What is it
What is it
Cavalry or CAVS for short, is an automated solution which constantly analyses and detects security or vulnerability issues within your organisation's network.
More than just a vulnerability scanner, the Cavalry enhances human operators. This is an automated solution that periodically scans through your infrastructure, both internal and external, empowering operators and reducing the manual efforts required. Finally the system quickly and seamlessly alerts any discovered security threats.
Empowering your teams to stay up-to-date with the latest in cyber security and stay one step ahead.
How does it work?
The scans start with a discovery phase to identify all assets within scope, even ones you may not know about. The scan can run and be altered as often as desired depending on network size and complexity.
Cavalry platform then automatically gathers information about the target network and identifies new systems and potential weaknesses through known vulnerabilities and identification of configuration issues in systems.
Detailed scan reports are then generated. Any vulnerabilities are then analysed and remediation work packages are produced, providing advice to correct the issue if possible. Cavalry results can also be delivered programmatically to other security tools like a SIEM.
The cyber security world is forever changing, with attackers constantly scanning for new weaknesses and ways to penetrate your security infrastructure.
Depending on the size and scale of your organisation, keeping up to date with the latest cyber security threats can become a seemingly impossible task.
Most IT managers have millions of other tasks to do and managing all of your assets manually can be difficult to maintain, is slow and expensive.
How we solve this
Our Cavalry system periodically scans your infrastructure to quickly discover any potential security threats.
Bringing together the best of TLRs knowledge of penetration testing and experience in the software development cycle. Our vulnerability scanners automatically scan your network and alert your security teams to threats.
Saving your team time, money and helping you stay cyber offensive.
Commonly referred to as Attack Surface Management, the Calvary first does the heavy lifting of discovering all assets related to your organisation so you don’t have to.
Automated regular scans guarantee your infrastructure is being reviewed periodically and the process is systematic and therefore accurate.
Powered Up Operators
The Cavalry takes the grunt work out of pen tests and scans, so the security team can focus on solving the real problems.
Manage time effectively
Manage time effectively depending on your organisation's size and infrastructure.
Cost effective security
Much more cost effective than manual pentests. Allowing you to get more insights from your security budget.
No network interruption
All scans automatically run in the background with no interruption to network coverage. So business can run as usual.
Scalable & Modular Deployment
Scanners can easily be scaled up or down depending on your network size or deadlines.
Cavalry finds systems you didn't know existed.
Management Port Discovery
Discovers undesirable public access to management ports.
Default Credentials Detection
Alerts when it can log in using publicly available defaults.
Human and Machine-Readable Reports
These are generated at Manager, SOC Operator and SIEM levels to best fit your organisation.
Works against IPv6 only cloud services.
Web Application Scanning
Uses common pen-testing tools to automatically discover vulnerabilities in web applications.
TLS Validity Checking
Reports on both the validity of TLS certificates as well as the security of specific settings use
Content Security Policy Checking
CAVS assesses the content security policy of your web sites for potential holes.
CAVS reports all CVEs that match the software you have deployed with links to vendor patches.
CAVS can be configured to report only on changes to your systems, alerting you to unexpected new systems and new potential security holes.
Flexible Hosting Options
Optionally self host and retain complete control of your vulnerability data, or use our cloud service for single-click delivery.
What does Cavalry mean?
The name comes from two places. Internally, we call our proprietary system of discovery and vulnerability scanning, “the CAVs” for short or “Continuous Automated Vulnerability Scanning” for long. The second inspiration is from the military unit. As in battle, the Cavalry leads the charge. In the case of our system, we recommend any organisation start their security efforts with a scan from Cavalry to set the tone for their other efforts.
Why Start with Cavalry?
With the Cavalry we can point out what you don’t know about your environment. A scan from Cavalry will quickly uncover tactical security exposures. Perhaps more importantly, they inform strategic, evidence-based security decision making.
How long does a Cavalry Scan take?
We have designed our scans to take approximately one week. The time can run longer for large and complex environments. We know you’re busy, and if you need information more quickly, there are a lot of dials we can turn to meet your deadlines.
What is a “target”?
A target is any single digital asset detected by the Cavalry Discovery System. If you’re doing an external scan that will include internet-facing IP addresses, hostnames, web servers, mail servers, management interfaces, etc.
What is the difference between an internal scan and an external scan?
Internal Scans are focused on the infrastructure behind your firewall. This requires that we install scanners within your network. It can be on your hardware, a virtual machine (VM) or hardware we provision. External Scans target internet-facing systems like web servers. This shows you exactly how you look from the attacker’s perspective.
Become cyber resilient
Get in touch today to see how we can make you more cyber resilient. Empowering you to lead from the font.