Prioritization of fixes based on breach likelihood and financial risk.
Activation Keys are used at the time of agent installation for authentication. With these activation keys, only authenticated agents will be allowed to register themselves, and thereby communicate with SAFE.
SAFE Admins have complete access to all system features, functions, and data in SAFE.
SAFE agents are lightweight endpoint programs that run in Windows Endpoints, Mac Endpoints, and Windows Servers. The agent performs scanning based on controls (CIS benchmarks and STIG) and sends the results to the central SAFE server. The SAFE server receives data from each of the hosts, processes it, and generates the SAFE score of the organization.
Agent Global Policy allows users to set a single policy for all Windows and Mac agents that includes Scan Time, Log Level, UDP Heartbeat, HTTP Heartbeat, and toggle to enable/disable Syslog.
Auditors have complete access to certain features, functions, and data related to assessment, reporting, etc. Still, they do not have access to certain administrative functions such as configuring global policies, custom control policies, assessment and management tools, etc.
Probability of an organization being hacked in the next 12 months.
The control center displays the segregated view of the vertical-wise number of controls. It also frames up all the associated controls with every asset lying under the technology verticals.
SAFE allows you to perform the configuration assessment based on your own hardening guidelines on assets via control policies. You can create custom control policies and apply them to an asset group. In that scenario, all assets that fall in that asset group will get assessed based on custom policies.
It is the percentage of the business-critical assets covered by a Cyber Security Product (CSP) in your organization.
Custom Fields allows users to add additional metadata required for prompt identification, reporting, and analytics. Earlier, SAFE allowed adding Custom Fields limited to Assets only.
Cyber risk commonly refers to any risk of financial loss, disruption, or damage to the reputation of an organization resulting from the failure of its information technology systems.
Default parameters are the default values that you can configure for asset location, asset owner, asset department, and asset criticality in SAFE.
Estimated Financial Impact represents the $ impact an enterprise can incur due to a breach over a 12-month period. A range is also provided with upper and lower bounds of Financial Impact, and the expected value is usually a number within that range.
Financial Risk represents the Expected Financial Loss an enterprise can incur in case of a breach over a 12-month period. It is also referred to as ALE (Annualized Loss Exposure).
High Impact Controls are the critical set of controls that are more likely to be exploited by attack groups. Leaving these types of controls unpatched would lead to a high likelihood of a breach and a highly penalized SAFE score.
- If a CSP is not implemented but is applicable to your organization, keep the Implementation Status toggle disabled. In this case, it treats the implementation status as Failed and impacts the SAFE Score.
- If a CSP is not applicable to your organization, remove the CSP from Administration > Governance Management > Cybersecurity Products Management. In this case, it will not contribute to the SAFE Score of the organization.
The lowest estimated cost for a range. The default lower bounds are populated based on the actual historical costs.
The Master Site Coordinator allows a single Site Coordinator to register with multiple SAFE instances via SC Broker and enables the assessment of agentless assets. This makes it easy for many organizations, such as Managed Security Service Providers (MSSP), to manage the security of their multiple customers.
Risk scenarios describe in detail the asset at risk, who or what can act against the asset, their intent or motivation (if applicable), the circumstances and threat actor methods associated with the threat event, and the effect on the company if/when it happens, and when or how often the event might occur.
SAFE Hooks module in SAFE allows you to configure and manage all the integrations of other assessment tools and management tools with SAFE.
SAFE Me is a zero-permission app that helps you boost your cybersecurity awareness, improves your mobile device's security, and discovers your leaked personal information such as passwords, phone numbers, etc. on the dark web. This app quantifies your cybersecurity risk on a scale of 0 to 5 based on your cyber awareness, device security, and exposure.
SAFE Recommendations provide you better insights into understanding “What’s going well?” and “What can be done better?” for the assessment and helps you make informed business decisions to improve the cyber risk posture.
SAFE Score represents the likelihood of an enterprise being breached over the next 12 months.
A Site Coordinator is a Linux software installation provided by SAFE. It is responsible for performing agentless assessments inside the customers' network with compatible devices and passing those assessments to the SAFE server. It can also act as a gateway for SAFE agents deployed in networks that do not have direct internet access to the SAFE server.
Managing asset groups manually in the dynamically changing IT environment is time-consuming and needs human intervention whenever a new asset is added or deleted. Smart Group automates asset group management and adds/manages assets in the asset groups based on predefined criteria such as location, criticality, agent type, technology, region, applicability, and many more.
SMTP is a set of communication guidelines that allow the software to transmit electronic mail over the internet is called Simple Mail Transfer Protocol.
The highest estimated cost for a range. The default upper bounds are populated based on the actual historical costs.