rating of 5 out 5 stars

Similar documents
Nessus Enterprise Cloud User Guide. October 2, 2014 (Revision 9)

Qualys PC/SCAP Auditor

NETWRIX EVENT LOG MANAGER

TRUSTWAVE VULNERABILITY MANAGEMENT USER GUIDE

Nessus Perimeter Service User Guide (HTML5 Interface) March 18, 2014 (Revision 9)

TRIPWIRE PURECLOUD. TRIPWIRE PureCloud USER GUIDE

Configuration Information

IT Security & Compliance. On Time. On Budget. On Demand.

Unified Security Management (USM) 5.2 Vulnerability Assessment Guide

NETWRIX EVENT LOG MANAGER

NETWRIX USER ACTIVITY VIDEO REPORTER

NETWRIX EVENT LOG MANAGER

IIS, FTP Server and Windows

White Paper. Managing Risk to Sensitive Data with SecureSphere

AlienVault. Unified Security Management (USM) 5.1 Running the Getting Started Wizard

File Management Utility User Guide

Audit Management Reference

Intro to QualysGuard IT Risk & Asset Management. Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe

Security and Compliance Suite

Xerox Multifunction Devices. Verify Device Settings via the Configuration Report

Netwrix Auditor for Exchange

System Administration Training Guide. S100 Installation and Site Management

NETWRIX FILE SERVER CHANGE REPORTER

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure

WildFire Reporting. WildFire Administrator s Guide 55. Copyright Palo Alto Networks

Customer Tips. Xerox Network Scanning TWAIN Configuration for the WorkCentre 7328/7335/7345. for the user. Purpose. Background

Configuration Information

NMS300 Network Management System

Note: With v3.2, the DocuSign Fetch application was renamed DocuSign Retrieve.

GETTING STARTED WITH THE ISCAN ONLINE DATA BREACH PREVENTION LIFECYCLE

Citrix Virtual Classroom. Deliver file sharing and synchronization services using Citrix ShareFile. Self-paced exercise guide

IBM Security QRadar Vulnerability Manager Version User Guide

SevOne NMS Download Installation and Implementation Guide

Novell ZENworks Asset Management 7.5

Netwrix Auditor for SQL Server

USER GUIDE: MaaS360 Services

Lab Configuring Access Policies and DMZ Settings

Network Detective. HIPAA Compliance Module RapidFire Tools, Inc. All rights reserved V

Important Notes for WinConnect Server VS Software Installation:

User Guide. Version R91. English

NetWrix SQL Server Change Reporter

QualysGuard Asset Management

Getting Started with the iscan Online Data Breach Risk Intelligence Platform

Running the SANS Top 5 Essential Log Reports with Activeworx Security Center

Patch Management Reference

Secret Server Qualys Integration Guide

Version 1.0 January Xerox Phaser 3635MFP Extensible Interface Platform

GFI LANguard 9.0 ReportPack. Manual. By GFI Software Ltd.

AppLoader 7.7. Load Testing On Windows Azure

DiskPulse DISK CHANGE MONITOR

PCI Compliance. Network Scanning. Getting Started Guide

EMC Smarts Network Configuration Manager

Scan to Quick Setup Guide

WhatsUp Gold v16.3 Installation and Configuration Guide

Qualys Scanning for PCI Devices University of Minnesota

SAS Business Data Network 3.1

QualysGuard WAS. Getting Started Guide Version 3.3. March 21, 2014

Legal Notes. Regarding Trademarks KYOCERA MITA Corporation

Table of Contents. Table of Contents 3

Chapter 10 Encryption Service

Sophos XG Firewall v Release Notes. Sophos XG Firewall Reports Guide v

Hands on Lab: Building a Virtual Machine and Uploading VM Images to the Cloud using Windows Azure Infrastructure Services

Configuring SonicWALL TSA on Citrix and Terminal Services Servers

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

WatchDox Administrator's Guide. Application Version 3.7.5

HDA Integration Guide. Help Desk Authority 9.0

Creating Reports with Microsoft Dynamics AX SQL Reporting Services

Network Detective. Network Detective Inspector RapidFire Tools, Inc. All rights reserved Ver 3D

IHS Emergency Department Dashboard

Vodafone Secure Device Manager Administration User Guide

Zoho CRM and Google Apps Synchronization

Using Protection Engine for Cloud Services for URL Filtering, Malware Protection and Proxy Integration Hands-On Lab

GFI LANguard 9.0 ReportPack. Manual. By GFI Software Ltd.

How do I use Citrix Staff Remote Desktop

Velocity Web Services Client 1.0 Installation Guide and Release Notes

Lumension Endpoint Management and Security Suite (LEMSS): Patch and Remediation

QQConnect Overview Guide

IBM Security QRadar Vulnerability Manager Version User Guide IBM

SecureAnywhereTM Web Security Service

Vulnerability Management

Vulnerability Remediation Plugin Guide

LifeSize UVC Manager TM Deployment Guide

Netwrix Auditor for SQL Server

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

RPM Utility Software. User s Manual

Tenable Network Security Support Portal. January 12, 2015 (Revision 14)

Policy Compliance. Getting Started Guide. January 22, 2016

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

Test Automation Integration with Test Management QAComplete

Vendor Questionnaire

Lytecube Technologies. EnCircle Automation. User Guide

Charter Business Desktop Security Administrator's Guide

Patch Management Reference

Important Notes for WinConnect Server ES Software Installation:

QualysGuard WAS. Getting Started Guide Version 4.1. April 24, 2015

Comodo Endpoint Security Manager SME Software Version 2.1

User Guide. Version 3.2. Copyright Snow Software AB. All rights reserved.

for Small and Medium Business Quick Start Guide

Tenable for CyberArk

Transcription:

SPM User Guide Contents Aegify comprehensive benefits... 2 Security Posture Assessment workflow... 3 Scanner Management... 3 Upload external scan output... 6 Reports - Views... 6 View Individual Security Scan results... 6 Home Page Dashboard... 8 Asset Details... 9 Vulnerability Details... 10 Affected Security Controls... 12 Risky Assets Perspective... 13 Most Effective Controls perspective... 13 Top Risk Scenarios... 14 Remediation Report... 14 What-if Analysis... 14 Auto responses to assessments from scanned data... 15 Auto Answering Assessment with Security Scan Data... 15 Auto Answering when Starting Assessment with Security Scan Data... 16 Security Scans to Auto-reviewing assessment... 16 Support... 16 Page 1 egestalt Technologies is a leading provider of Cloud-based software-as-a-service (SaaS) solutions for IT security and compliance management, vulnerability analysis and risk management. The company's flagship product Aegify is the world s-first, software only solution that disrupts the way businesses deal with security, compliance and risk management using an easy-to-use, costeffective, subscription, cloud-saas solution. egestalt delivers its solutions through a channel based managed service provider community. egestalt s Aegify was given the highest rating of 5 out 5 stars by the reputed SC Magazine review, in June 2014, with 5 stars for Features, Performance, Documentation, Support and Overall Rating! The problems that Aegify solves are mentioned below and summarized here: Meet Regulatory Security, Risk and Compliance Management requirements for HIPAA, PCI, FISMA, SANS20, GLBA, SOX and 800 other regulatory frameworks. Perform effective vulnerability management to combat today's threats Remote deployment and management through a cloud-based managed services approach. Pre-Audit and Post-Audit with Complete audit trail for in-house or external auditors Vendor Risk Management Secure Meaningful Use Dollars through HIPAA Security Risk analysis

Aegify comprehensive benefits Just to recap, Aegify offers comprehensive benefits: 1. Features world s FIRST unique and flexible cloud-based software deployment architecture - Facilitates security scans of business IT assets. 2. Know your network through IT assets discovery - Detects vulnerabilities, security threats, and risks across your entire IT infrastructureto combat today's threats, helping you fix the vulnerabilities quickly, and made easy with automated vulnerability management life-cycle. Prioritize and manage risk effectively through real-time dashboards, GAP reports and remediation guidance. Facilitates security scans for more than 31,800 vulnerabilities and over 92,000 checks across your networks. 3. Remote deployment and management through a cloud-based managed services approach. 4. Integrates with Risk and Compliance Management Helps meet Regulatory Security, Risk and Compliance Management requirements for HIPAA, PCI, FISMA, SANS20, GLBA, SOX and 800 other regulatory frameworks. An underlying expert system that interprets the scanning results and maps the vulnerabilities to Risk and Compliance controls enabling you to manage your complete Security, Risk and Compliance Posture in real-time using a single unified GAP and remediation process for all organizational issues, resulting in huge productivity gains through savingsin time and resources. Addresses comprehensively the Vendor Risk Management 5. Pre-Audit and Post-Audit with Complete audit trail for in-house or external auditors. 6. Leverage the Integrated Managed Services Automation Platform - The solution is completely integrated with the rest of the services into the managed services framework with advance automation that enables complete administrative control for setup, configuration and administration of the service(s). 7. Do complete Remote deployment and management with low Total cost of ownership - Traditional vulnerability scanning solutions require manual deployment in the customer premises (CPE) for every location, sometimes requiring deployment in the domain controller's network. The scanning results need to be interpreted manually as well. Aegify SPM can be deployed and managed remotely through a remote cloud-based deployment architecture. With the click of a button on the browser based administrative console you are able to install, schedule and manage your vulnerability scanning process, and the expert system will automatically map the results to risk and compliance controls in real-time. This results in huge productivity gains and cost savings. 8. Scales easily from small to medium to large enterprises with large multi-segmented networks (more than 1,024 IPs) and virtualized infrastructures without affecting performance, including configuration and policy scanning. 9. Provides flexibility to easily include or exclude network segments from scans. 10. Includes authenticated and unauthenticated scan support. 11. Secure Meaningful Use Dollars through HIPAA Security Risk analysis 12. Generates extensive dashboard views and reports on security posture and compliance status. Page 2

Aegify Security Posture Managemnt (aka SPM) the unified security posture management tool for effective threat management includes the following capabilities: Asset Discovery Vulnerability Analysis Risk Profiling Threat Impact Analysis Compliance Mapping Dashboards & Reports Page 3 Security Posture Assessment workflow Assessing the security posture is a simple process as illustrated below: Scanner Management If you launch the scan from an AWS instance as detailed in the Aegify SPM from AWS User Guide, on clicking the Activate button after selecting the option to scan AWS instances and VPC, the scan schedule interface will display the following screen:

Page 4 The number of IPs addressed to be scanned based on your license subscription. The IPs may be your AWS systems or private IP of your VPC (when the scanner is launched within the VPC). Please ensure that the inbound traffic on port 40814 is allowed with the AWS security group as this port is required for Aegify Server scanner communication. Once the scan schedule is saved, Aegify portal will start a security scan on the specified assets at the scheduled time. You can disconnect from the remote desktop of the scanner instance and login into Aegify using a web browser. Go to https://www.aegify.com and login using the email ID and password you setup in step-1 above to monitor the scan progress. You can also schedule recurring scans by going to the links Security Manage Security Scans Aegify Scanner Management. Security->Manage Security Scans ->Manage Security Scan ->Aegify Scanner Management

Page 5 1. The screen display is to configure the scan. 2. The internal scan option is to run the Aegify scanner and the external scan option can be selected to run any supported external scanner as explained below. 3. Schedule the scan on a selected date and time and click on the Repeat check box to repeat the scans periodically; then select the repeat cycle - an assigned number of days, weekly, or monthly. 4. Select the notify option if you desire to have an email sent to you after an asset is discovered. Please note that the scan will not proceed until you log on to Aegify and manually select the IPs to be scanned and then clear this option. 5. Select the included hosts (required field) and select other hosts from the drop-down list on the right. If asset discovery has been completed for an ongoing scan, then you can choose the discovered assets from the Select Hosts from Here box to scan. 6. To exclude specific hosts, you can specify a single private IP or given subnets of private IPs. To add more than one IP address, press Enter key after keying in every IP Address. 7. Advanced Configuration section allows you to setup authenticated scans. Configuring logon credentials for scans enables you to perform deep checks, inspecting assets for a wider range of vulnerabilities or security policy violations. Additionally, authenticated scans can check for software applications and packages and verify patches. When you configure credentials for a site, target assets in that site authenticate the Scan Engine as they would an authorized user. Expand the advanced configuration section for adding new scan credentials for select services and also for restricting access to assets or ports. Read more about authenticated scans here.

Page 6 Upload external scan output Security -> Manage Security Scans -> Upload External Security Scan Output If you already have been using any of the scanners listed below, you can use Aegify to manage the secuirty posture by uploading the XML reports of the scans. The scanners supported include: {Select from the drop-down list by clicking the hyperlink} Nessus (Nessus Vulnerability Management) Qualys (Qualys Vulnerability Management) Rapid 7 (Rapid 7 Vulnerability Management) Retina (Retina Vulnerability Management) Saint (Saint Vulnerability Management) XCCDF (Extensible Configuration Checklist Description Format) The supported file formats include XML, zipped XML, and GZipped XML) {Select from the drop-down list by clicking the hyperlink) Browse your folders to select the external scanned data file. The data in the XML file will be imported into Aegify for compliance assessment purposes. If you launch the scan from an AWS instance as detailed in the Aegify SPM from AWS User Guide, the scan reports could be viewed by logging into www.aegify.com and selecting Reports from the top-level menu and SPM Reports from the sub-menu. You may view the vulnerabilities and the remediation report for taking appropriate remedial measures and rerunning the scans to ensure that the vulnerability gaps are fixed. These are detailed in the Reports section of this user guide later. Reports -Views View Individual Security Scan results Security -> Manage Security Scans -> View Security Scan Results

This view as shown below summarizes the scan results of each security scan. It also enables you to download a remediation action report (first column) for each vulnarabilities found in each scan. Page 7 Click on the comparison reports in the right-most column to compare the current scan results with a previous scan or click on the trend line report to view the trend. On clicking these comparison report links, you will be prompted to select a previous scan to compare as shown below: Click on the Generate button to generate the report. Please wait for Aegify to generate the report. The document will be placed in your download folder of the browser. Open the downloaded report document to view the comparison report. The comparison report will be downloaded as a CSV in which, each vulnerability status is compared against the previous scan selected. The trend report highlights the trend in risk levels of the assets, vulnerabilities by severity level and the secuity status to help you decide on appropriate actions for mitigating the security risks.

Home Page Dashboard On login, the customer s home page has a dashboard view of the security posture of the highlighting the security risk level, the vulnerable assets and total vulnerabilities for the customers. A graphical view of the data is displayed on the right. A customer's home page will display customer specific security posture details and the compliance status to applicable regulations and standards. Page 8

Asset Details Assets ->Asset Management ->Asset Aegify SPM inlcudes state of the art asset fingerprting algorithm wherein same asset scanned in multiple scans is recongined as an existing asset and the securtiy posture of the asset is determined from its latest scan. The Asset Repository in this view lists all the assets scanned across multiple scans and their current securitu posture. You can download the detailed secuity posture report from each assets-perspective by clicking the export botton located at the bottom-right of this view. Page 9 1. The first pie-chart summarizes all the scanned hosts by grouping them based on the security Severity. 2. The second pie-chart summarizes all the software services running on these assets. 3. The trendline shows the security posture over time interms of number of assets in each severality rating in last three scans. 4. The data grid at the bottom of this view lists all the assets with current securtiy posture details. Click on individual asset link to view more details about the asset security posture in terms of vulnerabilties and remediation suggestions.

Page 10 Vulnerability Details Assets ->Asset Management ->Vulnerability View You can download the detailed secuity posture report from each vulnerability-perspective by clicking the export botton located at the bottom-right of this view. 1. The first chart lists the top 10 vulnerabilities across all the scanned asssets. 2. The second chart summarizes all the vulnerabilities present across all the assets by grouping them based on the security Severity. 3. The trenline shows the number of vulnerabilities by severity present in each scan. The data grid at the bottom of this view lists all the vulnerabilities present across all the assets. Expand each vulnerability to read more about the vulnerability and remediation suggestions. If you have been scaning same set of assets over a period of time, the trendlines in these two view shows how your I.T. Security Risk is changing over time. A good remedial action process in place will show the Risk being lowered over time in these trend charts.

You can download a detailed remediation report from any of these two views. This report will giude your remediation team with detailed remedial actions for each asset and time estimates for remediating each asset. Page 11

Affected Security Controls Assets ->Asset Management ->Affected Regulatory/Standards Controls View Page 12 1. The top panel displays the affected controls and the control risk status changes across a timeline. 2. The table below the top panel displays details of the vulnerabilities in terms of Control Title, Citation Reference, Total Vulnerabilities and Affected Controls. 3. Click on the export icon at the bottom to export the data in PDF or Microsoft Word format. 4. Click on the hyperlinked numerical figures in the table to view the affected scanned IT Assets in terms of the asset name, protocol and the port used.

Reports ->Risk Reports->Dashboard and Reports Set the required filters in this reports sreen and select the required perspective. Page 13 Risky Assets Perspective Most Effective Controls perspective

Top Risk Scenarios Page 14 Remediation Report What-if Analysis 1. What-If Analysis gives a powerful simulation model to assess the impact on security and compliance levels for a selected customer by defining the count of assets to be evaluated and the perspective in terms of controls and risk scenarios. 2. Filter on various tags using the predefined tags in the drop-down list. 3. Various applicable controls listed in the left panel could be selected by clicking the check box to the right of the control to indicate whether the control is implemented and to instantly display the risk scenario, the number assets impacted by the control and the percentage of controls scored. After selecting or deselecting the controls that are implemented, clicking the Calculate button at the bottom right of the task bar displays the extent to which the selected customer is compliant through the pie chart on the right. 4. The multi-level pie chart shows three layers: The inner most circle shows the severity of the overall risk status; the middle circle shows the assets grouped by severity; the outer circle displays the risk scenarios grouped by the severity for the group of assets.

5. Selecting the heat map tab to the right of the multi-level pie chart shows the risk by asset value for the different assets for which the compliance controls have been implemented. Page 15 Auto responses to assessments from scanned data Auto Answering Assessment with Security Scan Data Assessment -> Start Assessment egestalt has mapped many known vulnerabilities published by MITRE to different Regulatory controls. So the presence of any of these vulnerabilities in your organization can automatically fail compliance to controls in assessments. egestalt updates these vulnerabilities mapping to different Regulatory controls regularly. MCP Reviewers can select the option to auto-answer some of the controls in the assessment when starting the assessment after starting the assessment for user responses. This option will be available if you have subscribed to SPM service and have scanned the IT network at least once. If a scan is performed after the assessment is started (published), Aegify will prompt the assessee to auto answer using the scan data. Assessees can auto-answer the assessment later by clicking on the Auto-Answer button. MCP Reviewers can also use the scan data for reviewing Assessments. This option will be available, if the customer has subscribed to SPM service and has scanned the network at least once in their network. The interface provides features for the MCP reviewer to: 1. Select the customer organization. 2. Enter relevant Assessment details. 3. Click on the check box under Auto-answer options - Use Security Scans to Autoanswer and / or Use Previous Assessments to auto-answer. 4. Where fields have a drop-down box, select the value from the list box. 5. Click on the Save button.

Auto Answering when Starting Assessment with Security Scan Data Assessment -> Start Assessment egestalt has mapped many known vulnerabilities published by MITRE to different Page 16 Regulatory controls. So the presence of any of these vulnerabilities in your organization can automatically fail compliance to controls in assessments. egestalt updates these vulnerabilities mapping to different Regulatory controls regularly. MCP Reviewers can select the option to auto-answer some of the controls in the assessment when starting the assessment after starting the assessment for user responses. This option will be available if you have subscribed to SPM service and have scanned the IT network at least once. If a scan is performed after the assessment is started (published), Aegify will prompt the assessee to auto answer using the scan data. Assessees can auto-answer the assessment later by clicking on the Auto-Answer button. 1. Select customer organization. 2. Enter relevant Assessment details. 3. Click on the check box under Auto-answer options - Use Security Scans to Autoanswer and / or Use Previous Assessments to auto-answer. 4. Where fields have a drop-down box, select the value from the list box. 5. Click on the Save button. Security Scans to Auto-reviewing assessment Assessment ->Assessment Browser ->Review MCP Reviewers can use the security scan data for reviewing Assessments. This option is available to a customer who has subscribed to SPM service and has scanned the network at least once in their network. 1. Select an assessment with its state shown as review from the list or using advanced search panel select an assessment in review state. 2. Add user relevant details and click the Review button. 3. Select a user from the list with the status Review in Progress. 4. Click on Review Responses button in the bottom panel. 5. Click on Auto-review button in the bottom panel. 6. Click on Use Security Scan Results option from the pop-up menu. 7. Select an Assessee name from the list and click on Auto-score button. 8. Click Yes, for confirmation. Support Email: support@egestalt.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information