Skip to main content
Most teams start here

You can't secure what you can't see.

Agentless discovery that maps your entire certificate estate, scores every endpoint, and shows you exactly what's broken.

Start with Scout Back to Hub
01 // Capabilities

What Scout does

Six capabilities that take you from blind to informed – without installing agents on a single server.

Discover every certificate

Map certificates across cloud, on-prem, containers, and edge. No blind spots, no agents required.

Detect 9 vulnerability classes

Protocol attacks, cipher weaknesses, key issues, and trust failures – categorised and prioritised by real-world impact.

Blast radius analysis

See what breaks when one certificate fails. Shared keys and reused certificates create hidden dependencies – Scout maps them.

[cyphrs] Score

Quantified security posture per endpoint. Protocol version, cipher strength, chain integrity, key exchange – one number per service.

Remediation profiles

Guided fixes for every finding – not just alerts. Step-by-step remediation for cipher config, protocol versions, and chain issues.

Continuous monitoring

Change detection between scans. Know when certificates rotate, configurations drift, or new endpoints appear.

02 // Discovery Flow

How it works

Five stages from unknown to verified. Each scan builds on the last.

Scan

Discover every TLS endpoint across your infrastructure

Classify

Categorise by vulnerability class, severity, and trust type

Score

Generate a [cyphrs] Score per endpoint

Remediate

Guided fixes for every finding, not just alerts

Rescan

Verify fixes landed and watch the Score climb

03 // Vulnerability Detection

9 vulnerability classes

Across protocol, cipher, key, and trust layers. Each finding includes severity, impact, and a guided fix.

Protocol Attacks
POODLE Critical

SSL 3.0 Padding Oracle

Exploits CBC padding validation to decrypt data byte-by-byte after protocol downgrade.

No Forward Secrecy Critical

Retrospective Decryption

Key compromise decrypts all previously recorded traffic. Past sessions are never safe.

RC4 Bias Critical

Statistical Plaintext Leakage

Biased keystream output leaks plaintext over time through passive traffic collection.

Infrastructure Attacks
DROWN High

Cross-Protocol Decryption

SSLv2 weaknesses decrypt modern TLS when private keys are reused across servers.

Logjam High

Weak Diffie-Hellman

Export-grade DH parameters allow precomputed attacks to break forward secrecy.

Weak RSA Key High

Factorable Key Length

Keys below 2048 bits can be factored. Full decryption and impersonation.

Trust Issues
Vulnerable TLS Library Critical

Implementation Flaw

Known library flaws expose private keys and memory. Correct config can't save you.

Certificate Reuse High

Shared Key Exposure

One compromised endpoint exposes all systems sharing the same key.

No Revocation Checking Medium

Persistent Trust

Compromised certificates continue to be trusted. Impersonation persists indefinitely.

04 // The Score

The [cyphrs] Score

Protocol version, cipher strength, chain integrity, key exchange – distilled into one number per endpoint. Generated inside the Hub. Never leaves your infrastructure.

Score Tiers
950–1000
Exceptional
800–949
Strong
600–799
Fair
400–599
Poor
0–399
Critical

Score. Remediate. Rescan.

Every finding has a fix. Every fix gets verified. Your Score reflects reality – not a one-off audit.

1

Score

Deep TLS scan – protocol, ciphers, chain, vulnerabilities. Get your baseline.

2

Remediate

Actionable fixes for every finding – not just what's wrong, but how to fix it.

3

Rescan

Verify the fix landed. Watch the Score climb. Continuous – not a one-off audit.

05 // Use Cases

Where teams start

Initial estate audit

"What do we actually have?"

Most teams don't know how many certificates they have, where they are, or who manages them. Scout gives you a complete inventory in minutes – across cloud, on-prem, and edge.

Compliance readiness

SOC 2, ISO 27001, PCI-DSS

Auditors want evidence. Scout provides continuous posture data – cipher strength, protocol versions, chain integrity, and remediation history per endpoint.

Ongoing posture monitoring

Security team visibility

Certificates rotate. Configurations drift. New endpoints appear. Scout detects changes between scans and alerts on posture degradation before it becomes an incident.

06 // Integration

Part of [cyphrs] Hub

Scout is the entry point. Discovery feeds classification, classification feeds automation.

Trust CA

Scout discovers which endpoints use internal trust. Trust CA issues and manages their certificates – no more self-signed workarounds.

ACME ARI

Scout identifies public endpoints approaching renewal. ACME ARI automates their certificate lifecycle – renewal, deployment, and verification.

Scout → Hub

Every finding flows into the Hub dashboard. Scout reports vulnerabilities, receives remediation profiles, and manages deployment to endpoints automatically.

Start with Scout

Most teams begin here. Discover your certificate estate, understand your risk, then decide what to automate. Early access is free.

Start with Scout Explore Hub