- 4 Minutes to read
- 4 Minutes to read
SAFE agents are lightweight endpoint programs that run in Windows Endpoints, Mac Endpoints, and Windows Servers. The agent performs scanning based on controls (CIS benchmarks and STIG) and sends the results to the central SAFE server. The SAFE server receives data from each of the hosts, processes it, and generates the SAFE score of the organization.
Activation Keys are used at the time of agent installation for authentication. With these activation keys, only authenticated agents will be allowed to register themselves, and thereby communicate with SAFE.
ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a matrix of different cyberattack techniques sorted by different tactics. All ATT&CK technique requirements are mapped to the SAFE controls across its five vectors to identify the gaps under different techniques and provide visibility on different attack categories that the organization is susceptible to.
SAFE Admins have complete access to all system features, functions, and data in SAFE.
Auditors have complete access to certain features, functions, and data related to assessment, reporting, etc. Still, they do not have access to certain administrative functions such as configuring global policies, custom control policies, assessment and management tools, etc.
Agent Global Policy
Agent Global Policy allows users to set a single policy for all Windows and Mac agents that includes Scan Time, Log Level, UDP Heartbeat, HTTP Heartbeat, and toggle to enable/disable Syslog.
Breach Cost Calculator
By responding to simple 7 questions on the Breach Cost Calculator, users can estimate the range of financial impact that their organization is sitting at. The estimated financial impact ranges from upper bound to lower bound with a value of most likely impact.
Custom Fields allows users to add additional metadata required for prompt identification, reporting, and analytics. Earlier, SAFE allowed adding Custom Fields limited to Assets only.
SAFE allows you to perform the configuration assessment based on your own hardening guidelines on assets via control policies. You can create custom control policies and apply them to an asset group. In that scenario, all assets that fall in that asset group will get assessed based on custom policies.
The control center displays the segregated view of the vertical-wise number of controls. It also frames up all the associated controls with every asset lying under the technology verticals.
SAFE Dashboard gives a holistic view of aggregated security maturity score analytics. It provides a container to show the results of the SAFE assessment. It displays the collective SAFE Scores for all the categories as well as the individual SAFE Scores of each of the groups.
Default parameters are the default values that you can configure for asset location, asset owner, asset department, and asset criticality in SAFE.
High Impact Controls
High Impact Controls are the critical set of controls that are more likely to be exploited by attack groups. Leaving these types of controls unpatched would lead to a high likelihood of a breach and a highly penalized SAFE score.
The users with Limited User Role have complete access to all features, functions, and data w.r.t to assets that the user owns.
Master Site Coordinator (MSC)
The Master Site Coordinator allows a single Site Coordinator to register with multiple SAFE instances via SC Broker and enables the assessment of agentless assets. This makes it easy for many organizations, such as Managed Security Service Providers (MSSP), to manage the security of their multiple customers.
Managing asset groups manually in the dynamically changing IT environment is time-consuming and needs human intervention whenever a new asset is added or deleted. Smart Group automates asset group management and adds/manages assets in the asset groups based on predefined criteria such as location, criticality, agent type, technology, region, applicability, and many more.
Site Coordinator (SC)
A Site Coordinator is a Linux software installation provided by SAFE. It is responsible for performing agentless assessments inside the customers' network with compatible devices and passing those assessments to the SAFE server. It can also act as a gateway for SAFE agents deployed in networks that do not have direct internet access to the SAFE server.
SAFE Hooks module in SAFE allows you to configure and manage all the integrations of other assessment tools and management tools with SAFE.
SAFE Recommendations provide you better insights into understanding “What’s going well?” and “What can be done better?” for the assessment and helps you make informed business decisions to improve the cyber risk posture.
SAFE Me is a zero-permission app that helps you boost your cybersecurity awareness, improves your mobile device's security, and discovers your leaked personal information such as passwords, phone numbers, etc. on the dark web. This app quantifies your cybersecurity risk on a scale of 0 to 5 based on your cyber awareness, device security, and exposure.
SMTP is a set of communication guidelines that allow the software to transmit electronic mail over the internet is called Simple Mail Transfer Protocol.
We have two controls in SAFE for all Windows applicabilities - “Ensure mandatory services are running” and “Ensure blacklisted services are stopped”. Users can define the success criteria of these controls, by choosing a Smart List. A Smart List is a user-defined list, confined to services for now. Users can create a list of services, by specifying the match criteria (Any/All), depending on whether any one of the services or all the services in the list should be matched. Depending on the Smart List and the match criteria for it, these two controls will get assessed for all the assets, when Success Criteria for them is configured.
The users with Viewer Role have only view access to system features, functions, and data.