by CERT Societe Generale's IRM.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.