Hunts

A hunt is a proposed, focused test that CodeWall has reason to believe will produce a finding on your infrastructure. You triage the proposal, click Run, and the agent goes and tries it — returning either a confirmed vulnerability, a clean "not vulnerable" verdict, or an inconclusive result with an explanation of what got in the way.

Hunts close the gap between a vulnerability being public knowledge and you knowing whether it affects you. Without continuous hunting, the average critical CVE sits unverified against most organisations' infrastructure for months. With hunts running on every new advisory, every confirmed finding, and a daily AI review of your stack, that window collapses to hours.

In this section

How hunts fit with the rest of the platform

• Tests (learn more) are full pentests against a target — broad in scope, exploratory in nature.
• Hunts are narrow, hypothesis-driven follow-ups. Each one targets a specific weakness on a specific surface and runs in minutes, not hours.
• Findings (learn more) are the output of either: every confirmed hunt produces a finding stamped with the hunt that surfaced it, so you can trace any vulnerability back to the intelligence that spotted it.

What changes with hunts enabled

• Every new CISA KEV entry, NVD CVE, and GitHub Security Advisory is automatically evaluated against your asset narratives. If it could plausibly hit your stack, you'll see a hunt within hours of disclosure.
• Every verified finding triggers a variant analysis — "what's the same bug on a different surface?" — so a single discovery cascades into adjacent tests.
• A daily AI review pass examines your full attack surface and proposes hunts on under-tested areas.
• Critical and high-severity proposals trigger immediate email alerts to your team.