Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

The Global Overview Metrics view will display high-level data, including the total number of companies and assets, percentage breakdown of vulnerabilities by severity, and total risk score across all companies.

image-20240422-184153.png

Global Metrics - Table of Contents

Global Metrics - Overview

The Global Metrics view will display data like Severity, Risk Score, Asset(s), and Companies. in the top or header section of the view.

image-20240123-222616.png

  1. Total vulnerabilities by severity (Critical, High, Medium, Low) across all companies and assets

  2. Average Risk Score across all assets for all companies

  3. Total count of Assets across all companies

  4. Total count of Companies

The second half of the view contains the Company Overview data, which includes:

image-20240125-193813.png

You can click down to see the underlying data for any of the values listed in the Company Overview.

Global Metrics - Details

Company Overview Details

  1. Company Name = displays the company's name as listed in ConnectSecure

  2. Asset Count = total count of all assets for the company

  3. Asset Risk Score = MAX weightage achieved * 100 as a percentage (Asset Type = Discovered)

  4. Vulnerability Risk Score = MAX weightage achieved * 100 as a percentage

  5. AD Risk Score =MAX weightage achieved * 100 as a percentage

  6. PII Risk Score = pending details

  7. External Scan Risk Score = MAX weightage achieved * 100 as a percentage (Asset Type = External)

  8. Average Risk Score = pending details

  9. CIS Score = Non Compliant controls count multiplied by the number of Assets

  10. PCI-DSS Score = Non Compliant controls count multiplied by the number of Assets

  11. HIPAA Score = Non Compliant controls count multiplied by the number of Assets

  12. NIST-50083 Score = Non Compliant controls count multiplied by the number of Assets

  13. Cyber Essentials Score = Non Compliant controls count multiplied by the number of Assets

  14. ID = displays the Agent ID from the ConnectSecure database; not configurable

NOTE: Click on the column editor icon to add/remove and rearrange the column headers.

image-20240123-223043.png

Once you have your columns the way you like them, tap the Save Settings icon to keep these moving forward.

image-20240123-223151.png

Global Metrics - Action Toolbar Overview

The Action toolbar provides a set of actions you can take to change the system's global settings. This toolbar should be docked on the right and always visible. It includes system-built-in actions.

image-20240422-184302.png

  1. Companies - this includes the following functions:

    1. New Company - Create local or PSA-connected companies in the v4 portal.

    2. Delete Companies - select a company for deletion from the v4 portal (all data is removed).

    3. Companies - view a list of all your companies in the portal; click through to access company info

  2. Integrations - access the list of supported API integrations.

  3. Application Baseline - access the application baseline rules configurations.

  4. Tags - tap manage the global level tag rules; add, edit, and delete

  5. Global Settings - tap to view a listing of all the global settings affecting all companies.

  6. Users - this includes the following functions:

    1. Profile redirects to the user management front end (ZITADEL Console), where you can manage user accounts, passwords and security, identity providers, authorizations, memberships, metadata, and more.

    2. User Management - redirects to the user management front end (ZITADEL Console), where you can manage user accounts, passwords and security, identity providers, authorizations, memberships, metadata, and more.

  7. Plan - displays the Current Plan for your deployment, pricing, and a breakdown by Company/Asset and Accrued Cost.

  8. Search - tap to use the global CVE search.

  9. Alerts - displays the System Event (alerts) in a timeline-style format.

  10. Alerts - tap to view the System Events in a timeline style for all companies.

  11. Info - tap to see the ConnectSecure Getting Started Info.

  12. Help-Link - tap to view the corresponding documentation page.

Action Toolbar Details

You can change your UI look and feel using the settings menu in the corner:

image-20240422-182109.png

  1. THEME- you can toggle between the different color palettes displayed in the v4 portal by clicking

image-20240207-214110.png

  1. SCHEME - you can toggle between DARK and LIGHT mode by clicking

image-20240207-214138.png

  1. LAYOUT - you can toggle between the different UI options and where the v4 portal is laying out the top/side navigation toolbar options by clicking

image-20240311-174209.png

Align Dynamic Settings - choose either left or right to display the content toolbars

image-20240219-220306.png

Companies

New Company

You can create a new company for the v4 portal here. Under the Choose Mode, you can select 'Local' or 'PSA Companies' to create a new option.

NOTE: Using a supported PSA, you can choose your system and import/map companies one or multiple at a time.

Click the Save button once you have completed all required and optional fields.

image-20240207-214245.png

After successfully saving, you'll receive a confirmation message in the top-right corner. You will then be automatically redirected to the newly created company's 'Overview.'

image-20240207-214340.png

Delete Companies

You can delete an existing company from the v4 portal from here.

image-20240207-214527.png

Select the target company from the drop-down and then click the Delete button.

image-20240207-214559.png

You will be prompted one final time before the record is removed from the v4 portal.

image-20240207-214617.png

A confirmation message will appear to confirm a successful delete

If you encounter any errors during this process, please take screenshots of any error messages and send them to our ConnectSecure Support Team by emailing support@cybercns.com.

Companies

Tap here to view all the companies in your portal. This includes the Company Name, ID, and Create On Date.

image-20240311-174456.png

Click on the Company Name to be redirected to the selected companies data.

image-20240311-174622.pngimage-20240311-174641.png

Integrations

Access the API integrations menu. Tap on a tile to configure/manage the settings. Each integration has its own unique set of credentials and configuration options. Please refer to the integration-specific guide for a step-by-step explanation.

image-20240207-214658.png

Integration Guides by Category

Check out our dedicated page here for supported API Integrations:

V4 Integration Setup Guides

App Baseline

Tap here to Add, Edit, or Delete the Tag Rules across all companies.

image-20240422-183811.png

Tags

Tag Rules enable the user to input search criteria, which scan all assets and apply tags based on the criteria.

Field

Description

Name

Give the tag rule a name of your choice

Risk Score

Enter a risk score if you want to modify the risk score of any asset where this rule matches. If you do not want to change the risk score, enter zero (0).

Collection

Select the Collection which organizes the tags by Assets, Ports, and Problems

Description

Give the tag rule a description of your choice

Rules

Used to build a search query with specific search criteria; the rule will check all assets for a match and apply the specified tag(s)

Tags: Name

Give the tag a name of your choice

Tags: Value

Give the tag a value of your choice (string or integer)

image-20240219-221539.png

Example!

Add New Tag Rule

Tap the Add button to create a new tag rule.

image-20240219-220932.png

Complete all the required fields which include Name, Risk Score, Collection, Description, and the Name/Value for the actual tag. You will also need to specify the Rules section which includes a boolean for AND/OR with different field selections.

image-20240219-221059.png

Edit or Delete Tag Rules

You will see any of the existing tag rules in the table view, where you can use the three-dot action menu to Edit or Delete.

image-20240219-220826.png

Tag rules would be applied within a few minutes and can be verified under assets information.

Global Settings

Here, you will find general global-level settings.

They can be accessed from the Global Overview or Global Metrics page.

image-20240124-142248.png

Timezone Settings

Set your timezone by selecting from the drop-down and tapping the save button.

image-20240124-142718.png

Custom Date Format

Set your date format by selecting from the drop-down menu and tapping the save button.

image-20240124-142758.png

Session Timeout

Set the time (in minutes) for the session timeout to occur. This includes the Idle, Wait, and Logout intervals.

image-20240124-142901.png

Ports Policy

Specify Insecure, Denied, Excluded, and/or Allowed Ports.

Allowed ports, denied ports, and insecure ports are used for flagging the information on the report card. When you add the port number, this will still scan the ports for vulnerabilities. You can use the exclude port option to exclude the ports from scanning.

image-20240124-142916.png

Deprecation Days

Set asset and/or Agent deprecation days as well as your Suppress Vulnerabilities days

image-20240124-142942.png

White Label Settings

Set the logos to be used for both dark and light modes. You can also edit the display name of the application the browser tab, along with the footer content.

image-20240124-143111.png

EDR Application

The Global EDR applications contain the list of antivirus applications shown in the security report card for the respective assets. Any application not listed as antivirus under Global EDR applications can be added here. Please run a scan after adding it to reflect the application name in the security report card of the respective asset. To Exclude any application from the Global EDR applications list, please click on the 'X' for the selected application.

image-20240124-143250.png

Backup Software

The Global Backup Software contains the list of Backup Software shown in the security report card for the respective assets and also reflects as compliant for the asset under the Essential Eight Backup Software Compliance rule.
Any Backup Software that is not already listed under Global Backup Software can be added here. Please run a scan after adding it here to reflect the software name in the security report card for the respective asset.
To Exclude any of the Backup Software from the Global Backup Software list, please click on the 'X' for the selected software.

image-20240124-143343.png

Compliance Scan

Set the Compliance types to be scanned here. Only the selected options will be activated when running compliance scans. This will reduce the time it takes to complete and the load on the scan agents.

How To: Run A Compliance Scan

Screenshot 2024-01-08 at 5.31.03 PM.png

LW Agent Scan Interval

Configure the scan interval for the lightweight agent(s). Choose from 15, 30, 60, 90, or 120 minutes.

image-20240124-143558.png

Patching Status

Enabling patching status is required to enable the patching engine and configure options.

image-20240207-215044.png

Custom Domain

image-20240213-180857.png

Requires a DNS (A-Record) for Domain Name with IP Address 65.20.101.254

Provide your desired Domain Name and upload your SSL Certificate and SSL Private Key files. Optionally, you can include any Allowed IPs.

You can tap on our ‘how to links’ for the various SSL providers.

SSL Provider

Link

AWS

AWS | DNS | Add A Record

Bluehost

Bluehost | DNS | Add A Record

Cloudflare

Cloudflare | DNS | Add A Record

Go Daddy

Go Daddy | DNS | Add A Record

Google Domains

Google Domains | DNS | Add A Record

Namecheap

Namecheap | DNS | Add A Record

Network Solutions

Network Solutions | DNS | Add A Record

Exclude Component(s) from Security Report Card

Select your options for excluding the options showing on your security report card.

Security Report Card shows up in the Dashboard, Standard Reports, and Agent views.

image-20240311-175112.png

Custom Report Cover Page

image-20240222-164725.png

Upload your own custom DOCX file to use with any of the Company Standard Reports.

  1. Select a company option. You can select All Companies or specific(s) from the list.

image-20240222-164938.png

  1. Tap the Choose File button to upload your DOCX file.

We can only customize Report Name {{reportName}} and Company Name {{companyName}}

Once the DOCX file is uploaded successfully, you can run any standard report, and the cover page will display.

Anti Ransomware

image-20240222-164738.png

The Global Anti-Ransomware contains the list of antivirus applications shown in the security report card for the respective assets. Any application not listed as Global Anti-Ransomware can be added here. Please run a scan after adding it to reflect the application name in the security report card of the respective asset. To Exclude any application from the Global Anti-Ransomware list, please click on the '->' for the selected application.

Global Table Setting

Set the default font size and items per page globally.

image-20240311-175514.png

Firewall

The Global Firewall contains the list of firewall options shown in the security report card for the respective assets. Any application that is not already listed as antivirus under Global Firewall can be added here.
Please run a scan after adding to reflect the application name in the security report card of the respective asset.
To Exclude any application from the Global Firewall list, please click on the '->' for the selected application.

image-20240311-175612.png

Users

Profile

It redirects you to the external auth site where you can manage your user profile settings in Zitadel.

https://authprod.myconnectsecure.com

User Management

Manage the users within your v4 portal. You can Add new users, Edit existing ones, and Delete users from here. Our standard search, refresh, filter, tag, column chooser, download, and save buttons are at the top of the Users panel.

image-20240124-143747.png

 

Add New User

Tap the Add button to create a new user for the v4 portal. When selecting the Role for the User, there is an option to Allow or Deny a user access to specified Companies. This option will only appear if the Role is something other than Admin. By default, Admin will have access to All Companies, which can not be changed.

image-20240124-143841.png

Security Roles Matrix

We have a dedicated page for users and security found here:

V4 User Management and Security

Here are the default Roles with their default Permissions.

In the previous version of ConnectSecure, we had a role called ‘ITADMIN’, which is no longer available.

To grant ITADMIN access similarly in V4, you should assign the following roles:

  • ASSETWRITER

  • VULNERABILITYWRITER

  • COMPLIANCEWRITER

  • ACTIVEDIRECTORYWRITER

Edit Existing User

Tap the three-dot Action menu next to any existing user to edit them and change their security Role.

Select the new Role and tap Update; otherwise, click Cancel to back out.

Delete Existing User

Tap the three-dot Action menu next to any existing user to Delete the User.

Click the red Delete button to confirm deletion; otherwise, click Cancel to back out.

Plan

View a detailed breakdown of your agent deployment's current plan, including pricing and costs accrued by company/asset.

image-20240422-183213.png

This is a CVE search that allows you to search a specific CVE through the system.

image-20240422-183325.png

Alerts

To view the changes and updates in the System Events, you can use the timeline style.

image-20240422-183413.png

Info

Tap here to view your V4 Getting Started Info.

https://cybercns.atlassian.net/wiki/x/MIDKfw

Tap to view the corresponding documentation page; this link works across all screens.

Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

https://cybercns.freshdesk.com/en/support/login

image-20240206-144508.png
  • No labels