Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
minLevel1
maxLevel6
outlinefalse
typelist
printablefalse

...

Table of Contents

Getting Started

Email

ConnectSecure has already signed you up for the new instance.

...

To log into the portal please click on the portal link as shown in the picture above. Please click on the URL in this mail and log in using the username and password given in the mailActivate the user by following the instructions on the “Activate User” screen as seen below. Here is where you can set your password too.

Two-factor Authentication

Once username and password is entered, you will be redirected to set up authentication

...

Once the authentication is set, you will be redirected to the portal.

Please proceed to get started by following a pre requisites and creating a new company.

Pre requisites

  • Please open port 4222 from agent machine to below IP addresses of respective regions (where ConnectSecure instance is hosted) for successful communication.

  • Please whitelist outbound communication from agent machine to *.myconnectsecure.com.

Region

POD number

IP’s

Load Balancer IP’s

US

POD101

155.138.163.9

144.202.23.74

US

POD102

149.28.93.167

45.77.87.242

US

POD103

45.77.164.106

104.207.144.192

US

POD104

149.248.11.111

144.202.125.97

US

POD105

155.138.201.146
45.76.63.93
155.138.216.219
155.138.211.47

66.42.92.100

CA

POD200

216.128.178.144
216.128.185.33
149.248.60.138
155.138.158.204

155.138.140.251

UK

LONDON

POD300

95.179.196.101
95.179.230.189
45.77.88.130
192.248.150.43

209.250.225.16

EU

POLAND

POD400

70.34.254.208
70.34.248.226
70.34.252.117
70.34.243.47

64.176.69.126

EU

MADRID

POD401

65.20.105.37
65.20.98.64
65.20.103.194
65.20.100.219

65.20.103.34

AU

SYDNEY

POD500

45.32.245.127
45.77.237.248
45.32.189.250
149.28.188.232

139.180.161.236

AF

POD600

139.84.226.34
139.84.233.23
139.84.232.134
139.84.230.190

139.84.229.231

Creating a New Company

Navigate to the "Global View" and follow these steps to create a new company

...

2. New Company: Locate the "Create New Company" option and click on it.

Image Modified

3. Fill in Details: Provide the necessary information for the new company, including Company name, description, and any other required details.

Save Changes: After filling in the details, save the changes to create the new company

...

Discovery Settings and Credentials

Note:

If the scan is limited to workstations only (LIGHTWEIGHT), please skip the "Discovery Settings and Credentials" section and proceed.


Once the company is created, proceed to configure Discovery Settings and Credentials. This section is an easy guide to the process.

...

...


...



Access Discovery Settings:

...

Domain Name: Include domain names for comprehensive coverage.

...


...


Save Changes: After adding credentials and configuring discovery settings, save the changes to apply the new configurations.

...

Verify Credentials: Once credentials are added, perform a verification to ensure they are valid and can be used for scanning.

Choose an OS type to add master credentials: Windows, MacOS, Linux, VMware, and Network devices.

Depending on the network setup, select either Active Directory or Asset Credential as the credential type.

...


...



...



...

Agent Installation

Info
  • Navigate to the “Agents” section and click on "Download Agent".

  • Please allow 4222 port from agent machine for successful communication.

...

...

Image Added


Copy the script by selecting the "Copy to Clipboard" option.

...

Next, run the copied script on the Windows or Mac system with administrator permissions.

...

Map Discovery Settings and Credentials to Agent


Navigate to the "Agents" section within the application.

...

Locate and click on the "Action Button" (often represented by three dots or a gear icon) associated with the specific agent that needs to be configured.

...


...



From the menu that appears, select "Map Discovery & Credentials"

...

In the "Map Discovery & Credentials" section, locate the options you will find options to associate Discovery Settings and Credentials with the selected agent.

...

Similarly, map the necessary credentials Credentials to the agent by choosing the relevant credentials from the list.

...

Image Added


Once you have mapped the Discovery Settings and Credentials are mapped, click the "Save" button to apply the changes.

...

After successfully mapping the Discovery Settings and Credentials, return to the "Agents" section.

Locate the agent that has been configured the under the Discovery Settings and Credentials. for which you configured the settings and credentials.

Click on the "Scan" button to initiate the scanning process for the configured agent.

Assets

Go to the 'Company View'.

Click on 'Assets' to access the assets view.

...

In this section, is a comprehensive you will find a comprehensive list of scanned assets. 


The list includes assets along with their associated risk scores and vulnerability counts.

...

Clicking on the IP Address will redirect , you to the detailed view of the chosen asset.

...

In this section, you can find the following information about the assets are availableasset:

  • System information

  • Storage

  • Network information

  • BIOS Information

  • Firewall Policy

  • Problems

  • Solutions

  • Firewall Rules

  • Internal Ports

  • External Ports

  • Software

  • Asset Patches

  • Extension Programs

  • Services

  • User Shares

For network vulnerabilities, please we can find the scripts to remediate them.

...

Image Added

Please We can directly copy the script and run it on the machine for remediation.

...

Problems

Click on 'Assets' to access the Problems view.

...

In this section, we can identify all the problems related to assets at the company level can be identified.

...

In this section, one we can choose to suppress Problems, by triggering an email to the designated user for approval. This user can be internal or external.

...

Solutions

Click on 'Assets' to access the Remediation PlanSolutions.

...

The Remediation Plan Solutions lists missing OS (Operating System) security patches and the latest application versions that have not yet been installed.Image Removed

...

Application Vulnerabilities

Click on 'Assets' to access the Application Vulnerabilities.

...

In this section, we can find the Application Vulnerabilities and missing OS (Operating System) security patches are listed.

...

Pending OS Patches

Click on 'Assets' to access the Pending OS Patches.

...

In this section, we can review the pending OS patches across the company's view.

...

Ports

Click on 'Assets' to access the Ports section.


In this section, we can review the Ports details across the company's view.

...

Anchor
_Toc1037062264
_Toc1037062264
Anchor
_Toc361142251
_Toc361142251
Vulnerabilities

Go to the 'Company View'.

Click on “Vulnerabilities” to access the Vulnerabilities view.

...

...

Anchor
_Toc852353683
_Toc852353683
Anchor
_Toc2023570376
_Toc2023570376
In this section, we can suppress vulnerabilities, triggering an email to the designated user for approval. This user can be internal or external.

...

Select the reason for suppressing the vulnerability.

User Type: Choose the user type for whom the suppression request is intended: Internal User or External User.

Suppression Comments: Provide comments explaining the justification for suppressing the

vulnerability.

Suppression Start Date and End Date:

Specify the start and end dates for the vulnerability suppression.Image Removed

...

Save: Click the "Save" button to approve the suppression request.

...

After completing these steps, the user will receive an email for approval. Upon approval, the request will proceed to the suppression stage.

...

Compliance

Go to the 'Company View'.

Click on “Compliance” to access the Compliance view.

In this section, we can access the compliance details for CIS, PCIDSS, HIPAA, Cyber Essentials, NIST 800-53, Essential Eight across multiple platforms such as Windows Server, Azure Server, Windows Desktop, Linux, and Mac.Image Removed

...

And for Manual Compliance, we can upload evidence to mark it as compliant or not applicable, there are provisions to upload evidence.

...

Active Directory

Click on “Active Directory” to access the Active Directory Section.

...

...


Here we can find:
Problems
Identifies and lists issues or challenges.

...

AD Summary

Provides a summary of Active Directory-related information.

...

Azure AD Summary

Offers a summary of Azure Active Directory-related information.

...

Active Directory: Presents detailed information and insights related to the Active Directory.

...

Azure Active Directory: Provides detailed information and insights concerning Azure Active Directory.

...

Microsoft Secure Score: Offers information and metrics related to the security score assigned by Microsoft, indicating the overall security posture.Image Removed

...

PII Scan

Click on “PII Scan” to access the PII Scan Section.

...

Add a scan profile

Click on +Add to add a new scan profile.

...

Image Added

Scan settings

Under Scan Settings , lets you choose all by selecting the Select All option. Users can select optional information from fields like Surname, Phone, Date Of Birth, Postal Code, OAuth Token, Location, Email, IP, Credit Card, Phone, and SSN, and Street.

...

Image Added

Select Default Extension

Select the Default Extension Type Select All option. Users can select optional extension types html, json, yaml, yml, tex, xml, ts, sh, wpd, php, go, cpp, c, js, xlsm.

...

Image Added

Select the appropriate Source Type and an Agent to use for PII Scan.

Select the Default Source Type as Files to be used for this scan.
Select Source Type as Files and provide information for Path Settings such as Included Location(s). Exclude the Location for the system to be scanned.

Once all required fields are selected, please click on Save to successfully save the this PII Profile with a message as Saved Successfully.

Initiate PII Scan

Locate and select the profile for which you want to initiate the PII scan.

...

Clicking on the highlighted PII data will redirect you to the detailed view of the chosen PII data.

Dashboard

On the right Pane, click on the Dashboard icon to be redirected to the Dashboard section. This area provides an overview of relevant information and data. Once in the Dashboard section, you can proceed to the next step.

...