Welcome to Veriti Spottr Documentation
Veriti Spottr helps organizations assess, monitor, and improve cybersecurity posture with scans, surveys, scoring, and reporting.
Vulnerability Scanning
Automated scans to identify risks across your external footprint.
CyberScore
Quantifies posture over time with clear, comparable scoring.
Security Surveys
Assess controls aligned to security frameworks and best practices.
Reports & Analytics
Executive briefs and detailed artifacts for stakeholders.
Key Capabilities
- On-demand scanning & risk insights across your external exposure
- Industry benchmarking to compare posture against peers
- Framework alignment to support governance and audits
- Role-based access for admins, operators, and stakeholders
Getting Started
Follow these steps to get up and running quickly.
Step 1: Create Your Account
- Register and verify your email
- Enter company details (name, domain, industry)
- Invite teammates (optional)
Step 2: Complete Company Profile
- Company size (employees)
- Industry (NAICS selection for benchmarking)
- Primary domain for scanning
- Security contact for critical notifications
Step 3: Run Your First Scan
- Go to the Scan page
- Enter your domain (e.g., example.com)
- Start scan and review results on the dashboard
Step 4: Complete Surveys
- Open Surveys
- Answer questions based on current practices
- Submit to update your CyberScore
Security Features
Core capabilities that power Veriti Spottr.
🔍 Automated Vulnerability Scanning
- Port scanning for exposed services
- Web application testing aligned to common risk categories
- SSL/TLS analysis for certificate and configuration issues
- DNS security checks for SPF/DMARC/DKIM signals
- Header analysis for modern hardening posture
📊 CyberScore
Score ranges (example):
90–100: Excellent 80–89: Good 70–79: Fair Below 70: Needs Improvement
🎯 Framework Alignment
- Identify – inventory, risk assessment
- Protect – access control, data security, training
- Detect – monitoring and detection
- Respond – incident response readiness
- Recover – resilience and recovery planning
Score Calculations
A quick explainer of how your score is derived.
Overall CyberScore Formula
Time-Decay Factor
- 0–30 days – 100% weight
- 31–60 days – 90% weight
- 61–90 days – 75% weight
- 90+ days – 50% weight (refresh recommended)
Vulnerability Scans
Automated scanning to identify external vulnerabilities and security issues.
Scan Types
| Type | Duration | Coverage |
|---|---|---|
| Quick Scan | 5–10 minutes | Ports, SSL, basic web checks |
| Comprehensive | 20–30 minutes | Expanded checks and deeper analysis |
Severity Labels
- Critical immediate action recommended
- High patch quickly
- Medium address within standard cycle
- Low informational / best practice
Security Surveys
Assess your program across key security domains.
Survey Categories
- Governance & Risk
- Asset Management
- Compliance & Audit
- Access Control
- Data Security & Encryption
- Awareness & Training
- Physical Security
- Security Monitoring
- Incident Response
- Business Continuity
Response Options
| Response | Meaning | Impact |
|---|---|---|
| Yes | Fully implemented | Full points |
| Partial | Partially implemented | 50% points |
| No | Not implemented | 0 points |
| N/A | Not applicable | Excluded |
Reports & Analytics
Generate stakeholder-ready outputs and track trends.
Report Types
- Executive Brief
- CyberScore Summary
- Vulnerability Findings
- Compliance / Framework Gaps
- Benchmark Comparison
Company Management
Keep your organization profile current for the best results.
Company Profile
- Basic information and domain(s)
- Industry (NAICS) selection
- Security contact details
- Organization description
User Roles & Permissions
Roles determine what each user can view and do.
Administrator
- Manage users and settings
- Run/schedule scans
- Access all reports and history
Standard User
- Run scans on approved domains
- Complete surveys
- Generate standard reports
Read-Only User
- View dashboards, results, and reports
- No configuration changes
Frequently Asked Questions
Common questions about using Veriti Spottr.
How often should I run scans?
Monthly is a good baseline. Run after major changes and more frequently for higher-risk environments.
Is my data secure?
- Encryption in transit (TLS)
- Encryption at rest (AES-256)
- Role-based access controls
- Audit logging of access
Troubleshooting
Common issues and suggested fixes.
Scan Failed or Timed Out
- Confirm the domain is reachable
- Check firewall/WAF blocks
- Retry after a few minutes
- Contact support for scanner IPs if you need allowlisting