Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

In order for the external scan to work the IP and hostname will be scanned from the following IP Addresses based on the region. Your region is the suffix on your portal URL. E.g. If your URL is portaluseast2.mycybercns.com then your region is useast2. The IPs are as listed below.

Region

Originating IP Address for External Scan

USWEST2

44.231.123.15

EUCENTRAL1

35.158.55.215

EUWEST2

13.41.172.255

APSOUTHEAST2

54.206.202.191

USEAST2

3.22.165.174

Running External Scans using CyberCNS

...

  • Ports that have been added as Ignore ports will not be considered for alerts. 

  • If any ignored port has been added and it contains vulnerabilities, those vulnerabilities will contribute to the calculated risk score and will not be ignored.

  • The ports 22, 80, and 443 as added as default ignored ports. While calculating the risk score these ports will be ignored. And also they will no longer generate open port alerts for these specific ports.

  • If the IP has been discovered with four open ports if we add all four discovered ports as ignored ports added as 20, and 8080 contributes to the calculated risk score will be low.

  • If four ports are discovered if the two ports are ignored the risk score will remain the same, if we add all the discovered ports contributes contribute to the calculated risk score will be low.

...

  • Click on Upload to upload bulk in CSV file format. You can make use of a sample CSV file to upload the correct format data.

...

  • There is an option to Edit or Delete the Discovery Type using the Action column. Any Discovery Type can be edited or deleted if needed.

...

  • .

...

  • Click on Delete to delete the External Scan Endpoints under configuration, and it will prompt if to delete External Scan History associated with the provided configuration. Please select if the associated data to be deleted.

...

Jobs

Info

All the jobs for the external scan will be shown in the Jobs tab. This will include the information like Job status.

  • When the scan begins, navigate to the Jobs section to check the Job Completion.

...

  • .

...

At the company level.

  • External scan tags fall under the scheduler as well, only the selected tagged assets will trigger scan in the external scan.

  • Excluded tags will not trigger the scan.

  • Excluded IPs also will not trigger the scan if we add the tag of the excluded IP.

  • Multiple tags can be considered while the scan.

Info

Created, JOB ID, Scheduler Name, and Last Discovered are few additional columns which can be helpful. These columns can be selected to be displayed and these are not seen in the default view.

...

At the global level

  • The selected tag/s will trigger for all the companies where the tag matches the external scan.

Results

Info

All the Results for the external scan are shown in the Results tab.

  • Once the scan is completed, navigate to the Results section, to view the details of the added IP.

...

  • Click on status here are the tow status Active and Deprecated.

...

  • The Asset Active days and Timings in the Updated column in External Scan results

...

  • The Asset detection days to deprecate the external scan results. The updated column records will give the day and time when they entered the deprecated state. Once the 'updated' column is subsequently timestamped with the latest scan time, the result moves back to the active state.

...

  • Multiple Results can be Deleted and get the Details if chosen usingthe Actions menuas shown below.

...

  • Configuration Deleted information can be easily checked under results using the additional column available. Click on the columns button and select the Configuration Deleted.

...

  • Information such as Ports Scan, Protocol Scan, Service Detections, OverAll Grade, Open Ports, Vulnerabilities, and Operating System Details will be displayed.

...