Weekly Group Onboarding Sessions
Join our weekly group onboarding sessions led by our consulting team.
Tap the image below or visit http://www.connectsecure.com/onboarding
V4 Agent Prerequisites
We have a dedicated page with the V4 agent prerequisites for a smooth-running ConnectSecure agent and portal. This includes the Ports, IPs, Domain, and general whitelisting information. Please refer to this page before completing your onboarding: V4 Agent Configurations
Accessing ConnectSecure V4
The ConnectSecure portal is found here:
https://portal.myconnectsecure.com/sign-in
If you have an account created but are having trouble logging in, please check out our user password and MFA reset guide; tap the link below.
Onboarding Check List Table of Contents
Setup Users and Security
- Navigate to Global > Settings > Users, where you can Add, Edit, and Delete user accounts.
- Review our User Management and Security Guide here: https://cybercns.atlassian.net/wiki/x/uQDVfQ
- You can review your user account details in the User Avatar > Profile section, where you can add additional Password and Security options.
Configure Global Settings
Global Settings apply to all companies in your portal and auto-apply to any new ones created.
Navigate to Global > Settings > Global Settings and review the options.
While most of the default options will suffice, reviewing each one is important to become familiar with what's available and set by default.
We recommend you check at least the following global default settings:
See the full Global Settings documentation here: https://cybercns.atlassian.net/wiki/x/uICUgQ
Configure Global Scheduler
The Global Scheduler is where you can configure automatic jobs for Scans, Patching, and Reporting. Remember, you can also configure the Company Scheduler for company-level jobs if you do not want it globally.
Scan Scheduler
- Configure Global Scan Scheduler
Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2102198449/Global+Scheduler#Scan-Scheduler
Below is a sample scan recommendation.
Automated Scan Schedule Recommendations | ||||
Scan Job Name | Scan Type | Frequency | Target Time | Agent Type |
Daily Full Scan - All Companies (Includes Active Directory, Compliance, Firewall, and Network Scans) | Full Scan | Once Per Day | During business hours, we want assets to be online for scanning | Probe |
Daily ASM Scan - All Companies | Attack Surface Mapper | Once Per Day | After hours, any time | Non-Agent Scan |
Daily External Scan - All Companies | External Scan | Once Per Day | After hours, any time | Non-Agent Scan |
Daily Compliance Scan - All Companies (Only needed if you are not using the Probe - Full Scan option) | Compliance | Once Per Day | During business hours, we want assets to be online for scanning | Lightweight or Probe Agent |
NOTE: The lightweight agent scan interval is configured under the Global Settings or Company Settings menu; the LWA scan type is unavailable in the scheduler.
Patch Scheduler
- Configure Global Patch Scheduler
Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2102198449/Global+Scheduler#Patch-Scheduler
NOTE: You may consider not configuring Patch Scheduler globally but on a per-company basis. The Company vs Global Scheduler can be used to balance these requirements.
Report Scheduler
- Configure Global Report Scheduler
Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2102198449/Global+Scheduler#Report-Scheduler
Automated Report Schedule Recommendations | ||
Report Schedule Name | Report Type | Frequency |
Monthly Assessment Report - All Companies | Monthly | |
Monthly Executive Summary Report - All Companies | Monthly | |
Monthly Remediation Plan Report - All Companies | Monthly | |
Monthly Security Report Card Report - All Companies | Word | Monthly |
Monthly Vulnerability Overview Report - All Companies | Word | Monthly |
Weekly All Vulnerabilities Report - All Companies | Excel | Weekly |
Company Management
Companies can be created manually in the portal (Local), or imported from one of the support PSA Integrations using the import options.
Add Local Company
- Add Local Company
Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/x/DQB0gQ
Configure Company Settings
- Review and Update Company Settings
NOTE: Setting a value in the Company Settings will override the Global Settings. When adding a new Company to the ConnectSecure portal, it is recommended to confirm the Company Settings for any needed overrides or changes based on what is inherited from the Global Settings.
Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/x/74qfgQ
Configure Company Discovery
- Review and Update Company Discovery
The Discovery section stores the company's Discovery Settings and Credentials. These settings are necessary to create a probe agent and are used by the agent to determine which network(s) or IP addresses it will scan. Additionally, the agent may use these credentials to access the network and obtain additional information.
Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2102919235/Company+Agents#Discovery
Configure Company External Asset(s)
- Review and Update Company External Asset Configurations
You must set up the company-level External Assets > Configurations so ConnectSecure agent(s) know what and where to scan externally.
We recommend adding your client's public domain/website (IE: xyz.com) and any public-facing IP addressing (Static IP or Range).
Refer to our KB for additional information and setup help: Company External Assets
Configure Company Scheduler
Review and update Company Scheduler options. If you have configured the Global Scheduler, you will see those options in the Company Scheduler window, as shown below. You may consider not setting a company-level schedule if you have it covered by the global.
- https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2159312973/Company+Scheduler#Company-Scan-Scheduler
- https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2159312973/Company+Scheduler#Company-Patch-Scheduler
- https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2159312973/Company+Scheduler#Company-Report-Scheduler
NOTE: You can view any inherited Global options within the company scheduler under ‘Is Global’
Agent Deployment
- Prepare Company Agent Install Package
Select a company
Navigate to Overview > Agents
Tap on the download Agent icon
Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/x/y4BffQ
To use the Probe Agent, you must map the Discovery Settings and Credentials section; tap below for the guide on converting a lightweight agent to a probe.
Review Scan Results
Now that we have configured all our settings and deployed agents, data should flow into our Assets, Vulnerabilities, Compliance, Active Directory, and PII modules where applicable.
- All Assets = All the assets installed with a lightweight/probe agent and any IP-based asset discovered during the probe's asset discovery scan. No probe would mean all assets are from LWA. Tap through the Asset Details screen to browse all the data collected from the asset. Below are some key areas to review.
- Problems - review the Problems to see all discovered vulnerabilities
- Solutions - review the Solutions to see the remediation plan for the asset
- Security Report Card - review to see security posture details
- Compliance Report card - review to see compliance checks based on OS configuration
- Firewalls = Firewall assets authenticated by Discovery Credentials will be shown here; if you do not provide credentials, no firewalls will display.
- Other Assets = Probe discovered assets not supported for vulnerability scanning; these assets are not counted towards your billable devices.
- Problems = Vulnerabilities. Instead of just dumping a list of CVEs, we classify them into our problem group categories; check our KB for the full listing: https://cybercns.atlassian.net/wiki/x/TgEUgg
- Solutions = Remediation Plan. This is where you will find the proposed/recommended solutions to address the problem (CVEs) discovered by the scans. Check the KB/FIX column to see a URL or link to the source for a solution.
- Pending OS Patches = View any detected missing operating system patches. To install patches, use the company's Patch Management screen.
- Ports = View detected ports and services running on the assets; requires a Probe Scan. Tap to see the asset details.
- External Assets = External Scan Endpoints. This would include any public-facing internet records seen as ‘looking from the internet to the inside.’ These do not require credentials and can be scanned during offline/non-standard business hours.
External Endpoint Name Example | Example |
---|---|
Public Domain / Website | IE: xyz.com (domain) |
Static IP / Public IP | IE: 66.54.58.100 (static) |
IP Range (Public Block) | IE: 66.54.58.100-66.54.58.105 (range) |
- Patch Management = Company-level option only. Used to run manual patches for applications or OS. Patch jobs are also found here to check on successful, pending, and failed jobs. Tap date/time to see details.
- Attack Surface Mapper = Secondary type of external scan. Includes Vulnerabilities, Open Ports, Target IPs, Emails, Usernames, and Subdomains. It also includes the S3 Buckets, DNS Records, MX Records, and RAW Headers.
- Certificates = SSL information. This is great for Certificate Management. However, it requires the probe scan and an external asset configuration to be added.
- Active Directory Problems (if applicable) =
- Active Directory (if applicable) = Requies administrator-level credentials for Active Directory. Displays your basic AD data, including the OU’s (Organizational Units), Users, Computers, Groups, GPO (Group Policy Objects), and Password Policy details.
Refer to our Active Directory Least Privelages KB if you are not using domain admin credentials:
https://cybercns.atlassian.net/wiki/x/AYC_gQ
- Azure Active Directory and Microsoft Secure Score = require the Azure CSP or Non-CSP integration to be configured. Displays the Users, Computers, Groups, Licenses, Logs, and Roles.
Refer to the Azure Integration Guides here: https://cybercns.atlassian.net/wiki/x/HoHXfQ
This integration will also populate the Microsoft Secure Score data.
Review Dashboard and Reporting
Now that you have collected data from the various scans use the dashboard and reporting to get the information into the hands of the people who matter.
We have prebuilt Standard Reports and a customizable Report Builder.
Any report can be scheduled for automatic delivery to your email inbox or through various integration points using the Report Scheduler.
You can also use the in-app Company Dashboard and/or Global Dashboard to see your data in different views with additional filtering and sorting options in our dashboards.
Need Onboarding Help?
We have an onboarding team dedicated to your success. Please use the link below to schedule a time that works for you. We will be happy to assist in your onboarding and answer any questions you have to get your implementation up and running smoothly.
One-on-one bookings:
https://calendly.com/connectsecure-onboarding
Group bookings (held multiple times a week)
https://connectsecure.com/onboarding
Need Support?
Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.
https://cybercns.freshdesk.com/en/support/login
Add label