Continuous Automated Vulnerability Scanning (CAVS)

CAVS continuously analyses and detects security issues and vulnerabilities within your organisation's network.

Cavalry Icon

What is it

What is it

CAVS for short, is an automated solution which constantly analyses and detects security or vulnerability issues within your organisation's network.

More than just a vulnerability scanner, CAVS enhances human operators. This is an automated solution that periodically scans through your infrastructure, both internal and external, empowering operators and reducing the manual efforts required. Finally the system quickly and seamlessly alerts on any discovered security threats.

Empowering your teams to stay up-to-date with the latest in cyber security and stay one step ahead.

Some wires in a server

How does it work?



The scans start with a discovery phase to identify all assets within scope, even ones you may not know about. The scan can run and be altered as often as desired depending on network size and complexity.



The CAVS platform then automatically gathers information about the target network and identifies new systems and potential weaknesses through known vulnerabilities and identification of configuration issues in systems.



Detailed scan reports are then generated. Any vulnerabilities are then analysed and remediation work packages are produced, providing advice to correct the issue if possible. CAVS results can also be delivered programmatically to other security tools like a SIEM.

The problem

The cyber security world is forever changing, with attackers constantly scanning for new weaknesses and ways to penetrate your security infrastructure.

Depending on the size and scale of your organisation, keeping up to date with the latest cyber security threats can become a seemingly impossible task.

Most IT managers have millions of other tasks to do and managing all of your assets manually can be difficult to maintain, and is slow and expensive.

How we solve this

Our CAVS system periodically scans your infrastructure to quickly discover any potential security threats.

TLR's penetration testers and software developers came together to build a system that automatically scans your network using the same tools and techniques as a manual pentest, alerting your security teams to vulnerabilities far faster than we could by hand.

Saving your team time, money and helping you stay cyber offensive.


Asset Discovery

Commonly referred to as Attack Surface Management, CAVS first does the heavy lifting of discovering all assets related to your organisation so you don’t have to.

Greater Confidence

Automated regular scans guarantee your infrastructure is being reviewed periodically and the process is systematic and therefore accurate.

Powered Up Operators

CAVS takes the grunt work out of pentests and scans, so the security team can focus on solving the real problems.

Manage time effectively

Manage time effectively depending on your organisation's size and infrastructure.

Cost effective security

Much more cost effective than manual pentests. Allowing you to get more insights from your security budget.

No network interruption

All scans automatically run in the background with no interruption to network coverage. Your business can run as usual.


Scalable & Modular Deployment

Scanners can easily be scaled up or down depending on your network size or deadlines.

Host Enumeration

CAVS finds systems you didn't know existed.

Management Port Discovery

Discovers undesirable public access to management ports.

Default Credentials Detection

Alerts when it can log in using publicly available defaults.

Human and Machine-Readable Reports

These are generated at Manager, SOC Operator and SIEM levels to best fit your organisation.

IPv6 Support

Works against IPv6 only cloud services.

Web Application Scanning

Uses common pen-testing tools to automatically discover vulnerabilities in web applications.

TLS Validity Checking

Reports on both the validity of TLS certificates as well as the security of specific settings use.

Content Security Policy Checking

CAVS assesses the content security policy of your web sites for potential holes.

Vulnerability Discovery

CAVS reports all CVEs that match the software you have deployed with links to vendor patches.

Delta Reporting

CAVS can be configured to report only on changes to your systems, alerting you to unexpected new systems and new potential security holes.

Flexible Hosting Options

Optionally self host and retain complete control of your vulnerability data, or use our cloud service for single-click delivery.


  • Why start with CAVS?

    With CAVS we can point out what you don’t know about your environment. A scan from CAVS will quickly uncover tactical security exposures. Perhaps more importantly, they inform strategic, evidence-based security decision making.

  • How long does a CAVS scan take?

    We have designed our scans to take approximately one week. The time can run longer for large and complex environments. We know you’re busy, and if you need information more quickly, there are a lot of dials we can turn to meet your deadlines.

  • What is a “target”?

    A target is any single digital asset detected by the CAVS discovery system. If you’re doing an external scan that will include internet-facing IP addresses, hostnames, web servers, mail servers, management interfaces, etc.

  • What is the difference between an internal scan and an external scan?

    Internal scans are focused on the infrastructure behind your firewall. This requires that we install scanners within your network. It can be on your hardware, a virtual machine (VM) or hardware we provision. External scans target internet-facing systems like web servers. This shows you exactly how you look from the attacker’s perspective.

Become cyber resilient

Get in touch today to see how we can make you more cyber resilient. Empowering you to lead from the font.

Get in touch