Settings - Company Level

Modified on Sat, Nov 4, 2023 at 5:42 AM

Ports Policy Settings can be added at the Company Level and Global Level.

  • On the global menu(:search_icon:), navigate to Settings.

  • Based on these set policies, the data will be generated.

  • In Settings, there are three options. They are Ports Policy Settings and Asset Deprecation Days.

(blue star) Ports Policy Settings:- In Ports Policy Settings, can set Excluded and Insecure ports.

(blue star) Asset Deprecation Days:- In Asset Deprecation Days, can set the Asset deprecation days which is not discovered * a number of days here.

(blue star) Agent Depreciation Days:- In Agent Deprecation Days, can set the Agent deprecation days which is not discovered * a number of days here.

(blue star) Deprecated Asset Retention Period:- In Deprecated Asset Retention Period, Asset will be deleted after the asset is not discovered * a number of days mentioned here.

(blue star) Log4j Email Notification Settings:- In Log4j Email Notification Settings, can set the email address to get notified through mail.

(blue star) Suppress Vulnerabilities Days for Microsoft Patches:- Using suppress Vulnerabilities can suppress the vulnerability for a number of days after the initial release.

(blue star) Patching status:- CyberCNS has the capability to patch 3rd party applications using the Remediation Plan. Patching ability can be enabled post accepting EULA terms from this section.

(blue star) Manage Tags:- Tags created under CyberCNS can be managed under this section for actions such as deletion, and bulk deletion.

(blue star) EDR Application:- This section lists the EDR applications that are supported by default. Addition or deletion to the listed EDR applications for CyberCNS is allowed.

(blue star) Backup Software:- This section lists the Backup software applications list that are checked by default. Addition or deletion to the listed software applications for CyberCNS is allowed.

(blue star) Exclude component(s) from Security Report Card:- Within this section, the components that can be suppressed from the Security Report Card are listed.

Ports Policy Settings

(blue star) Company Level

Excluded Ports are applicable only for probe agent.

  • When Ports Policy Settings is chosen set the Excluded Ports For Scanning and Insecure ports.

  • Once the ports are added, click on enter or comma to add the multiple ports in the particular ports section.

  • In the image depicted below, click on Save once the ports are added.

  • Once the above details are Saved, the Ports will be notified by the, Created successfully, message.

  • In the image below, you can perform the scans (Full Scan, Asset Scan, Vulnerability Scan, External Scan, and Port Scan) based on the requirement.

  • Once the scan is successful, navigate to the Assets tab to get the details of the Ports into the Ports section.

  • The ports section in Asset details will list all the ports that are allowed, denied, and whether Insecure. The vulnerability count attached to these ports is also displayed.

Policies

(blue star) Global Level

  • In the image depicted below, on the global menu((blue star)) Navigate to Policies and set the Ports Policy Settings. This is another option to set the Ports Policy Settings.

Update Company Details

  • Company-related address, Customer Name, state, city, country, Unique Identifier and Zip Code can be updated.

Asset Deprecation Days

Asset deprecation helps you clean up assets from the lists which are not reachable from the CyberCNS agent. Users can set the age as per requirement. The default Asset Deprecation Days value is 90 days.

  • In the image below you can enter the asset deprecation days as per the requirement. Once set, post the following scan the deprecation value will be considered and the deprecated assets will be moved to the Deprecated Assets tab.

  • Once the details are Saved, the Asset Deprecation Days will be notified by the Updated successfully, message.

  • The below image shows the Deprecated Assets.

Manual Asset Deprecation

  • To Manually deprecate an asset, change the view to Table View, select the asset and navigate to Global Actions on the right-hand side under this click on Deprecate (That asset will be deprecated)

Agent Depreciation Days

  • Agent deprecation helps you clean up agents from the lists which are not reachable from the CyberCNS agent. Users can set the deprecation age as per requirement.

  • Only the offline agents will move to the Deprecated Agent based on the deprecation age.

  • In the image below you can enter the agent deprecation days as per the requirement. Once set, post the following scan the deprecation value will be considered and the deprecated agent will be moved to the Deprecated Agent tab.

Manual Agent Deprecation

  • To Manually deprecate an Agent, select the asset and navigate to Global Actions on the right-hand side and under this click on Deprecate (That Agent will be deprecated)

Deprecated Asset Retention Period

This function is only for deleting the assets not agents. So if deprecated assets were self assets like Probe/Lightweight agents then those will only delete from the deprecated assets section and not from Probe/agents. By default, the Retention Period will be set for 90 days.
If the assets were discovered by the Probe discovery settings then those network devices will be deleted from deprecated assets tab permanently, if the Scan is performed for the same IP again the assets will be restored based on its reachability.

  • The asset that was deprecated for ‘x' number of days in the Asset Depreciation, if that particular asset is not active for the ‘x' number of days then it will be moved to Deprecated Assets for Deprecated Asset Retention Period for the 'x’ days.

  • After the entered number of days, the asset will be deleted from deprecated assets section.

  • As shown in the image below the respected company’s deprecated assets deletion will be shown in the Audit logs at the Global level.


Log4j Email Notification Settings

  • In Log4j Email Notification Settings can set the email address to get notified through the mentioned email and click on Save.

Suppress Vulnerabilities Days for Microsoft Patches

  • Using suppress Vulnerabilities can suppress the vulnerability for a number of days after the initial release.

  • Enter the number of days to suppress the vulnerabilities and click on Update.

Patching Status

  • CyberCNS has the capability to patch 3rd party applications using the Remediation Plan.

  • Patching ability can be enabled post accepting EULA terms from this section.

  • When you enable the patching status, an option to patch the applications at the Company level is enabled.

Manage Tags

Tags created under CyberCNS can be managed under this section for actions such as deletion, and bulk deletion.

  • In the asset section, can add the tags for the required assets.

  • At the company level, under Settings, all the tags added for each asset are listed.

  • Number of tags, Companies associated with the tag, and assets associated with the tag count will also be shown.

  • The tags can be deleted with the delete option in case required.

  • Under the Jobs section, the deleted tags' status can be seen.

EDR Application

Note:
1. The Global EDR applications contain the list of antivirus applications shown in the security report card for the respective assets.

2. Any application that is not already listed as antivirus under Global EDR applications can be added here. Please run a scan after adding it to reflect the application name in the security report card of the respective asset.

3. To Exclude any application from the Global EDR applications list, please click on the 'X' for the selected application.

4. The application which is added manually and if that application is excluded then this application cannot be reverted to the Include application list. But the default applications which are excluded can be reverted to the included list.

  • To add the EDR application manually, click on the +Add button.

  • Enter the required fields and click on Save.

  • The checkbox to enable regex can be selected here.

(blue star) Example: If an application name is set as Microsoft, all Microsoft applications will be listed in the Included list of EDR applications.

  • Click on the icon →(:Blue_X_icon:) for the application to be excluded.

  • On the confirmation dialog box select either ‘Yes’ or ‘No’ to exclude the application.

  • Once the application is selected to exclude, the application will be listed under the Excluded EDR Application list.

  • If the application is installed for that asset, please run a scan after adding it to reflect the application name in the security report card.

Backup Software

Note:

  1. Any software that is not listed as backup software under Global Backup software, can be added in this section. Please run a scan after adding it to reflect the software name in the security report card of the respective asset.

  2. To Exclude any software from the Global backup Software list, please click on the 'X' for the selected softwares.

  3. The Software which is added manually and if that Software is excluded then this Software cannot be reverted to the Include Software list. But the default Softwares which are excluded can be reverted to the included list.

Exclude component(s) from Security Report Card

The components can be excluded from the Security Report Card. Select the components which have to be excluded as shown below, and then click on the Save button.

e.g. When specific assets require backup software, a BackupRequired tag can be added for that asset. This will result in the Backup Software being shown on the Security Report Card for that asset.

e.g. If BackupNotRequired Tag is added to any asset, then it will exclude Backup Software from the Security Report Card.

Note : 

  • Backup Software can have only one Tag associated with it. Depending on the requirements, users can choose to add either the BackupRequired or BackupNotRequired Tag to the asset.

  • If BackupRequired Tag is added to the Asset, then it takes BackupRequired Tag as a priority and will discard the exclude settings of Backup Software added under company settings.

  • On the confirmation dialog box select either Yes or No to exclude the components.

  • After initiating the Full Scan, the chosen components will be suppressed and will be listed as suppressed under Asset Security and Compliance Overview.

AD Audit Scan

  • This is applicable only for DC system having probe Or lightweight agent installed on it.

  • Click on the enable option to get an AD Audit data using AD Audit Scan capability.

  • This completes the Settings section.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article