Total Scans
Exposure Dashboard
Threat Exposure Platform
Continuous external attack surface monitoring and vulnerability management.
or
In Progress
0
Tracked Exposures
0
Last Exposure Seen
-
Pentest Readiness Score
0/100
New Exposure (24h)
0
Critical Still Open
0
Asset Drift (7d)
0
Key Stages of the CTEM Framework
1
Scoping
Defining the critical attack surfaces, business assets, and risk appetite.
Awaiting scope
2
Discovery
Identifying assets, vulnerabilities, and misconfigurations across the organization.
Idle
3
Prioritization
Ranking risks based on exploitability and business impact, not only severity.
Idle
4
Validation
Testing controls to confirm threats are actionable and defenses work.
Monitoring
5
Mobilization
Executing remediation, patching, or compensating controls.
Ready
Start Scan
Use IPv4/IPv6, CIDR, domains, or URLs. Private ranges are accepted for Internal, Internal Advanced, and Ransomware scans.
Balanced
Low catches more potential vulnerabilities. High keeps only strongly validated findings after QA/mitigation filtering.
Balanced depth for broad vulnerability coverage.
Discovery: light reconnaissance to identify externally visible services and quick exposure indicators.
Host Discovery: focuses on host reachability and infrastructure-level visibility checks.
System Discovery: collects deeper service and system details for expanded verification context.
Base: baseline vulnerability checks with moderate depth and lower runtime overhead.
Full and Fast: strongest coverage profile for broad, production-style advanced assessment.
Split a large Internal Advanced scan into multiple OpenVAS tasks. Off by default.
Both engines provide maximum coverage. Nuclei-only is faster for quick re-checks. OpenVAS-only runs authenticated deep assessment.
Scan Progress
0%Awaiting scan.
Discovery Metrics
Donut
Open Ports: 0
Port Discovery
No data
Bars
Internal Edge Readiness
UnknownChecking internal edge readiness...
Readiness Checks Waiting for status…
Recent Alerts
0| Type | Title | Created |
|---|
Recent Scans
0Click a scan row to schedule recurring runs, export, or remove it.
| Name | Status | Progress | Scheduled | Last Exposure |
|---|
Recent validation and spot-check activity for scan findings.
| Source Scan | Status | Validated | Updated |
|---|
Latest Vulnerabilities
Click a finding to view evidence details and screenshots.
| Title | Severity | CVSS | Discovered |
|---|
Attack Flow
Automated path candidates from internet entry to affected hosts and findings.
Scan Management
Scan Telemetry
Validation Launch
Select a successful scan from the last 15 days to seed validation. Only non-informational findings are included.
Choose a scan to review validation candidates.
| Finding | Severity | CVSS | Count |
|---|
User Preferences
Background Globe Animation
Show rotating globe map behind the dashboard.
Globe on All Pages
Show the rotating globe background on Edge Defense, OT Security, Ransomware, and other pages.
Geo Mark Targets
Mark geolocated scan targets as pulsating dots on the globe.
Entry Fade Transition
Show a branded fade transition before entering the platform.
Tile Transparency
Adjust tile opacity across the dashboard.
100%
Intelligent Processing
When enabled for a scan type, the LLM standardizes finding language for the UI and exported reports while preserving raw evidence.
Deploy Internal Edge Scanner
Use these steps to deploy sev0-edge in a client internal environment. The edge scanner should run outbound-only to your SeV0 platform.
Edge defense packet telemetry uses host networking and raw socket capture on Linux for reliable ping sweep / scan detection.
Easy Install is the primary path. Manual Install stays available as a fallback.
Edge Settings
Optional for sensor-only deployments. Recommended for bridge deployments so the exposed network scope is explicit.
Only needed for bridge-oriented deployments that should connect back to a central gateway.
When enabled, edge detections can generate “Honeypot hit detected” alerts.
Quick Start (No Manual .env Editing)
Run the command directly on a Linux edge VM. It installs and starts sev0-edge without manual env edits.
No active one-time enrollment bundle.
Manual Install Fallback
Use this only if the easy installer cannot be used in the client environment.
Step 1: Create a deployment folder and download templates.
Step 2: Optional metadata.
Step 3: Generate a signed token if you are using the manual path.
Token is tenant-scoped and required for authenticity verification.
Step 4: Edit .env and set your edge identity + token.
Step 5: Pull and start the edge container.
Step 6: Verify the edge scanner is healthy.
Recommended image: ghcr.io/severityzero/sev0-edge:latest
Local source-build is available only as a fallback. The default install path should pull the published edge image.
Edge Status
Review tenant-scoped internal edges and incomplete enrollments, then remove or revoke them as needed.
Finding Details
Evidence
Tool Output
Prioritization Flow
Prioritization converts discovery output into a risk-ranked action queue.
1. Discovery Intake
Collect findings from scans and validate signal quality.
→
2. Exploitability Context
Evaluate severity, exposure, and attack preconditions.
→
3. Business Impact Weighting
Apply asset criticality and service impact factors.
→
4. Ranked Remediation Queue
Produce execution order for fix/mitigate decisions.
Mobilization Guidance
No remediation guidance available.
| Host | Title | Severity | Guidance |
|---|
Discovery Attack Path Map
No attack path candidates available.