Privileged Account Management
Poor or nonexistent Privileged Account Management (PAM) is the number one attack target for malicious actors either inside or outside your company.
In 2017, 80% of all network security breaches involved privileged credentials.*
That means your business’s confidential records, personal information, and intellectual property could be at risk all because of sloppy password management!
CyberSana’s PAM system automatically rotates admin passwords on all enterprise resources frequently and randomly. Those passwords are securely stored and accessible only through two-factor authentication. Plus, crucial data like SSH keys, API keys, FTP/SFTP/SCP accounts, and shared vendor credentials are securely stored with AES-256 encryption, discrete software password keys for each entry, and a long salted hash.
A drastically reduced risk of security breach with nearly no manual labor.
*According to studies conducted by Forrester Research.
The CyberSana Audits feature provides an organized, automated means to stay on top of device security, no matter how vast your network. Performing up to 350 Audit Checks per minute, CyberSana can quantify the risk level of 1,000 servers in under an hour and a half - a task that would take a security team months to perform manually.
The platform is fully integrated with Nessus, the security industry's most widely deployed assessment solution, and a powerful tool for identifying vulnerabilities, configuration issues, and malware attacks.
The Audits homepage arranges your devices by type, operating system, and vendor. It also displays cumulative device types, the number of devices undergoing audits, and overall device scores.
Use the buttons in the toolbar to quickly view a full list of Audit Checks, Mitigate failures, and Perform Audits.
Expanding device types reveals individual device scores, as well as the current status of each device’s audit checks: Passed, Failed, Pending, Processing, Pending Mitigation or Mitigated.
Expanding an individual device allows you to view each audit check separately. Click on an Audit Check to reveal the command it issues, expected output, score, embedded auto-mitigation commands, and any qualifiers. For focused troubleshooting, you may manually Mitigate, Ignore, or Recheck any Audit Check for an individual device.
CyberSana adds new device audit checks weekly, as new security best practices come to light from within our community of users.
You may also create your own audit checks from scratch, or based off an existing check. Audit Checks follow a Command Input > Operand > Command Output format. Checks may also be outfitted with Auto-Mitigation, a set of commands that runs automatically as a first attempt to resolve an issue uncovered by an Audit Check.
CyberSana’s Backup feature consolidates backup management for all your network devices into one easy-to-read format. View cumulative device and file backups right from the homepage.Use the Backup button to initiate backups immediately or schedule automatic backups for the future.
CyberSana’s Orchestration feature allows you to manage your enterprise security on any scale.
- Change an account password on a single server... or a thousand account passwords on a thousand servers.
- Perform enterprise-wide audits and backups.
- Upload files to a central repository and transfer to/from any other target.
- Type one command or a series of commands to execute on target devices
- SCHEDULE any of the above.
CyberSana automates as many processes as possible, but some things still require a human
touch. The Action Center provides more details information about the following issues:
Unable to Authenticate
Unable to Connect
Unable to Identify
Accounts added outside of CyberSana
Orphaned Accounts in CyberSana
Admin Password Update Failed
Accounts not changed within the past 30 days
Scores of 7 and Above
No Audits Run
No backup within the last 30 days
Change management is the cornerstone of reliable chain of custody and responsible security
operations teams. Change management answers the following questions:
Who made the change?
When did the change occur?
How was the change made?
Why was the change made?
Comprehensive and ongoing monitoring of your organization's response times is paramount to maintain service-level availability agreements, long-term visibility, and easy, available troubleshooting. CyberSana's virtual one-click monitoring solution alerts you the moment there is an availability issue on a critical asset, significantly reducing the mean time to repair (MTTR).
Availability is measured through both ping and port monitoring on the internal and external views of your organization. SNMP is used for internal assets, tracking interface throughput, number of connections, power supply status and more.
CyberSana gives you visibility not only today - but yesterday, last week, last month and last year.
Simply provide your external IP range and CyberSana will automatically discover which services are up and begin to monitor them. It is that easy.
The Job Status tile displays applications’ current actions and gives you a bird’s-eye view of job
progression - especially helpful for large audits with thousands of items involved.
Items are present during pending or processing statuses, automatically dropping from view 5
minutes from job completion.
The backbone of security operations and auditors alike. ALL reports can be run against a device
group, individual devices, technologies or all devices.
CyberSana generates the following reports:
Everything that has happened to a device group, individual devices, technologies or all devices
over time. Reveals who accessed passwords for which accounts as well as the SSH sessions
with hyperlinks to view them.
Audit Check History
The full history of an audit check, or collection of audit checks.
Displays the golden standard of a technology or all technologies for auditing purposes. It shows
the categorization, name and the score of any check. Categories include access, system,
cluster, miscellaneous, policy and performance.
Displays all backups submitted against a given device.
Configuration Management Database
This is an inventory report. CyberSana records aspects of a device upon initial creation and
updates its inventory on a weekly basis.
Inventory reports contain the following:
Hostname - IP - Access port - Hardware - Software - Uptime - High availability status - Serial
Number - Amount of memory - If IPS is enabled - If SNMP is enabled - If VPN is enabled -
Device comment - Management server name (Check Point) - IPS Profile name (Check Point) -
Policy name (Check Point) - Policy install timestamp (Check Point) - Log Servers (Check Point)
Current Password Export
Exports the current passwords recorded within the vault. It requires two-factor authorizations
from two administrators in order to produce. CyberSana chooses the second administrator at
random to force communication within the security team and protect your data.
Reveals the outcomes of file transfers - especially helpful for large transfers to remote targets or
transfers to many separate devices. It displays the target device, user who initiated the transfer,
filename, date and status.
The auditor’s favorite report. Requires an account name or names to prevent data leakage.
Displays previous passwords in clear text to ensure auditors are aware of adherence to
Anything and everything that happens within CyberSana, stays within CyberSana. All user
activity, from retrieving a password to running a report is recorded within the software.
Displays a target device, user, command inputs and respective outputs. A powerful way to view
and report the output of commands run on multiple devices, scheduled or on demand.
The permissions tile is broken into three facets:
Device Groups (duplicated under the Devices menu)
User access is set up using the following flow:
define to which devices a user requires access
define what a user can do with those devices
(NOTE: a user my have access to multiple permission profiles, with different levels of access,
i.e., a user may be an administrator on one set of devices and have read-only on another set of
Permissions are set up with the following tags:
Audit Devices - Backup Devices - Create Accounts - Create Devices - Delete Accounts - Delete
Devices - Edit Accounts - Edit Devices - Manage Settings - Manage Users - Mass Update - SSH
Accounts - View Passwords - View Reports - Static Storage
Static Storage group assignments are also tied to the Permissions profile.
Static storage is a vault to store items in a secure manner that will not change over time. It could
be a shared account on a vendor's support website, a private PGP, PKI or SSH key, or anything
else that requires safe storage. Static Storage maintains a private vault for each individual user login.