Interactive Onboarding Demo
Click on the image below to use the interactive demo at your own pace.
Accessing ConnectSecure
The ConnectSecure portal login can be accessed here: https://portal.myconnectsecure.com/sign-in
Setup Users and Security
- Navigate to Global > Settings > Users, where you can Add, Edit, and Delete user accounts.
- Review our User Management and Security Guide here: https://cybercns.atlassian.net/wiki/x/uQDVfQ
- You can review your user account details in the User Avatar > Profile section, where you can add additional Passwords and Security options from the authentication portal Zitadel.
Configure Global Settings
- Review Global Settings: Before adding companies to the portal, navigate to Global > Settings > Global Settings to review the available options and make any desired changes.
Reviewing each one is important to become familiar with what's available and set by default.
See the complete Global Settings documentation here: https://cybercns.atlassian.net/wiki/x/uICUgQ
Configure Global Scheduler
Navigate to Global > Settings > Scheduler to add, edit, and delete the settings.
Scan Scheduler
- Configure Global Scan Scheduler
Refer to our KB for additional information and setup help if needed: https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2102198449/Global+Scheduler#Scan-Scheduler
Below is a sample scan recommendation.
Scan Scheduler Examples | ||||
Scan Job Name | Scan Type | Frequency | Target Time | Agent Type |
Daily Full Scan - All Companies (Includes Active Directory, Compliance, Firewall, and Network Scans) | Full Scan | Once Per Day | During business hours, we want assets to be online for scanning | Probe |
Daily ASM Scan - All Companies | Attack Surface Mapper | Once Per Day | After hours, any time | Non-Agent Scan |
Daily External Scan - All Companies | External Scan | Once Per Day | After hours, any time | Non-Agent Scan |
Weekly Compliance Scan - All Companies (Only needed if you are not using the Probe - Full Scan option) | Compliance | Once Per Week | During business hours, we want assets to be online for scanning | Lightweight or Probe Agent |
Patch Scheduler
- Configure Global Patch Scheduler
This is where you configure automatic patching for Applications (third-party) and Operating Systems (OS). You can use one or both of the patching types. If you plan to use both Application and OS patching, you will build at least one schedule for each.
Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2102198449/Global+Scheduler#Patch-Scheduler
Report Scheduler
- Configure Global Report Scheduler
Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2102198449/Global+Scheduler#Report-Scheduler
Report Schedule Examples | ||
Report Schedule Name | Report Type | Frequency |
Monthly Assessment Report - All Companies | Monthly | |
Monthly External Scan Vulnerability Detailed | Word | Monthly |
Monthly Compliance Report | Word | Monthly |
Company Management
Add Local Company
- Add Local Company
Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/x/DQB0gQ
Configure Company Settings
- Review and Update Company Settings
Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/x/74qfgQ
Configure Company Discovery
- Review and Update Company Discovery
Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2102919235/Company+Agents#Discovery
Configure Company External Asset(s)
- Review and Update Company External Asset Configurations
Refer to our KB for additional information and setup help: Company External Assets
Configure Company Scheduler
Review and update Company Scheduler options. If you have configured the Global Scheduler, you will see those options in the Company Scheduler window, as shown below. You may consider not setting a company-level schedule if you have it covered by the global.
- https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2159312973/Company+Scheduler#Company-Scan-Scheduler
- https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2159312973/Company+Scheduler#Company-Patch-Scheduler
- https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2159312973/Company+Scheduler#Company-Report-Scheduler
Agent Deployment
- Prepare Company Agent Install Package
Select a company
Navigate to Overview > Agents
Tap on the download Agent icon
To use the Probe Agent, you must map the Discovery Settings and Credentials section; tap below for the guide on converting a lightweight agent to a probe.
Review Scan Results
- All Assets = All the assets installed with a lightweight/probe agent and any IP-based asset discovered during the probe's asset discovery scan. No probe would mean all assets are from LWA. Tap through the Asset Details screen to browse all the data collected from the asset. Below are some key areas to review.
- Problems - review the Problems to see all discovered vulnerabilities
- Solutions - review the Solutions to see the remediation plan for the asset
- Security Report Card - review to see security posture details
- Compliance Report card - review to see compliance checks based on OS configuration
- Firewalls = Firewall assets authenticated by Discovery Credentials will be shown here; if you do not provide credentials, no firewalls will display.
- Other Assets = Probe discovered assets not supported for vulnerability scanning; these assets are not counted towards your billable devices.
- Problems = Vulnerabilities. Instead of just dumping a list of CVEs, we classify them into our problem group categories; check our KB for the full listing: https://cybercns.atlassian.net/wiki/x/TgEUgg
- Solutions = Remediation Plan. This is where you will find the proposed/recommended solutions to address the problem (CVEs) discovered by the scans. Check the KB/FIX column to see a URL or link to the source for a solution.
- Pending OS Patches = View any detected missing operating system patches. To install patches, use the company's Patch Management screen.
- Ports = View detected ports and services running on the assets; requires a Probe Scan. Tap to see the asset details.
- External Assets = External Scan Endpoints. This would include any public-facing internet records seen as ‘looking from the internet to the inside.’ These do not require credentials and can be scanned during offline/non-standard business hours.
External Endpoint Name Example | Example |
|---|---|
Public Domain / Website | IE: xyz.com (domain) |
Static IP / Public IP | IE: 66.54.58.100 (static) |
IP Range (Public Block) | IE: 66.54.58.100-66.54.58.105 (range) |
- Patch Management = Company-level option only. Used to run manual patches for applications or OS. Patch jobs are also found here to check on successful, pending, and failed jobs. Tap date/time to see details.
- Attack Surface Mapper = Secondary type of external scan. Includes Vulnerabilities, Open Ports, Target IPs, Emails, Usernames, and Subdomains. It also includes the S3 Buckets, DNS Records, MX Records, and RAW Headers.
- Certificates = SSL information. This is great for Certificate Management. However, it requires the probe scan and an external asset configuration to be added.
- Active Directory Problems (if applicable) =
- Active Directory (if applicable) = Requires administrator-level credentials for Active Directory. Displays your basic AD data, including the OU’s (Organizational Units), Users, Computers, Groups, GPO (Group Policy Objects), and Password Policy details.
Refer to our Active Directory Least Privileges KB if you are not using domain admin credentials:
https://cybercns.atlassian.net/wiki/x/AYC_gQ
- Azure Active Directory and Microsoft Secure Score = require the Azure CSP or Non-CSP integration to be configured. Displays the Users, Computers, Groups, Licenses, Logs, and Roles.
This integration will also populate the Microsoft Secure Score data.
Review Dashboard and Reporting
Now that you have collected data from the various scans use the dashboard and reporting to get the information into the hands of the people who matter.
We have prebuilt Standard Reports and a customizable Report Builder.
Any report can be scheduled for automatic delivery to your email inbox or through various integration points using the Report Scheduler.
You can also use the in-app Company Dashboard and/or Global Dashboard to see your data in different views with additional filtering and sorting options in our dashboards.
Attachments (38)
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article