Frequently Asked Questions
How can I use Cybersouth compass?For authorized use only. Run this tool only against systems you own or have explicit written permission to assess. Unauthorized use may violate applicable computer-misuse and anti-hacking laws.
The threat intelligence dashboard and tabs are not loading. What's wrong?Almost always, this is one of three things — try them in order:
Check your internet connection. The Intel screens (Ransomware, CVE Database, EOL, Breaches, News) all pull live data from our backend. If you're on a flaky network or behind a captive portal (hotel/airport Wi-Fi), they'll hang or show errors.
Pull down to refresh. Each tab supports pull-to-refresh. A failed initial load usually clears on retry.
Wait a minute and try again. Some data sources (especially CVE counts during peak hours) can briefly rate-limit. The app will recover automatically.
If all of the tabs stay broken for more than a few minutes — including after closing and reopening the app — our backend is likely having an issue. Check the app's status page or contact support. This is rare and usually resolves itself within an hour.
If only one tab is broken (e.g., Breaches loads but News doesn't), that specific upstream data source is having an outage on their end. The rest of the app is fine; that tab will start working again once the source recovers.
Does my scan data leave my phone?Yes, parts of it have to — and here's exactly what and why:
Network scans run on your device, but to identify what software is running on a discovered service (e.g., "OpenSSH 8.2") and look up known vulnerabilities for it, the app sends the service name and version (not your private network details) to our backend, which queries a vulnerability database and returns the matches.
What we don't send: your home network's internal IP addresses, MAC addresses, device names, or Wi-Fi credentials don't leave your phone. The CVE lookup only needs the product/version string.
We process scan data on our backend to return results; see our Privacy Policy for full details
Your scan results are saved locally on your device by default. If you sign in, summary data may be synced to your account so you can see history across devices.
If you want to use the app fully offline, the local scanning works, but CVE enrichment will be unavailable.
How accurate are the vulnerability findings?Honest answer: very accurate for mainstream software, less so for niche systems. Here's the nuance:
What's reliable: The CVE data itself comes directly from the U.S. National Vulnerability Database (NVD) — the same source professional security tools use. If the app says "CVE-2021-44228 affects Apache Log4j 2.14," that part is authoritative.
What's a best guess: Matching a service the scanner detected on your network to the correct CVE depends on accurately identifying the product and its exact version. Network scanning version detection is imperfect — a service might report a misleading version string, or report no version at all. When the version is unclear, the app errs on the side of showing more potential matches rather than fewer.
False positives happen. A CVE might be listed as affecting "OpenSSL 1.1.1" but actually only apply to a specific build configuration the app can't see. Treat the findings as leads to investigate, not definitive proof.
False negatives also happen. Custom software, in-house applications, or devices with obscured banners may have vulnerabilities the app can't detect at all.
Rule of thumb: Critical/High findings on well-known products (Apache, nginx, OpenSSL, common router firmware) are worth taking seriously and verifying. Findings on uncommon devices warrant a second look before assuming they're real.
How do i contact support?For support or to report issues, contact: bskinner@thecybersouth.com