Vulnerability Scanning

CyberOrigen provides AI-powered vulnerability scanning with intelligent triage and remediation recommendations.

Scan Types

Full Scan

Comprehensive assessment of your target:

Network discovery
Port scanning
Service enumeration
Vulnerability detection
Configuration analysis

Duration: 30-60 minutes depending on scope

Quick Scan

Rapid assessment of critical vulnerabilities:

Top ports (1-1000)
Known CVEs
Critical misconfigurations

Duration: 5-10 minutes

Compliance Scan

Framework-specific security checks:

SOC 2 security requirements
PCI-DSS technical controls
HIPAA security rule
ISO 27001 Annex A controls

Duration: 15-30 minutes

Custom Scan

Configure scan parameters:

Port ranges
Specific checks
Exclusions
Scheduling

Starting a Scan

Via Dashboard

Navigate to Scans → New Scan
Enter target (domain, IP, or CIDR range)
Select scan type
Configure options (optional)
Click Start Scan

Via API

bash

curl -X POST https://api.yourdomain.com/api/v1/scans \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "target": "example.com",
    "scan_type": "full",
    "frameworks": ["soc2", "pci-dss"]
  }'

Scheduled Scans

Set up recurring scans:

Daily
Weekly
Monthly
Custom cron expression

Scan Results

Vulnerability List

Each finding includes:

Field	Description
CVE ID	Common Vulnerabilities and Exposures identifier
Severity	Critical, High, Medium, Low, Info
CVSS Score	0.0 - 10.0 numerical severity
Affected Asset	IP, hostname, or service
Description	What the vulnerability is
Remediation	How to fix it

Severity Distribution

Critical ██████░░░░░░░░░░░░░░  5
High     ████████████░░░░░░░░ 12
Medium   ██████████████████░░ 28
Low      ████████████████████ 45
Info     ██████████░░░░░░░░░░ 15

AI Analysis

CyberOrigen's AI provides:

Prioritization: Which vulnerabilities to fix first
Context: Business impact assessment
Remediation: Step-by-step fix instructions
Verification: How to confirm the fix worked

Compliance Mapping

Vulnerabilities automatically map to compliance requirements:

┌────────────────────────────────────────────────────────────┐
│ CVE-2024-1234: SSL/TLS Weak Cipher                        │
├────────────────────────────────────────────────────────────┤
│ Severity: HIGH (CVSS 7.5)                                  │
│                                                            │
│ Affects Compliance:                                        │
│ • SOC 2 CC6.7 - Encryption in Transit                     │
│ • PCI-DSS 4.1 - Strong Cryptography                       │
│ • ISO 27001 A.10.1.1 - Cryptographic Controls             │
│ • HIPAA 164.312(e)(1) - Transmission Security             │
└────────────────────────────────────────────────────────────┘

Asset Discovery

Scans automatically discover:

Domains and subdomains
IP addresses
Open ports
Running services
SSL certificates
Technologies in use

Asset Inventory

View discovered assets:

bash

GET /api/v1/assets

Response:

json

{
  "items": [
    {
      "id": "asset_123",
      "type": "domain",
      "value": "api.example.com",
      "first_seen": "2025-12-01T10:00:00Z",
      "last_seen": "2025-12-21T14:00:00Z",
      "services": [
        {"port": 443, "service": "https", "version": "nginx/1.24"}
      ]
    }
  ]
}

Integrations

Export Formats

PDF Report
CSV/Excel
JSON (API)
SARIF (Security Analysis Results Interchange Format)

Ticketing Integration

Automatically create tickets for findings:

Jira
GitHub Issues
Peppermint (built-in)
Custom webhook

Notifications

Get notified when scans complete:

Email summary
Slack/Teams webhook
In-app notification

Best Practices

Regular Scanning: Run full scans weekly, quick scans daily
Scope Management: Define clear scan boundaries
Remediation SLAs: Set fix timelines by severity
Trend Analysis: Track vulnerability counts over time
Verify Fixes: Rescan after remediation

Scan Policies

Create policies to enforce standards:

yaml

name: Production Infrastructure
targets:
  - 10.0.0.0/24
  - prod.example.com
schedule: "0 2 * * 0"  # Weekly at 2 AM Sunday
scan_type: full
frameworks:
  - soc2
  - pci-dss
notifications:
  - email: security@example.com
  - slack: "#security-alerts"
thresholds:
  critical: 0  # Fail if any critical found
  high: 5      # Warn if more than 5 high

Troubleshooting

Scan Won't Start

Check target is reachable
Verify scan quota hasn't been exceeded
Ensure target is within allowed scope

Incomplete Results

Target may be blocking scans
Network timeouts
Large target scope

False Positives

Mark as false positive in UI
AI will learn from feedback
Contact support for persistent issues

Vulnerability Scanning ​

Scan Types ​

Full Scan ​

Quick Scan ​

Compliance Scan ​

Custom Scan ​

Starting a Scan ​

Via Dashboard ​

Via API ​

Scheduled Scans ​

Scan Results ​

Vulnerability List ​

Severity Distribution ​

AI Analysis ​

Compliance Mapping ​

Asset Discovery ​

Asset Inventory ​

Integrations ​

Export Formats ​

Ticketing Integration ​

Notifications ​

Best Practices ​

Scan Policies ​

Troubleshooting ​

Scan Won't Start ​

Incomplete Results ​

False Positives ​