If you work with Corvus, you know that the Corvus Scan is a critical part of what makes our Smart Cyber Insurance policies work. It’s what enables us to quickly provide customized price and coverage options for brokers and helps to make our form one of the shortest in the industry.
What you might not know is exactly what goes into each scan, behind the scenes.
How the Corvus Scan works
The Corvus Scan is a non-invasive test of an organization’s web-facing assets. Since it doesn’t involve penetrating an organization’s IT systems, we don’t require a password or any special access. All of the information we need is out in the open — you just have to know where to look, and what to do with it.
Finding out where that information is — all of the IT “exposure” the organization has in terms of infrastructure they own or use — is what takes place in the first phase of the scan: the Discovery phase. After that, the Testing phase involves running vulnerability tests against the assets that have been identified in order to assess security.
Finally, the results of the tests are aggregated and weighted appropriately given their severity. And once the policy is in effect, further monitoring takes place on a continuous basis. If any external events occur that may jeopardize the organization, they will be notified. This all takes place during the Recommendations and Ongoing Monitoring phase.
While those are the basics, many brokers and policyholders we talk to are interested in getting deeper into what goes into the scan. That’s why we created a document that covers it all: from how the scan works, to the three phases in the scan process, and how the results are turned into our Dynamic Loss Prevention Reports.
We gathered some thoughts from insurance and cybersecurity veterans, from Corvus and elsewhere, and shared where they see trends moving in cyber in 2020.
Mike Karbassi is Vice President and Head of Cyber Underwriting at Corvus. He specializes in Network Security, Privacy Liability, Technology E&O, Media Liability, and Miscellaneous Professional Liability. Karbassi has over a decade of experience in insurance and is a graduate of the Boston University Questrom School of Business.
Gerritt is the Chief Commercial Officer at Corvus. He has over 20 years of sales and marketing experience, primarily focused on technology and data solutions for the financial services industry.
James co-founded Corvus and is the company’s Chief Technology Officer. A 30+ year technology veteran, Jaimie most recently served as CTO of Iora Health and previously co-founded Gazelle.
Mike Lloyd is the Co-Founder and Chief Product Officer of Corvus Insurance. Previously, Mike co-founded Poncho, a personal lines agency InsurTech startup, and was a venture investor at FJ Labs. Mike has an MBA from Harvard Business School and engineering degrees from Virginia Military Institute and MIT.
Phil is the founder and CEO of Corvus. A 30+ year insurance veteran, Phil co-founded broker William Gallagher Associates (acquired by Arthur J Gallagher in 2015) and was an active leader in both the Worldwide Broker Network and Council of Insurance Agents and Brokers. Phil is the Managing Partner of Edmus Ventures where he invests in InsurTech companies including Verifly, Wellthie, Agentero, and Cover Wallet, and serves on the board of Cover Wallet.