Continuous Security
Automated, scheduled vulnerability scanning across infrastructure, applications and cloud — consolidated in Sentry so you always know what to fix next.
Continuous vulnerability management is the practice of automatically and repeatedly scanning an organisation's technology estate to identify known vulnerabilities — rather than relying on periodic assessments that may only run once or twice a year.
Sentry CVM is Blackfoot's managed continuous vulnerability management service. It delivers automated, scheduled scanning across external infrastructure, internal infrastructure, web applications and APIs, and cloud platforms, with all findings consolidated in the Sentry platform for real-time visibility, remediation tracking, and compliance reporting.
The service exists to close the exposure gap that inevitably opens between penetration tests and annual assessments. Technology environments change constantly — new vulnerabilities are disclosed daily, misconfigurations are introduced through routine changes, and cloud environments drift from their intended state. Sentry CVM surfaces these risks as they emerge, enabling organisations to act before attackers do.
It is particularly relevant to organisations with compliance obligations under ISO 27001, PCI DSS, or Cyber Essentials, those with cyber insurance requirements for scanning evidence, and any organisation running a complex, multi-domain estate.
You subscribe per estate, so you only pay for the coverage you need. External infrastructure scanning assesses internet-facing IPs and hostnames for exposed services, open ports, known CVEs, SSL/TLS issues, and authentication weaknesses. Internal infrastructure scanning — via a scanner or agents deployed in your network — checks patch status, CVEs, Active Directory weaknesses, and misconfigurations. Web application and API scanning covers the OWASP Top 10 across REST, GraphQL, and SOAP, with authenticated scanning available. Cloud scanning assesses Microsoft Azure, Microsoft 365, AWS, Google Cloud, and Oracle Cloud configurations against CIS benchmarks — IAM, storage exposure, network security, logging, and encryption — using read-only API access with no agents required.
Blackfoot is CREST-accredited, and Sentry CVM is delivered by the same team that runs our penetration testing practice — practitioners, not tool operators, which shows in the quality of false-positive review and remediation guidance. Because Sentry also underpins our penetration testing engagements, you get one consolidated view across continuous scanning and point-in-time assessment.
Know about new vulnerabilities in days, not at the next annual assessment.
Audit-ready records for ISO 27001, PCI DSS Requirement 11, and Cyber Essentials.
External, internal, application, and cloud scanning unified in one Sentry subscription.
Blackfoot manages the tooling, ingestion, and false-positive review; your team focuses on remediation.
IAM, storage exposure, network security, and logging assessed against CIS benchmarks across the major clouds.
Trend analysis in Sentry shows how your posture changes over time — new, persisting, and remediated findings.
Over weeks one to four we confirm your asset inventory, agree scan domains and cadence, and provision your Sentry access. Internal scanning means deploying a scanner in your network; cloud scanning uses read-only API access with no agents. Onboarding concludes with your first scan and a guided walkthrough.
Monthly scans run automatically across your subscribed domains, with weekly or continuous scanning available as an add-on for high-risk assets.
Results appear in Sentry on completion, enriched with contextual severity, confidence, and remediation guidance. Blackfoot manages the infrastructure, ingestion, false-positive review, and support.
Sentry gives you trend analysis, remediation tracking, secure messaging, and compliance-aligned reports, with a quarterly check-in to review progress.
Straight answers to what prospective clients ask us most.
A penetration test is a point-in-time, expert-led engagement in which a consultant manually attempts to exploit vulnerabilities to assess the real-world impact of a breach. Sentry CVM is an automated, continuous scanning service that identifies known vulnerabilities across your estate every month. The two services are complementary: penetration testing provides depth and exploitation validation once or twice a year; Sentry CVM provides breadth and continuous visibility in between.
The default cadence is monthly scanning across all registered assets. Increased scan frequency — weekly or continuous — is available as an add-on for high-risk assets or where more frequent evidence is required.
Microsoft Azure, Microsoft 365, AWS, GCP, and Oracle Cloud Infrastructure. Cloud scanning uses read-only API access — no agents or network connectivity to your cloud environment is required.
Every finding is AI-enriched with a confidence assessment, contextually re-ranked severity, and practical remediation guidance, and displayed within Sentry alongside the affected assets. Trend analysis shows which findings are new, persisting, or remediated since the previous scan.
Yes. Compliance-aligned reports within Sentry cover ISO 27001 Annex A vulnerability management, PCI DSS Requirement 11, and Cyber Essentials patch management controls. Maintained continuously, exportable as audit evidence.
No. It does not perform manual exploitation, assess business logic flaws, or validate real-world impact. The two work best together; many clients use CVM findings to inform pentest scope.
Get a fixed-scope quote, usually the same working day.