Choose a button from the CyberSana Dashboard to learn more about its functions.
Current overall infrastructure score calculated daily on demand. This tile is also the gateway to view the scores of each device group you have setup to represent things such as geographic locations, products or environments.
A histogram of your daily overall infrastructure score for the last 30 days.
The CyberSana Audits feature provides an organized, automated means to stay on top of device security, no matter how vast your network. Performing up to 350 Audit Checks per minute, CyberSana can quantify the risk level of 1,000 servers in under an hour and a half – a task that would take a security team months to perform manually.
The platform is fully integrated with Nessus, the security industry’s most widely deployed assessment solution, and a powerful tool for identifying vulnerabilities, configuration issues, and malware attacks.
The Audits homepage arranges your devices by type, operating system, and vendor. It also displays cumulative device types, the number of devices undergoing audits, and overall device scores.
Use the buttons in the toolbar to quickly view a full list of Audit Checks, Mitigate failures, and Perform Audits.
Expanding device types reveals individual device scores, as well as the current status of each device’s audit checks: Passed, Failed, Pending, Processing, Pending Mitigation or Mitigated.
Expanding an individual device allows you to view each audit check separately. Click on an Audit Check to reveal the command it issues, expected output, score, embedded auto-mitigation commands, and any qualifiers. For focused troubleshooting, you may manually Mitigate, Ignore, or Recheck any Audit Check for an individual device.
CyberSana adds new device audit checks weekly, as new security best practices come to light from within our community of users.
You may also create your own audit checks from scratch, or based off an existing check. Audit Checks follow a Command Input > Operand > Command Output format. Checks may also be outfitted with Auto-Mitigation, a set of commands that runs automatically as a first attempt to resolve an issue uncovered by an Audit Check.
CyberSana’s Backup feature consolidates backup management for all your network devices into one easy-to-read format. View cumulative device and file backups right from the homepage.
Use the Backup button to initiate backups immediately or schedule automatic backups for the future.
Comprehensive and ongoing monitoring of your organization’s response times is paramount to maintain service-level availability agreements, long-term visibility, and easy, available troubleshooting. CyberSana’s virtual one-click monitoring solution alerts you the moment there is an availability issue on a critical asset, significantly reducing the mean time to repair (MTTR).
Availability is measured through both ping and port monitoring on the internal and external views of your organization. SNMP is used for internal assets, tracking interface throughput, number of connections, power supply status and more.
CyberSana gives you visibility not only today – but yesterday, last week, last month and last year.
Simply provide your external IP range and CyberSana will automatically discover which services are up and begin to monitor them. It’s that easy.
PRIVILEGED ACCOUNT MANAGEMENT
Poor or nonexistent Privileged Account Management (PAM) is the number one attack target for malicious actors either inside or outside your company.
In 2017, 80% of all network security breaches involved privileged credentials.*
That means your business’s confidential records, personal information, and intellectual property could be at risk all because of sloppy password management!
CyberSana’s PAM system automatically rotates admin passwords on all enterprise resources frequently and randomly. Those passwords are securely stored and accessible only through two-factor authentication. Plus, crucial data like SSH keys, API keys, FTP/SFTP/SCP accounts, and shared vendor credentials are securely stored with AES-256 encryption, discrete software password keys for each entry, and a long salted hash.
The result? A drastically reduced risk of security breach with nearly no manual labor.
*According to studies conducted by Forrester Research.
CyberSana automates as many processes as possible, but some things still require a human touch. The Action Center provides more details information about the following issues:
- Unable to Authenticate
- Unable to Connect
- Unable to Identify
- Not Root
- Accounts added outside of CyberSana
- Orphaned Accounts in CyberSana
- Admin Password Update Failed
- Accounts not changed within the past 30 days
- Scores of 7 and Above
- No Audits Run
- No backup within the last 30 days
Change management is the cornerstone of reliable chain of custody and responsible security operations teams. Change management answers the following questions:
Who made the change?
When did the change occur?
How was the change made?
Why was the change made?
CyberSana’s Orchestration feature allows you to manage your enterprise security on any scale.
- Change an account password on a single server… or a thousand account passwords on a thousand servers.
- Perform enterprise-wide audits and backups.
- Upload files to a central repository and transfer to/from any other target.
- Type one command or a series of commands to execute on target devices
- SCHEDULE any of the above.
The Job Status tile displays applications’ current actions and gives you a bird’s-eye view of job progression – especially helpful for large audits with thousands of items involved.
Items are present during pending or processing statuses, automatically dropping from view 10 minutes from job completion.
The permissions tile is broken into three facets:
Device Groups (duplicated under the Devices menu)
User access is set up using the following flow:
- Define to which devices a user requires access
- Define what a user can do with those devices
(NOTE: a user my have access to multiple permission profiles, with different levels of access, i.e., a user may be an administrator on one set of devices and have read-only on another set of devices.)
Static Storage group assignments are also tied to the Permissions profile.
The backbone of security operations and auditors alike. ALL reports can be run against a device group, individual devices, technologies or all devices.
CyberSana generates the following reports:
Everything that has happened to a device group, individual devices, technologies or all devices over time. Reveals who accessed passwords for which accounts as well as the SSH sessions with hyperlinks to view them.
AUDIT CHECK HISTORY
The full history of an audit check, or collection of audit checks.
Displays the golden standard of a technology or all technologies for auditing purposes. It shows the categorization, name and the score of any check. Categories include access, system, cluster, miscellaneous, policy and performance.
Displays all backups submitted against a given device.
CONFIGURATION MANAGEMENT DATABASE
This is an inventory report. CyberSana records aspects of a device upon initial creation and updates its inventory on a weekly basis.
Reports contain: Hostname – IP – Access port – Hardware – Software – Uptime – High Availability Status – Serial Number – Amount of Memory – If IPS is Enabled – If SNMP is Enabled – If VPN is Enabled – Device Comment – Management Server Name (Check Point) – IPS Profile Name (Check Point) – Policy Name (Check Point) – Policy Install Timestamp (Check Point) – Log Servers (Check Point)
CURRENT PASSWORD EXPORT
Exports the current passwords recorded within the vault. It requires two-factor authorizations from two administrators in order to produce. CyberSana chooses the second administrator at random to force communication within the security team and protect your data.
Reveals the outcomes of file transfers – especially helpful for large transfers to remote targets or transfers to many separate devices. It displays the target device, user who initiated the transfer, filename, date and status.
The auditor’s favorite report. Requires an account name or names to prevent data leakage. Displays previous passwords in clear text to ensure auditors are aware of adherence to complexity standards.
Anything and everything that happens within CyberSana, stays within CyberSana. All user activity, from retrieving a password to running a report is recorded within the software.
Displays a target device, user, command inputs and respective outputs. A powerful way to view and report the output of commands run on multiple devices, scheduled or on demand.
Static storage is a vault to store items in a secure manner that will not change over time. It could
be a shared account on a vendor’s support website, a private PGP, PKI or SSH key, or anything
else that requires safe storage. Static Storage maintains a private vault for each individual user login.