Continuous Validation (CTEM)
A snapshot ages the moment something changes. Continuous validation (Continuous Threat Exposure Management) keeps your security posture permanently up to date: recurring scans, a re-scan-stable finding history without duplicates, and a risk picture that moves with your infrastructure.
Foundation: dedupKey-stable findings over time for a continuous finding history.
What we check
Here is what the Continuous validation covers – concrete and verifiable.
- Recurring, scheduled re-scans of your attack surface
- Re-scan-stable findings via dedupKey (firstSeen / lastSeen) – no duplicates
- Status lifecycle: open → verified → remediated / accepted / false_positive
- Detection of new findings and confirmation of remediated vulnerabilities
- Trend and history view across the entire finding history
- Integration with Rapid Response for acute threats
Your benefits
What the Continuous validation actually gives you – beyond the pure technology.
Always a current picture
Instead of an outdated snapshot you have the real state of your attack surface at any time – even as systems change constantly.
No duplicates, clear history
Stable finding identity via dedupKey ensures the same finding tells one continuous story across scans – not a hundred new tickets.
Make progress visible
The status lifecycle shows what is open, verified or remediated – ideal for proving impact to management.
Early, not too late
New vulnerabilities and newly appearing assets stand out immediately, instead of only at the next manual audit.
How it works
- 1
Capture a baseline
A first full scan establishes the starting state of your attack surface.
- 2
Repeat on schedule
Re-scans run recurrently; SnapScan maps findings stably via dedupKey.
- 3
Detect change
New, still-open and remediated findings are clearly distinguished.
- 4
Maintain status
Keep findings current through the lifecycle – including 1-click re-verification after fixes.
Typical findings
- Newly appeared, exposed application since the last scanhigh
- Regression: previously remediated vulnerability open againmedium
- New host outside the known inventorymedium
- Confirmed remediation of several prior findingslow
Example finding categories. Actual results depend on your environment.
Use cases
- Continuous monitoring instead of point-in-time audits
- Proof of continuous improvement to management
- Early warning on new assets and vulnerabilities
- Compliance requirements for ongoing exposure management
Frequently asked questions
Do I get the same findings again on every scan?
No. Via the dedupKey, findings stay stably identified (firstSeen / lastSeen). You see what is new, what persists and what was remediated – without duplicates.
What is CTEM?
Continuous Threat Exposure Management – the approach of continuously testing and validating attack surfaces rather than only point-in-time. That is exactly what continuous validation is built for.
How does this relate to Rapid Response?
Continuous validation keeps the baseline current; Rapid Response adds the immediate, targeted reaction to acute N-day CVEs.
Goes well with
Rapid Response
New critical CVE? One API call checks your entire fleet immediately – and you know within minutes whether you're affected.
Recon & mapping
The complete outside view: every subdomain, every service, every forgotten asset – mapped and monitored.
Deep scan
The thorough check: active vulnerability tests with verification – not guesses, but proof.
Ready for the Continuous validation?
Start with a free scan or talk to us about the plan that fits your use case.