The PPT report showcases the Computer Level Risk Score, Vulnerability Summary, Vulnerability Trending, Security Report Card, Compliance Report Card, and Compliance Summary.
Company Level Risk Score - This section showcases the Risk score and Vulnerability Summary. The vulnerability summary shows how many are Critical, High, Medium, and Low. Vulnerability Assessment - This section showcases the total count of the Vulnerabilities with Critical, High, Medium, and Low. 🔹 Critical vulnerabilities require immediate attention. They are relatively easy for attackers to exploit and may provide attackers with full control of the affected systems. 🔸 High-severity vulnerabilities are easy to exploit and may provide access to affected systems. 🔹 Medium vulnerabilities often provide information to attackers that may assist them in mounting subsequent attacks on the network. These should also be fixed in a timely manner but are not as urgent as the Critical and High vulnerabilities. 🔸 Low Vulnerabilities - These should also be fixed in a timely manner but are not as urgent as the other vulnerabilities. Executive Risk Summary - This section showcases the Number of assets discovered, the Number of Vulnerable assets, Enabled Computers, Disabled Computers, Enabled Users, Disabled Users, Total Users, Total Groups, Empty Groups, Non-Empty Groups, Total GPOs, Empty OUs, Non-Empty OUs, and Total OUs. Vulnerability Summary - A vulnerability assessment is a process of defining, identifying, classifying, and prioritising vulnerabilities in computer systems, and network infrastructures and providing the organisation doing the assessment with the necessary knowledge, awareness, and risk background to understand the threats to its environment to react & remediate appropriately. Vulnerability Trending - A Vulnerability Trending is based on the Vulnerabilities on a per day across last 30 days. Security Report Card - In today’s time end-users have become a prime target for cybercriminals. But the real tangible target is the end-user’s workstation, and organisations would be remiss not to regularly validate the security of their endpoints. To close the gap, we have developed an endpoint assessment methodology that accounts for each area of the attack. The identification of vulnerabilities and gaps in security controls that may have gone unnoticed will assist you in tuning detection or protective controls to handle user activities. Associated remediation efforts will enhance incident response capabilities and further strengthen your overall security posture.
This section showcases the Failed Logins, System Ageing, Network Vulnerabilities, Antivirus status, Local Firewall status, Supported OS, and Insecure Listening Ports parameters. Compliance Report Card - This section showcases additional compliances like LLMNR, SMB Signing, NTLMV1, SMBV1 client, NBTNS, and SMBV1 server. Compliance Summary - This section showcases the number of assets that are Compliant, Non-Compliant, or Compliance Not Applicable to them. CyberCNS helps look at different Compliance controls like CIS, HIPAA, CIS 8.0, GPG 13, NIST 800 53, GDPR IV, CyberEssentials, ISO 27002, Essentials Eight, NIST 800 171, HIPPAHIPAA, and PCI DSS.  The DOC report showcases the Executive Risk Summary which contains the Asset Summary, Vulnerability Summary, and Active Directory Summary, Company Level Risk Score, Vulnerability Assessment, Operating System Breakdown which includes all the OS available along with the Asset count, Security Report Card which includes Antivirus / Anti-spyware, Local Firewall, Insecure Listening Ports, Failed Logins, Network Vulnerabilities, System Aging, and Supported OS along with the Asset Count and Description, Compliance Report Card which includes LLMNR, NBTNS, NTLMV1, SMBV1 server, SMBV1 Client, SMB Signing along with with the Asset Count and Description, Compliance Summary which includes all the Compliance and displays the count of each Compliance with Compliant, Non-Compliant, and Not Applicable, Top 5 missing matches which include all the Vulnerabilities available along with Asset Count with Severity, Top 5 Vulnerabilities with Asset count, Password Policy Summary which includes Password history not remembered, Maximum password age, Password length less than 8 characters, and Inconsistent password policy.
|