Guide Last updated: December 2025 5 min read

Getting Started with CVSEEYOU

From account creation to your first security findings in under 10 minutes. This guide walks you through everything you need to get started.

What You'll Learn

Set up your account and organization
Verify ownership of your domains
Run your first vulnerability scan
Understand and remediate findings
Deploy a Hybrid Runner for internal scanning
Set up scheduled scans for continuous monitoring
1

Create Your Account

Sign up for CVSEEYOU using your work email or Single Sign-On (SSO). You'll be the organization admin by default.

Google SSO

Sign in with your Google Workspace account

GitHub SSO

Sign in with your GitHub account

Step-by-step

  1. 1 Navigate to cvseeyou.com/auth
  2. 2 Enter your work email and create a strong password (or use SSO)
  3. 3 Check your inbox and click the verification link
  4. 4 Complete your organization profile (company name, industry)

Pro Tip

Use your work email domain (e.g., @yourcompany.com) so your team members can easily join your organization later.

2

Verify Your Domain

Before scanning, you must prove domain ownership. This is a security requirement that prevents unauthorized scanning of third-party assets.

DNS TXT Record

Recommended

Add a TXT record to your domain's DNS configuration. Fastest and most reliable method.

cvseeyou-verify=abc123xyz

HTML File

Alternative

Upload a verification file to your website root. Good if you don't have DNS access.

/.well-known/cvseeyou.txt

Important

DNS changes can take up to 48 hours to propagate globally. If verification fails, wait a few hours and try again.

3

Run Your First Scan

Once verified, you can launch a comprehensive security scan. CVSEEYOU uses 20+ enterprise-grade tools to detect vulnerabilities.

Choose a Scan Profile

Full Scan
Recommended

Comprehensive scan with all 20+ tools. Takes 20-40 minutes.

Quick Scan

Essential checks only. Takes 5-10 minutes. Good for CI/CD pipelines.

Custom Scan

Select specific tools and configurations. For advanced users.

What's Scanned

Port Scan
SSL/TLS
CVE Detection
Web Vulns
Headers
DNS
Subdomains
+ 12 more
4

Review & Remediate Findings

Once the scan completes, you'll receive a detailed report. Each finding is mapped to SOC 2 criteria and includes AI-generated remediation guidance.

C

Critical

Fix immediately

H

High

Fix within 24-48h

M

Medium

Next release cycle

L

Low

Good to fix

AI-Powered Remediation

Click "Generate Fix" on any finding and our AI will analyze the vulnerability and provide ready-to-use code snippets or configuration changes.

Learn more about AI remediation
5

Install a Hybrid Runner (Optional)

To scan internal networks, databases, and endpoints behind your firewall, deploy a Hybrid Runner. This is required for SOC 2 compliance.

Quick Install (Linux/macOS)

curl -sSL https://cvseeyou.com/install.sh | bash -s -- --token YOUR_TOKEN

Replace YOUR_TOKEN with the token from your dashboard.

Full Hybrid Runners Guide

Detailed installation, configuration, and troubleshooting instructions.

What's Next?

Set up SOC 2 mapping

Auto-map findings to Trust Service Criteria

Connect cloud accounts

Scan AWS, GCP, and Azure for misconfigurations

Integrate HRIS

Connect BambooHR or Gusto for auto onboarding

Schedule recurring scans

Set up daily or weekly automated scans

Need Help?

Our support team is here to help you get started.

Contact Support Browse All Guides