CART (Continuous Automated Red-Teaming)
CART is ShadowMap's continuous automated red-teaming module, providing alert management, vulnerability tracking, and IP reputation monitoring across your external attack surface. CART simulates attacker reconnaissance by continuously scanning and evaluating your exposed infrastructure for weaknesses.
What CART Does
CART automates the activities a red team would perform during an external assessment:
- Discovers and classifies vulnerabilities across your external assets using port scanning, technology fingerprinting, and CVE matching
- Monitors IP reputation by checking your IP addresses against threat intelligence blacklists and abuse databases
- Consolidates alerts from all ShadowMap modules into a single actionable view with severity-based prioritization
Modules
| Module | Description |
|---|---|
| Alerts | Consolidated view of all security alerts and findings across modules with filtering, assignment, and status tracking |
| IP Reputation | IP reputation scoring across threat intelligence sources -- identifies blacklisted, flagged, or abused IP addresses |
| Vulnerability Overview | Consolidated vulnerability view with prioritization by CVSS score, KEV status, exploit availability, and asset criticality |
How CART Fits Into Your Workflow
- Vulnerability Overview gives you the big picture -- what vulnerabilities exist, how severe they are, and which assets are affected
- IP Reputation provides an external view of your IP addresses -- are any flagged by threat intel providers or appearing on blocklists?
- Alerts consolidates findings from across all ShadowMap modules into a single workflow for triage, assignment, and resolution tracking
CART vs. Manual Red-Teaming
| CART (ShadowMap) | Manual Red Team | |
|---|---|---|
| Frequency | Continuous -- scans run on a schedule and alert in near-real-time | Periodic -- typically quarterly or annually |
| Coverage | Automated coverage of all discovered external assets | Targeted scope defined by engagement rules |
| Depth | Identifies known vulnerabilities and misconfigurations via signatures and CVE matching | Tests for business logic flaws, chaining, and post-exploitation |
| Cost | Included in ShadowMap license | Per-engagement consulting fees |
| Best for | Ongoing hygiene, compliance monitoring, and rapid detection of new exposures | Deep testing, social engineering, and advanced attack simulation |
CART complements manual red-teaming -- it handles the continuous baseline so your red team can focus on advanced scenarios that automation cannot test.
Integrations
CART findings flow into your existing tooling through ShadowMap's Integrations:
- Ticketing (Jira, Freshservice) -- Automatically create tickets for critical findings
- Chat (Slack, Microsoft Teams) -- Receive real-time alerts in your security channel
- SIEM (Splunk) -- Forward findings to your SIEM for correlation with other data sources
- Webhooks -- Send findings to any custom endpoint for further processing