The updated Defensys SGRC platform has a new process for handling summary audits. The term «summary audit» refers to an audit that is used to perform a comprehensive audit of one or more assets according to one or different standards. This is a handy tool that allows you to significantly save time when you need to aggregate information from multiple audits. In version 4.7, the summary audit interface became the center from which an expert can manage all the included audits. The user can edit the workgroup, change the status, evaluate requirements, manage remarks, and generate a processing plan from the summary audit. There is now an option to quickly view the asset card included in the assessment area, which displays general information about the category, responsible persons, related assets, and others. A new tab Summary was added that includes a customizable mini-dashboard that contains information on the audit results, check progress, created reports, statistics on open and processed issues.
The platform’s integration capabilities have been significantly increased. Defensys SGRC now includes integration with Skybox and the Tenable Security Center vulnerability scanner. Universal integration using Python has also been added to import asset and vulnerability data from any information source using a script. Asset data can also be obtained through integration with Excel/CSV, JSON, and XML files.
To the available ways of inventorying Windows systems, the inventory option via WinRM (Windows Remote Management) has been added. This is a convenient and secure method that does not require local administrator rights on the remote host and uses an encrypted connection by default.
A large part of the changes were made to the Vulnerabilities tab. Information about vulnerable software and related vulnerabilities, i.e., similar vulnerabilities from other sources, has been added to the vulnerability card. This data is useful for analysis by cybersecurity specialists and can be used in the vulnerability management policies settings tab. There is also an option to display the presence of exploits for a vulnerability. This information is generated based on the vulnerability vector and data obtained from external sources. Another useful feature is the ability to calculate a vulnerability rating based on CVSS score and asset and vulnerability field values, with user-defined rating logic. In addition, it is now possible to view vulnerability statistics, filter data by various parameters, and import custom vulnerability reports using a special template.
The report constructor now allows you to generate report templates in the form of text files with tags, which are replaced by data based on the results of queries. Such reports can be created in DOCX, PPTX, XLSX, ODT, PDF formats. The system still allows you to use a template in HTML format and automatically generate a report in XLS format. The created report can be immediately saved in the documentation database in the system or attached to the existing document. The system will automatically link the document to the entities that it was created for, which greatly simplifies the maintenance of the documentation database.
The dashboard constructor now allows you to build graphs with the top objects in ascending or descending order. Users can set the size (top-3, top-5, top-10, etc.) and sort not only the objects, but also the groups selected within them. There is a new type of custom graph called “World Map”, which is a more flexible version of the classic system map that was before. A customizable map can display groups of IT assets, devices, incidents and vulnerabilities. It is fully customizable, supports data filtering, and allows you to display data by location like country, city, address. Additionally, a flexible role model has been added to the dashboard constructor, which allows you to limit the list of objects that users can use to build graphs and provide them read-only access. For graphs of the custom assets, vulnerabilities and incidents, a filter panel was added, allowing you to quickly filter the needed data and view it in a different perspective without changing the graph itself. The dashboard update process has been redesigned to speed up dashboard loading. Now the simple charts showing small amounts of data are updated automatically once a minute, and the complex ones once a day. Updating takes place in the background without affecting the displayed graph. Each graph is marked with the date of the last update and the option to update manually is supported, but these changes did not affect the system graphs.
“The large amount of data collected about the current state of cybersecurity can both positively and negatively affect the decision-making process. Proper presentation of the resulting data is an important step that should not be overlooked. With Defensys SGRC 4.7, the process of information security monitoring becomes easier and more convenient. We have completely redesigned the approach to working with summary audits, put a lot of emphasis on the development of dashboards, and developed vulnerability prioritization capabilities”, said Ksenia Kolyada, Defensys SGRC Product Owner.
Tabs such as Audits, Issues, Events, Tasks, and User Assets sections have improved the way users interact when editing system objects together. When another user makes changes, the current user interface displays a notification with a choice to continue working or to update the data being viewed.
To improve security, the product interface now displays a notification when a user logs in from another device under the current user account, and an option to log out all sessions for the current user account is now available.
Defensys customer support will notify current users when updates are available. If you would like to receive an update for pre-testing and to familiarize yourself with the functionality, send an email to support@defensys.com