Cyrisma Knowledge Base

How to Create a Client Instance

Published September 19th, 2024 by Liam Downward

Sign In: Visit msp.cyrisma.com and sign in to your account. Navigate to New Instance : Go to the "Instance" section, then click “New Instance.” Fill Out the Client Instance Form: Client Name: Enter the name of the client. Address, Town, State, ZIP Code: (Optional) Fill in the client's address details. Instance Label: Enter a unique label for the ins

How To Generate a Cyber Risk Assessment Report

Published September 19th, 2024 by Liam Downward

How to Generate a Cyber Risk Assessment Report Once all the scans are complete, follow these steps to create your report: Access the Report Builder: Navigate to the Report Builder located on the left-hand side of the dashboard. Select the Cyber Risk Assessment Report: Click on the Cyber Risk Assessment Report option. Choose Scans to Include: In the

Video: How to setup a Dark Web Monitor

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Failed O365 Credentials Due to Invalid "Secret Value"

Published November 27th, 2024 by Liam Downward

Common Causes: Client Secret ID vs. Secret Value: In the Azure portal, the client secret ID is visible, but the client secret value is not. The secret value is crucial for proper authentication and must be securely stored at the time of creation, as it will not be displayed again in the Azure interface. Incorrect Secret Value: If the secret value en

Video: How To Setup Microsoft Secure Score

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Why Agent-Based Scanning is Recommended

Published November 27th, 2024 by Liam Downward

Challenges with Sensor-Based Scanning Network Dependency:Sensor-based scanning requires the target machines to be online and accessible to the network probe. This can lead to failures if: Target machines are located on different networks. They are connected through a VPN. Credential Requirements:For a successful scan, the sensor must have valid cred

How to White Label Reports in CYRISMA

Published March 10th, 2025 by Liam Downward

Steps to White Label Reports in CYRISMA Access the MSP Portal Navigate to msp. cyrisma .com and log in using your MSP administrator credentials. Select Your Organization On the left-hand navigation panel, locate and click on your organization’s name. This will take you to the organization settings page where you can manage your branding preferences.

Exporting a CSV File of CVEs Tied to Assets

Published November 27th, 2024 by Liam Downward

Steps to Export CVE and Asset Data Navigate to the Vulnerability Dashboard Go to Vulnerability Scanning in the CYRISMA menu. Select Vulnerability Dashboard. Locate the Report Section Scroll down to the section labeled All Vulnerabilities (90 Days) - Impacted Hosts for Each. Export the CSV File On the right-hand side of this section, locate the CSV E

List of Applications Patchable by CYRISMA

Published December 4th, 2024 by Liam Downward

Patchable Applications Compression Tools 7z.exe WinRAR Winzip Document Viewers & Editors Adobe Acrobat Reader DC Continuous LibreOffice Notepad++ Browsers & Web Clients Microsoft Edge Chrome Media Tools VLC Media Player iTunes.exe Apple iTunes Remote Tools TeamViewer TightVNC UltraVNC RealVNC VNC Connect Programming & Development Tools D

Google Workspace Scanning

Published September 20th, 2024 by Liam Downward

Navigate to Admin, click on Integrations and select Google as the Credential Type: Access to Google Cloud by the CYRISMA agent is enabled via a JSON security file provided by Google. The overview steps to generate this file are shown here: With the above overview in mind, follow the detailed guide below to generate the JSON security file. 1. CREAT

Removing Retired or Incorrect Agents from Reports

Published November 27th, 2024 by Liam Downward

Issue Agents that have been retired or do not belong to a specific group (e.g., DCG) are still appearing in reports, even after being removed from the instance. Steps to Address the Issue 1. Verify Agent Removal Confirm that the retired agent (e.g., Host-SQL95) is no longer active in your environment by navigating to Admin > Scan Agents. For agen

How To Create an Internal Authenticated Vulnerability Scan

Published September 19th, 2024 by Liam Downward

Navigate to Schedule a Scan: Go to Vulnerability Scan > Schedule a Scan in your dashboard. Name the Scan: Enter a descriptive name for your scan, such as "VS_INT_Auth_1". Select Scan Type: From the dropdown menu, choose "Internal - Authenticated". Choose Agent or Agent Group: Select the desired agent for the scan. Alternatively, you can choose an

Why is my Web App Scanning Failing?

Published November 25th, 2024 by Liam Downward

Issue The Web App scan for a URL (e.g., http://www.cyrisma.com ) may fail or produce incorrect results if the URL includes unnecessary prefixes, such as " www ." Solution To resolve the issue: Verify the URL Configuration Ensure the URL entered for the Web App scan does not include " www ." unless explicitly required by the application. Example: Cha

February 28th 2025 Release Notes

Published March 3rd, 2025 by Liam Downward

New Features & Enhancements Duration Reports for Data Sensitivity Users can now generate duration-based reports (30, 60, 90, 180, 365 days) for data sensitivity. Provides insights into identified risks, mitigated issues, and outstanding concerns. Supports informed security planning and tracking data security improvements over time. Duration Repo

How to Suppress and Globally Suppress Vulnerabilities in CYRISMA

Published March 14th, 2025 by Liam Downward

Suppressing a CVE for a Specific Machine: Log in to the CYRISMA dashboard. Navigate to Vulnerability Scan and select Scan History. Select the machine containing the CVE to suppress. In the vulnerability list, find the CVE and click the three-dot (•••) menu. Select Suppress. This suppresses the CVE for the selected machine only. Provide a Justificati

How To Deploy Agents

Published September 19th, 2024 by Liam Downward

How to Install Agents Navigate to Scan Agents: Visit Admin > Scan Agents in your dashboard. Generate a Windows Installation Key: Click on the option to Generate a Windows Installation Key. This key will be necessary for agent installation. Decide on Agent Deployment Method: Visit the Agent Status section to determine how you want to deploy your

January 30, 2025 Release Notes

Published January 31st, 2025 by Liam Downward

Version 2.105.1.136 release features and updates of CYRISMAFixes in User Experience and FunctionsAdminTargets- Fixed an issue where merging targets from Network Discovery results did not properly integrate them into the instance.Dark WebCreate a Dark Web Monitor- Added ‘Run Status’ and ‘Last Ran’ columns to the Dark Web Monitors table. These columns

Troubleshooting CYRISMA Scans Failing Due to Sophos Endpoint Protection

Published January 30th, 2025 by Liam Downward

Root Cause Analysis What Happens During a CYRISMA Scan? CYRISMA’s scan agent initiates a port scanning process to identify open ports. The scanner attempts to execute a Python-based port scanner, which unpacks necessary files into the Windows temp directory. Once port scanning completes, the full vulnerability scan proceeds. Symptoms of the Issue Sc

April 11th Release Notes

Published April 14th, 2025 by Liam Downward

New Features 🔧 Patch Management Enhancements Added advanced patch control settings under Admin > System Config: Define Blackout Hours to prevent patching during specific timeframes. Restrict patching on selected machines. Exclude specific 3rd-party applications from auto or manual patching workflows. 📄 Report Builder – Optional Password Protectio

May 23rd Release Notes

Published May 27th, 2025 by Liam Downward

CYRISMA Change Log Release Date: May 23, 2025 Version: 2.125.1.156 🔧 Fixes in User Experience and Functions Admin Notification Config: Updated the minimum trigger time for “Agent Not Checking In” alerts to 60 minutes to improve reliability. Compliance Shadow IT: Fixed a blue screen error triggered when interacting with chart bars in the Top 5 Softwa

Network Discovery in CYRISMA: A Comprehensive Guide

Published January 22nd, 2025 by Liam Downward

1. What is Network Discovery? Network discovery is the process of identifying all devices and endpoints connected to a network. This includes servers, workstations, IoT devices, printers, routers, and more. By performing network discovery, you can: Map the organization's network topology. Identify unknown or rogue devices. Prepare for targeted scans

How to Use Industry Comparison and vCISO Services

Published October 30th, 2024 by Liam Downward

How to Use Industry Comparison and vCISO Services Access Industry Comparison: Click on Industry Comparison in the menu. Here, you will find options to view your instance's scores compared to others in your industry. Explore Metrics: By clicking on each metric—Data Sensitivity, Vulnerability, Secure Baseline, and Compliance—you can access different a

How to Suppress Secure Baseline Rules in CYRISMA

Published March 17th, 2025 by Liam Downward

Suppressing Secure Baseline Rules To suppress Secure Baseline rules on a specific machine: Log into the CYRISMA platform. Navigate to Secure Baseline → Scan History. Identify the scan and the machine you want to suppress a rule for. Click on the bar graph representing the specific machine to view the rules. Identify the rule you'd like to suppress:

Why Are CYRISMA Agents Not Showing Up for Provisioning?

Published November 25th, 2024 by Liam Downward

Problem Description Newly deployed PCs were not appearing in CYRISMA for provisioning, even though the installation script successfully ran. The root cause was an error in the script's syntax, specifically with the formatting of the CYRISMA server URL. Steps to Resolve the Issue Inspect the Script Syntax Review the deployment script carefully. In th

Understanding Risk Level vs. Exploitability in CYRISMA

Published May 21st, 2025 by Liam Downward

📊 What is Risk Level ? Risk Level refers to the severity of a vulnerability, often influenced by metrics such as CVSS scores, vendor assessments, and system impact. These are categorized as: Critical High Medium Low A Critical or High risk level means the vulnerability could cause significant harm if exploited—but does not necessarily mean it’s bein

CYRISMA CyBroker Sensor Preparation and Setup

Published October 30th, 2024 by Liam Downward

The CYRISMA “CyBroker Sensor” is used to scan targets within the LAN subnet where the sensor is installed. Data Sensitivity scans can take place against any UNC file path hosted by a Target and Vulnerability/Baseline scans can take place against Windows, MAC and Linux machines on the local network. CYRISMA Command Center Web Application receives sca

Resolving "No ARF File Found" Error Due to PowerShell Timeouts

Published May 28th, 2025 by Liam Downward

What is an ARF File? The Asset Reporting Format (ARF) file contains the results of the full vulnerability scan performed by the CYRISMA agent. When this file is missing, it indicates the scan did not complete successfully. Root Cause The scan process in CYRISMA runs in two stages: Preliminary Checks – These gather basic data (open ports, weak SSL/TL

Troubleshooting Agent Installation Problems

Published September 19th, 2024 by Liam Downward

1. General Troubleshooting Steps 1.1. Agent Fails to Install Symptoms: Installer does not complete. Error messages, e.g., "Permission denied." Resolutions: Ensure Admin Rights: Install with administrator privileges. On Windows, right-click the installer and select Run as Administrator. Verify Prerequisites: Windows: Ensure .NET Framework 4.8+ is ins

April 23rd 2025 Release Notes

Published April 24th, 2025 by Liam Downward

✨ New Features 🔍 Compliance – Shadow IT Introduced a new Shadow IT dashboard displaying installed applications and plugins per system. Includes risk grading by application type to enhance visibility, compliance, and risk management across client environments. 🔁 Instance Access MSP users can now seamlessly switch between client instances without re-a

Instance Access: Seamless Navigation Between Client Environments

Published April 25th, 2025 by Liam Downward

Why It Matters For MSPs managing several customer environments, switching between instances has traditionally required logging out and back in through the main portal—an inefficient and time-consuming process. This friction reduced productivity and introduced avoidable delays when responding to tickets, conducting assessments, or providing real-time

Managing Aged Devices in CYRISMA: Best Practices and Billing Guidance

Published January 22nd, 2025 by Liam Downward

How CYRISMA Tracks and Bills Devices CYRISMA considers a device a billable target under the following conditions: Agent Installation: Devices with CYRISMA agents installed are tracked and counted as targets. Network Discovery: Devices identified via network discovery and added as "mergeable targets" are also billed until manually removed. Devices re

How to Create a Data Scan

Published September 19th, 2024 by Liam Downward

Click on Data Scan and Schedule Scan: Assign a Scan Name: Enter a descriptive name for your scan in the Scan Name field. Select Scan Type: Use the dropdown menu under Select Scan Type to choose from the following options: Local O365 Email O365 OneDrive SharePoint Gmail Google Drive Set Credentials: Choose the credential to be used for the scan: Use

March 7th 2025 Release Notes

Published March 10th, 2025 by Liam Downward

Release Date: March 7, 2025 Version: 2.113.1.144 Fixes in User Experience and Functions Mitigation My Mitigation Plans – Fixed checkbox selection in the ‘Review & Perform an Action’ modal for Data Scan Mitigation Plans. Users can now click directly on checkboxes in the Sensitive Items Found table when marking items as False Positives. Quick Star

How To Create an Internal Unauthenticated Vulnerability Scan

Published September 19th, 2024 by Liam Downward

Navigate to Schedule a Scan: Go to Vulnerability Scan > Schedule a Scan > Create. Name the Scan: Enter a descriptive name for your scan, such as "VS_INT_UnAuth_1". Select Scan Type: Choose the "Internal - Unauthenticated" option. Choose Agent: Select the desired agent for the scan. Typically, it is recommended to run this from a server. To ens

Schedule a Vulnerability Scan

Published September 20th, 2024 by Liam Downward

1. Start New Scan In the Schedule a scan section, you can configure the key settings for a new vulnerability scan: Select a Scan Type: Choose the type of scan from the dropdown. Options include: Internal Authenticated: Scans internal network targets with authentication. Internal Unauthenticated: Scans internal network targets without authentication.

If an endpoint is online at any stage of a month (even 1 day) will it bill that entire month?

Published November 15th, 2024 by Liam Downward

Yes, that’s correct. If an endpoint is not online for the entire month, it won’t be billed for that month. In your scenario, if you have 45 endpoints in an instance, but only 30 are online for the month (and the remaining 15 are offline for longer than a month), you will only be billed for the 30 active endpoints. Here’s a breakdown: Active endpoint

January 22nd 2025 Release Notes

Published January 23rd, 2025 by Liam Downward

Version 2.103.1.134 Release Date: January 22, 2025 1. Secure Baseline Updates Enhancements: Added support for the latest CIS benchmarks for the following operating systems: Debian 12 Windows 10, 11, Server 2016, 2019, 2022, 2025 MacOS 14/15 Ubuntu 24.04 Benchmark Updates: Integrated the Windows 11 STIG Benchmark (Version 2, Release 2). Integrated th

How to Resolve Compliance Detection for TLS Certificate

Published November 25th, 2024 by Liam Downward

Issue After installing an SSL certificate on a firewall, scans still detect the compliance failure: "FAILED Compliance: TLS: No Self-Signed Certificates. Description: Ensure TLS certificates are signed by a separate issuer." Cause The scan is detecting that the certificate is self-signed or not signed by a publicly trusted certificate authority (CA)

Streamlining MSP Operations with CYRISMA’s Centralized Vulnerability Manager (CVM)

Published April 17th, 2025 by Liam Downward

1. Start with Centralized Visibility Access All Clients in One Place: Log into the MSP interface to see vulnerabilities and risk across every client and endpoint from one dashboard. Aggregate and Filter Data: Instantly search by vulnerability, root cause, OS, client, or asset type (workstations, servers, etc.). No more jumping between instances. Tip

Billing for Endpoints vs. Microsoft Licenses

Published November 26th, 2024 by Liam Downward

How Billing is Determined Our pricing model is based on the higher of two metrics: Endpoint Count – This includes the number of laptops, desktops, and servers being monitored. Microsoft Licenses – This includes the number of Microsoft user accounts being scanned and monitored for email activity. If a client has a higher count of Microsoft licenses c

How to Add a Cloud Agent to Your CYRISMA Instance

Published November 27th, 2024 by Liam Downward

Step 1: Enable Cloud Scans for the Instance Before adding a cloud agent, you must enable cloud scans during the instance setup. Log into the MSP Interface: Use your MSP credentials to access the CYRISMA MSP portal. Navigate to the Instance Details: Go to the Organization Details Dashboard for the specific instance where you want to enable the cloud

Why Some Windows KBs Appear in Vulnerability Scans but Not in Patch Manager

Published May 19th, 2025 by Liam Downward

Issue Summary You may encounter a scenario where a Windows KB article appears in the Vulnerability Scan results for an endpoint (e.g., Patch - KB5055528), but that same KB does not appear under the Windows tab in Patch Manager > Root Cause Breakdown or during a CVE search. This can understandably create confusion, especially when trying to assess

Vulnerability Scan Compare

Published September 20th, 2024 by Liam Downward

Steps to Compare Vulnerability Scans Select Scan Type: Choose the scan type that matches the target you wish to compare. Options include: Internal Authenticated Internal Unauthenticated / External - IP Addresses External - Web Application URLs Select Target: From the "Select Target" dropdown, choose the specific device or IP that has prior vulnerabi

Setup AD Monitor

Published September 20th, 2024 by Liam Downward

Setting up Entra ID Monitor Navigate to Compliance Go to Compliance > Set up AD Monitor. Configure Entra ID Monitor Provide a name for the monitor. Select Monitor Type as Entra ID Monitor. Notification and Scheduling Options Choose whether to receive a summary notification once the scan finishes. Select the desired Schedule Type: Now: Runs the sc

May 2nd Release Notes

Published May 5th, 2025 by Liam Downward

✅ Fixes in User Experience and Functions 🔧 Admin Users: The "Department Manager" dropdown in Admin > Users now only displays active users during user creation or edits. 🛡️ Compliance Compliance Assessment: Fixed an issue where marking a question as “Not Applicable” did not clear previous dropdown answers in the generated report. Shadow IT: Enhanc

Password-Protected Reports in CYRISMA

Published April 8th, 2025 by Liam Downward

Why Are Reports Password Protected? CYRISMA reports often contain sensitive vulnerability, compliance, or data classification results. Password-protecting these reports helps: Prevent unauthorized access if a file is downloaded or shared. Ensure an additional layer of protection during file storage or transmission. Maintain compliance with industry

Can I Use My Local Agent for Cloud Scans?

Published September 20th, 2024 by Liam Downward

Cloud Agent Scanning Data storage continues to make a heavy migration to the cloud and file storage is no exception. Most organizations have made cloud-based file storage a fundamental part of their infrastructure. This includes cloud-based services such as Microsoft OneDrive, Google Drive, Microsoft SharePoint and even email storage. This file data

CYRISMA Setup Guide: Integrating with PSA Platforms

Published October 31st, 2024 by Liam Downward

Logging into CYRISMA Access the Managed Service Interface: Log into the CYRISMA Managed Service interface at https://msp.cyrisma.com . PSA Configuration Overview Individual instances within CYRISMA are organized hierarchically into a list of organizations and instances. Important: PSA configuration must be performed at the organization level, not at

How to use the Patch Manager and Root Cause Analysis

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Agents Not Appearing in the "Agents Waiting Provisioning" Area

Published November 25th, 2024 by Liam Downward

Issue When setting up provisioning, agents do not appear in the "Agents Waiting Provisioning" section, even though the devices have been deployed. Root Cause This issue is typically caused by a time synchronization error on the device. If the system time is off by more than 5 minutes from the standard time, the agent may fail to authenticate and app

How to Customize a Secure Baseline Scan by Suppressing Benchmarks

Published November 26th, 2024 by Liam Downward

Steps to Customize Your Secure Baseline Scan Navigate to Scan History Log into the CYRISMA platform. From the left-hand menu, select Scan History to access the list of previously conducted scans. Select the Secure Baseline Scan Find the specific Secure Baseline Scan you want to modify and click on it. This will open a detailed view of the scan resul

Why Do My Vulnerability Scans Have a High Failure Rate?

Published November 25th, 2024 by Liam Downward

Problem When submitting an internal authenticated vulnerability scan, a significant number of targets fail due to configuration or accessibility issues. This can result from: Lack of proper credentials for remote scanning. Inefficiencies in the scanning method (e.g., remote vs. agent-based scanning). Solution 1. Identify the Issue For the internal a

Can Vulnerability and Secure Baseline Scanning Be Conducted on Disconnected Machines?

Published December 18th, 2024 by Liam Downward

How It Works Self-Scanning by Installed Agents : Each installed agent is capable of performing self-scanning directly on the machine where it resides. This allows for comprehensive vulnerability and secure baseline assessments without requiring real-time network connectivity. Scheduled Scans: Agents can be configured to run scheduled scans at predet

Secure Baseline Scan in Progress

Published September 20th, 2024 by Liam Downward

Displayed Information Each row in the Scans in Progress table includes the following columns: Scan Name: Identifies the name of the scan. Clicking the name allows you to view more details about the scan. Targets: Indicates the total number of targets included in the scan. Issued By: Displays the name of the individual who initiated the scan. Complet

Video: How to Create an External Web Application URL Scan

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Why Is there a 5-Item Selection Limit in Data Scans?

Published February 25th, 2025 by Liam Downward

1. System Performance & Resource Allocation Shared Cloud Agents : CYRISMA utilizes shared ServiceMa Cloud Agents to conduct data scans. When users initiate extensive scans (e.g., scanning thousands of mailboxes), it can overburden the shared infrastructure. Heavy scanning loads can lead to queueing delays as agents are tied up, impacting other u

Central Vulnerability Manager

Published March 25th, 2025 by Liam Downward

Accessing the Central Vulnerability Manager Log in to your MSP Portal within CYRISMA at msp.cyrisma.com On the top navigation panel, select Central Vulnerability Manager at the top. Key Features Unified Vulnerability Visibility Aggregates vulnerability data from all your customer instances. Provides detailed insight into both third-party and Windows

How To Setup Microsoft Secure Score

Published October 30th, 2024 by Liam Downward

Accessing Microsoft Secure Score Navigate to Secure Score: Go to the main menu. Select Compliance > Microsoft Secure Score. Key Features Risk Grades: The dashboard displays both your current and previous risk grades, helping you track changes in your Microsoft Cloud environment's security configuration. Switch between reporting periods by selec

February 21st 2025 Release Notes

Published February 24th, 2025 by Liam Downward

Version: 2.108.1.139 release features and updates of CYRISMA New Features 3rd Party Patch AutomationUsers can enable automated third-party patching in Admin > System Config and schedule patches 12-72 hours after vulnerabilities are detected. s PatchingUsers can now apply Windows patches from Patch Manager, just like third-party patches. The syste

Video: How to Create a Compliance GRC Assessment

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Secure Baseline Scan History

Published September 20th, 2024 by Liam Downward

Features of the Secure Baseline Scan History Table The table includes the following details for each scan: Scan Name: The unique name assigned to the scan. Targets Scanned: The number of targets assessed during the scan. Issued By: The individual who initiated the scan. Start and End Dates: The scan’s duration, showing when it began and ended. Numbe

Why You May Be Seeing an "Access Denied" Error When Logging into the CYRISMA Portal

Published January 7th, 2025 by Liam Downward

What’s Happening? For example, you might see a URL like this: https://msp.cyrisma.com?_gl=1*xy8ppx*_ga*NDc5OT... These tracking codes are flagged by our security system as potential threats and are blocked to ensure the safety of our portal. How to Fix It To resolve this issue, follow these steps: Access the Portal Directly: Use a clean URL without

Partner Portal Login

Published November 20th, 2024 by Liam Downward

To access the CYRISMA partner portal, follow these steps: Open your preferred web browser and navigate to https://cyrisma.com/login . Enter your login credentials: Username/Email: Use the email address associated with your CYRISMA partner account. Password: Input your secure password. Click the Login button. If you encounter any issues: Use the Forg

Scanning Issues in Secure Baseline

Published December 4th, 2024 by Liam Downward

Issue: Clarification on Scanning Representative Machines Problem Users are scanning all devices in their environment without realizing they only need to scan representative machines based on Group Policy. Why This Matters Scanning all machines in environments with consistent Group Policy settings results in unnecessary scans and redundant data. Best

Linux Agent Compatibility with SuSe Linux 15

Published November 27th, 2024 by Liam Downward

Is the Linux Agent Compatible with SuSe Linux 15? Yes, the Cyrisma Linux agent is compatible with SuSe Linux 15. However, it's important to note that the installation process for SuSe Linux 15 currently requires a Debian-based package (.deb). At this time, .rpm-based package installations are not supported. Installation Recommendations If you're loo

Handling Dark Web Monitor Results in CYRISMA

Published March 25th, 2025 by Liam Downward

Step 1: Identify the Exposed Data When reviewing the results, pay close attention to the following data fields: Email Addresses: Identify any corporate or employee-associated addresses. Passwords: Check for plaintext or weakly hashed credentials. Data Breach Source: Determine where the breach occurred (e.g., specific platforms or databases). Breach

March 13th 2025 Release Notes

Published March 13th, 2025 by Liam Downward

Version: 2.114.1.145 Fixes in User Experience and Functions Mitigation ✅ My Mitigation Plans - Assigned Plans Table – Selecting a user from the 'Reassign' dropdown no longer expands the mitigation row, improving usability and preventing unintended UI disruptions. Report Builder ✅ Email Report – The CYRISMA logo in vulnerability scan email reports ha

Where Do I Login To My MSP Dashboard?

Published November 20th, 2024 by Liam Downward

1. Incorrect Username or Password One of the most frequent causes of login issues is entering the wrong username or password. Ensure that: Your username is typed correctly, with no extra spaces or typos. Your password matches exactly, keeping in mind that passwords are case-sensitive. You’re not using autofill with outdated credentials. If you're un

Resolving CYRISMA Agent Issues with SentinelOne Security

Published September 20th, 2024 by Liam Downward

How to Identify if You Are Affected To determine if your CYRISMA Agent is impacted, check the CYRISMA Agent log for the following error: jsaf.provider.windows.powershell.PowershellException: Cannot find a variable with the name 'AmsiContext'.Cannot find a variable with the name 'AmsiInitFailed'. If this error appears, it indicates that SentinelOne i

How to Schedule Reports in CYRISMA

Published March 6th, 2025 by Liam Downward

Step-by-Step Guide to Scheduling Reports 1. Navigate to the Report Builder Log into your CYRISMA account. Click on Admin in the left-hand navigation menu. Select Report Builder from the available options. 2. Select the Report Type In the Report Builder, locate the Generate Report By dropdown. Click the dropdown and select Duration from the list. 3.

Video: How to Create a Client Instance

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Syncro PSA Integration Guide

Published October 31st, 2024 by Liam Downward

1. Create API Token To establish a secure connection between CYRISMA and Syncro, you will need to create an API token with the appropriate permissions. Steps to Create a Token: Navigate to API Tokens: In the Syncro user interface, go to Admin > API Tokens. Create New Token: Click the ‘New Token’ button to initiate the token creation process. Conf

Understanding Grades for Targets Scanned in a Data Scan

Published December 27th, 2024 by Liam Downward

1. What Does an A+ Grade Indicate? An A+ grade typically reflects that the scanned item is low-risk when considered on its own. For example: Standalone IP Addresses: An IP address on its own generally poses minimal risk because it lacks meaningful context. If someone were to access just the IP address without any accompanying information (e.g., inte

Patch Configuration: Granular Control Over Blackout Hours

Published May 1st, 2025 by Liam Downward

🛠️ Key Capabilities ✅ Exclude Specific Machines from Patching Prevent certain devices—such as critical servers or legacy systems—from receiving automatic patches. Ideal for sensitive systems that require manual updates or downtime coordination. Helps avoid patch-related compatibility issues. ⛔ Block Third-Party Applications from Auto-Patching Design

Understanding Agent-Based Scanning vs. Sensor-Based Scanning

Published November 27th, 2024 by Liam Downward

Agent-Based Scanning Agent-based scanning utilizes agents installed directly on the target devices. These agents handle the scanning process locally, without requiring remote access. When to Use Agent-Based Scanning Authenticated Vulnerability Scans: For scans that require login credentials to analyze system vulnerabilities. Secure Baseline Scans: T

December 10th 2024 Release Notes

Published December 10th, 2024 by Liam Downward

Fixes in User Experience and Functions Admin Notification Config- Resolved an issue where 'Agents Awaiting Provisioning' email notifications failed to send as expected. Scan Agents- Added a confirmation modal to the 'Regenerate Windows Installation Key' button to prevent accidental actions. Users are now prompted with options to confirm or cancel, e

Video: How to Deploy Agents

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

How to Differentiate Your CYRISMA-Powered Services

Published March 13th, 2025 by Liam Downward

Making Cybersecurity Simple Many businesses, especially small and medium-sized enterprises (SMEs), find cybersecurity complex and overwhelming. Use CYRISMA to simplify their security needs: Quick Deployment & Easy Use: Demonstrate how CYRISMA allows for a seamless onboarding experience. Clear Risk Data & Actionable Insights: Offer simple, ea

Guide to Probe Scanning in CYRISMA

Published March 13th, 2025 by Liam Downward

When to Use Probe Scanning If a client or prospect is not ready to deploy agents on all endpoints. When performing preliminary internal scans during the sales or prospecting phase. If network-wide credentialed scanning is preferred over deploying agents on each device. How Probe Scanning Works 1. Deploying the Probe Agent Install a CYRISMA agent on

How to setup a Dark Web Monitor

Published September 19th, 2024 by Liam Downward

Domain Monitoring Setup Step 1: Access Dark Web Domain Monitor Navigate to Dark Web → Setup Dark Web Monitor. Choose the Domain Monitor option. Step 2: Enter Domain Details Input Domain: Enter your organization’s primary domain (e.g., yourcompany.com). Company Name: Enter the company name associated with the domain you want to monitor. Step 3: Activ

How to Raise Your Compliance Score in CYRISMA

Published April 30th, 2025 by Liam Downward

Key Actions That Improve Your Compliance Score To positively impact your compliance score, focus on these core areas: 1. Deploy the Active Directory (AD) Monitor CYRISMA assesses security settings within your Active Directory. A misconfigured AD is a major vulnerability and impacts compliance scoring. Ensure: AD monitor is deployed and active Key se

Shadow IT: Application & Plugin Visibility and Risk Grading

Published April 25th, 2025 by Liam Downward

Why It Matters Without proper visibility into installed applications across client systems, organizations face significant challenges: Security risks from unapproved or outdated software Compliance gaps from missing software controls Operational inefficiencies in inventory management With Shadow IT, CYRISMA bridges this gap by giving you a clear, ri

Debian Support and Hardware Compatibility

Published November 20th, 2024 by Liam Downward

Why Our Agent Doesn’t Support Raspberry Pi 1. Debian Compatibility Across Architectures Debian Linux is a versatile operating system that can run on many hardware architectures, including: x86/x64 (Intel-compatible processors) ARM (used by Raspberry Pi and similar devices) 2. Processor Architecture Differences Raspberry Pi: Uses an ARM processor.

Selling Cybersecurity Services - Approaches to Objection Handling

Published March 19th, 2025 by Liam Downward

Common Objections and How to Respond Below are effective ways to handle frequent objections during your sales conversations. Objection 1: "We're a small company—do we really need cybersecurity ?" Prospects may underestimate their risk exposure due to their size. Here's how to address this: Cyber Attacks Happen to SMBs: Smaller businesses are increas

Autotask PSA Integration Guide

Published October 31st, 2024 by Liam Downward

1. Create API User To set up a secure API user in Autotask, follow these steps from the admin console of the Autotask Web interface. Steps to Create a Secure API User: Access Users: Navigate to Resources > Users under Account Settings in the Autotask Web interface. Select New API User: From the New drop-down selector, choose “New API User”. Choos

Patch Manager

Published September 20th, 2024 by Liam Downward

1. Root Cause Breakdown The Root Cause Breakdown section lists vulnerabilities by their underlying causes, enabling users to identify and address issues at the source. The table displays: Root Cause: The primary software or configuration issue contributing to vulnerabilities. No. of CVEs: The number of Common Vulnerabilities and Exposures associated

Stellar Cyber Integration

Published September 19th, 2024 by Liam Downward

Connector Overview: CYRISMA Capabilities Collect Yes Respond No Native Alerts Mapped N/A Runs on DP Interval Configurable Collected Data Content Type Vulnerabilities Hosts Response Actions Action Index Syslog Linux Syslog Assets Third-Party Native Alert Integration Details Field Details Required Fields N/A Required Credentials API Name API Ke

Video: How to Create an External IP Scan

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video. Click below for a written walkthrough How To Create an External IP Scan - Cyrisma

How to Delete a Mitigation Plan

Published November 27th, 2024 by Liam Downward

Steps to Request Deletion of a Mitigation Plan: Identify the Need for Deletion: If you have created a mitigation plan and need it deleted, ensure that it is no longer required for any ongoing processes. If the plan is no longer relevant or was created by mistake, a support ticket will be needed to initiate the deletion. Create a Support Ticket: Open

Resolving O365 Scan Issues Due to Password Requirements

Published November 27th, 2024 by Liam Downward

Issue O365 scans fail when using a global admin account due to invalid password configurations. The error highlights password requirements and disallowed special characters. Resolution Steps 1. Review Password Requirements Ensure the global admin account's password complies with the following rules: Must be at least 8 characters long. Must include a

My Mitigation Plans

Published September 20th, 2024 by Liam Downward

Accessing Your Mitigation Plans View Assigned Plans: In the My Mitigation Plans section, you can see all plans assigned to you along with their status. Sorting Plans by Scan Type Use the Drop-Down Menu: At the top left of the section, utilize the drop-down menu to sort the plans by scan type. For this example, select Vulnerability Scan. Viewing Deta

March 21st 2025 Release Notes

Published March 21st, 2025 by Liam Downward

🚀 New Feature Central Vulnerability Manager A new centralized dashboard has been introduced to the MSP interface, enabling streamlined vulnerability management across all customer environments. Provides capabilities to search, patch, and analyze vulnerabilities at scale. Integrated remediation tools and enhanced root cause visibility. 🛠️ Fixes &

Agents Not Appearing in Dashboard After Installation

Published November 25th, 2024 by Liam Downward

Symptoms The CYRISMA agent installation completes successfully. The agent does not appear in the CYRISMA dashboard. Logs show errors such as: Agent to Instance Pairing FAILURE! Unable to connect to the remote server. Root Cause This issue occurs when endpoint protection software or security tools block outgoing HTTPS requests or PowerShell executi

vCISO Action Plans in CYRISMA

Published January 30th, 2025 by Liam Downward

How the VCISO Action Plan Works Compliance & Industry Benchmarking Within the Compliance tab, CYRISMA aggregates scan results and provides an Industry Comparison . The platform benchmarks the organization’s security posture against industry standards. The goal is to identify gaps and ensure improvement over time. Score-Based Action Plan Developm

Why Can't I Provision Agents?

Published November 25th, 2024 by Liam Downward

Issue When attempting to provision agents in a CYRISMA instance, users with a "Tech" role in MSP may encounter an error due to insufficient permissions. This occurs because the "Tech" role in MSP maps to the "Security Administrator" role in the instance, which does not include provisioning permissions. Solution Understand Role Mapping The "Tech" rol

Configuring Local Data Scans Across Multiple Agents

Published November 25th, 2024 by Liam Downward

Issue When attempting to perform a local data scan across all agents, it appears only the initially selected agent is being scanned. The user is selecting all agents and paths, but the scan only targets the first selected agent. Solution Key Points No Group Scan for Data Scans Data scans in CYRISMA do not support group scans where all agents are sca

Why Is Patch Data Missing After Running an Internal Scan?

Published November 27th, 2024 by Liam Downward

Issue After initiating an internal scan, patch data does not appear in the Patch Manager, leaving users unclear on which patches are required for the customer’s environment. Resolution Steps 1. Verify Scan Completion Ensure that the internal scan has fully completed. Incomplete scans may not populate the necessary data in the Patch Manager. To confi

Video: How To Create a Secure Baseline Scan

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Error Adding Agents to a Scan

Published November 25th, 2024 by Liam Downward

Issue When attempting to add agents listed under "Agents Awaiting Provisioning" to a scan, users encounter the error: “Problem while adding agent. Please try again later!” Cause This issue occurs because the agents must first be provisioned. However, provisioning agents requires Systems Administrator permissions. Users with the Security Administrato

How To Create a Secure Baseline Scan

Published September 19th, 2024 by Liam Downward

Step 1: Navigate to Secure Baseline Scan Access the Scan Scheduler: Go to Secure Baseline -> Schedule a scan. Step 2: Configure the Scan Name the Scan: Provide a descriptive name for your scan, for example, "SB_Compliance_Sample_1". Select Desired Agent: Choose a specific agent, or select an agent group to have multiple agents scan simultaneously

March 28th 2025 Release Notes

Published March 28th, 2025 by Liam Downward

Fixes in User Experience and Functions 🛡️ Compliance HIPAA Compliance Assessment: Updated regulatory references to ensure accuracy and relevance. Improved content accuracy within assessment reports. 🌐 Dark Web Dark Web Monitor Results: Added a "View All" button to streamline navigation and easily return to the full list of breach results after apply

Can I change the CYRISMA Agent File Name?

Published November 15th, 2024 by Liam Downward

Key Points: Background Operation: The agent runs silently without interrupting the user’s workflow. It does not display pop-ups or other visible alerts to the user, ensuring no disruption. An icon in the system tray shows that the agent is running, but it is generally unnoticed unless the user specifically checks. Silent Installation: A mass insta

Vulnerability Scan History

Published September 20th, 2024 by Liam Downward

Navigating the Vulnerability Scan History At the top of the page, there is a Select Scan Type filter bar, allowing you to categorize the scan history by specific scan types. These categories include: All Scans: Displays every scan conducted, across all types. Internal Authenticated: Shows scans conducted internally with authentication credentials. I

Windows Patching – Understanding the Process and Best Practices

Published February 25th, 2025 by Liam Downward

How Windows Patching Works Microsoft regularly releases patches to address security vulnerabilities, fix bugs, and enhance system performance. These patches are typically delivered through cumulative updates, known as roll-up patches, which bundle multiple updates together. Roll-up Hot Patches Cumulative Updates: Microsoft consolidates multiple patc

How to Change the Secure Baseline Profile for Targets

Published November 25th, 2024 by Liam Downward

Steps to Change the Secure Baseline Profile Access Admin Settings Navigate to Admin > Targets. Edit the Desired Target Locate the target you want to modify in the target list. Click the pencil icon in the Update column for the target. Change Secure Baseline Profile In the Secure Baseline Profile drop-down menu, select DISA STIG. Save the changes

How to Update an Instance Name in CYRISMA

Published November 25th, 2024 by Liam Downward

Steps to Update the Instance Name Log into the MSP Interface Access the CYRISMA MSP dashboar d using your login credentials. Navigate to the Organization Details Select the organization for which you want to update the instance name. Open the Organization Details dashboard. Edit the Instance Name Locate the row displaying the instance address. Click

Understanding CYRISMA Scoring and How to Improve Your Grades

Published November 27th, 2024 by Liam Downward

1. Scoring for Data, Vulnerability, and Secure Baseline Scans How Scores Are Calculated:Scores are based on the s from completed scans, not on the remediation actions themselves. After you patch vulnerabilities, address sensitive data issues, or adjust OS configuration settings, your score will not immediately improve. You must run a new scan to ref

ConnectWise PSA Integration Guide

Published October 31st, 2024 by Liam Downward

1. Create Security Role ConnectWise API access functions under the rights of the assigned API account using role-based security. It is essential to avoid using a pre-existing role such as “Admin” for the API account. Instead, create a dedicated role with sufficient rights to perform necessary API actions. Steps to Create a Role: Navigate to Security

How to Create a Compliance GRC Assessment

Published October 30th, 2024 by Liam Downward

Follow these steps to create a Compliance GRC Assessment for your client: Navigate to Compliance: Click on Compliance in the main menu. Select Compliance Assessment. Choose GRC Framework: From the available options, choose the specific GRC framework you will be assessing for your client. Fill Out Questions: Answer the questions related to the select

Video: How to Create a Data Scan

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Security Service Tiers, Packaging, and Pricing with CYRISMA

Published March 27th, 2025 by Liam Downward

CYRISMA -Powered Service Models to Explore CYRISMA enables you to create flexible service models that cater to different client needs, including: Tailored Professional and Assessment Services: Use the 30-day free instance to provide customized scans and insights. Scalable Managed Services: Offer customer-managed, co-managed, or fully managed service

N-able PSA Integration Guide

Published October 31st, 2024 by Liam Downward

1. Create API Key To facilitate the connection between CYRISMA and N-able, you will need to generate an API key. Steps to Create an API Key: Navigate to My Account: In the N-able user interface, click on ‘My Account’, located in your user sub-menu on the top navigation bar. Access API Keys Tab: From the My Account page, navigate to the ‘API Keys’ ta

Setting Up PSA Integrations with CYRISMA

Published September 19th, 2024 by Liam Downward

Overview CYRISMA supports integration with various Professional Services Automation (PSA) platforms, allowing for streamlined workflows and enhanced management of risk and compliance tasks. This guide covers the setup process for integrating CYRISMA with popular PSA platforms, including ConnectWise, Autotask, N-able, and Halo. Detailed Setup Instruc

March 19th 2025 Release Notes

Published March 19th, 2025 by Liam Downward

Dark Web Monitor - Enhanced Data Discovery The Dark Web Monitor feature has been upgraded to enhance data discovery capabilities, significantly improving detection accuracy. This enhancement allows for identification of previously undetected dark web activity, providing deeper cybersecurity insights and more comprehensive threat intelligence.

Video: CYRISMA Quick Start Guide

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Deploying CYRISMA Agent via Microsoft Intune (with Detection Rules)

Published May 22nd, 2025 by Liam Downward

Applies to: CYRISMA Windows Agent Deployment Use case: Deploy the CYRISMA Agent through Microsoft Intune using a Win32 app package and validate installation using file or registry detection rules. 🧰 Step 1: Prepare the Batch Script Create a batch script to download and install the CYRISMA agent silently. Save the following as Install_CYRISMA.bat: @e

How to Deploy CYRISMA Agents in a Prospecting Scenario

Published January 22nd, 2025 by Liam Downward

Understanding the Prospecting Scenario In a prospecting scenario, the goal is to perform targeted scans that provide a snapshot of the client’s cybersecurity vulnerabilities and compliance posture. Typically, this involves: Deploying a limited number of agents to key systems. Running scans to identify vulnerabilities or sensitive data exposure. Pres

How to Create an External Web Application URL Scan

Published September 19th, 2024 by Liam Downward

Navigate to Vulnerability Scan: After signing in to your account, go to the Vulnerability Scan section. Click on Schedule a Scan to begin the process of creating a new scan. Configure the New Scan: In the Start New Scan form, fill in the following details: In the field labeled Scan name, input a descriptive name for the scan. For example, "VS_EX_Web

Setup Dark Web Monitor

Published September 20th, 2024 by Liam Downward

Dark Web Enrollment The Dark Web section in CYRISMA offers two primary monitoring options: Domain Monitor Monitors your organization's domains across dark web sources Select the "Domain Monitor" option from the enrollment page Configuration is simplified with clear domain entry fields Email Address Monitor Allows monitoring of specific email address

How to Deploy CYRISMA Agents via PowerShell

Published September 20th, 2024 by Liam Downward

Sample PowerShell Script (Without Auto Provisioning) This script requires manual provisioning in the CYRISMA Command Center after installation. $a = "/verysilent /key=XXXXXX /URL=XX" $WebClient = New-Object System.Net.WebClient $WebClient.DownloadFile("https://dl.cyrisma.com/6167656E7473/Cyrisma_Setup.exe", "C:\windows\temp\Cyrisma_Setup.exe") $proc

Maximizing CYRISMA’s 30-Day Free Consulting Instance for Prospecting

Published March 4th, 2025 by Liam Downward

Step 1: Plan Your Prospecting Strategy Before deploying the 30-day free instance, define your goals: Identify the scope of the assessment. Determine how many endpoints you’ll deploy agents on. Plan the assessment deliverables and highlight the value of your managed services. Ensure a clear action plan for what will be accomplished within the 30-day

Provisioning and Reporting API Guide

Published September 19th, 2024 by Liam Downward

Obtain Initial Credentials: Contact CYRISMA Support to obtain the API Key (also called “Username”) and API Secret (also called “Password”) to start communication with the API. Change the API Secret: Update the API Secret to ensure only authorized applications can access the API. Request a Session Token: Use the API credentials to request a session t

March 4th 2025 Release Notes

Published March 5th, 2025 by Liam Downward

New Features Scheduled Duration Reports Users can now schedule duration reports to run automatically at specified intervals or generate one-time reports at a chosen date and time. Instant report generation is also available for immediate insights. Users have the option to opt-in for notifications when reports are generated, ensuring timely access to

Why Does Endpoint Protection Like ThreatLocker Block the CYRISMA Agent Installation?

Published December 26th, 2024 by Liam Downward

Symptoms The PowerShell script fails with the error: "The underlying connection was closed: An unexpected error occurred on a send." The script is unable to download the CYRISMA Agent from the URL (e.g., https://dl.cyrisma.com/...). The download works successfully when accessing the URL directly via a browser. Endpoint protection logs (e.g., ThreatL

Why Are My Patches Not Disappearing?

Published November 27th, 2024 by Liam Downward

Issue Patches that have been successfully applied are still displayed in the vulnerability section of devices, even though they do not appear in the Root Cause Analysis. Cause This issue can occur if the affected devices have not been rebooted after the patches were applied. A reboot is often required to finalize the patching process and for the sys

Vulnerability Scan in Progress

Published September 20th, 2024 by Liam Downward

Real-Time Scan Monitoring The Vulnerability Scan in Progress table displays all active scans with live updates. Each row in the table represents an individual scan, showing key details such as: Scan Name: Unique identifier for the scan, set at creation. Issued By: The user who initiated the scan. Completed Targets: Number of targets that have been f

Schedule a Secure Baseline Scan

Published September 20th, 2024 by Liam Downward

Navigate to Secure Baseline at the top of your screen and click on Scheudle a Scan 1. Assign a Scan Name Provide a name for the scan that is: Specific: Helps to clearly identify this scan or series of scans. Unique: Avoids confusion with other scans. For recurring scans, use a name that reflects the purpose or frequency of the scans. 2. Set the Scan

Why Can't I Undo a Patch Done by CYRISMA?

Published March 17th, 2025 by Liam Downward

Why Doesn’t CYRISMA Allow Automatic Rollbacks? Currently, CYRISMA is designed as a proactive security tool to quickly remediate vulnerabilities identified in your environment. Once a patch or configuration change is applied through the CYRISMA agent, it cannot be reversed automatically. This design ensures consistent security baselines and complianc

Alternative CYRISMA Installation Script for Windows

Published March 3rd, 2025 by Liam Downward

Prerequisites Administrator privileges on the machine where the agent is being installed. Internet access to download the CYRISMA installer. Ensure bitsadmin is enabled on the system (available by default on Windows). Installation Methods There are two versions of the script: With Auto-Provisioning Enabled (Automatically registers the agent). Withou

Halo PSA Integration Guide

Published October 31st, 2024 by Liam Downward

1. Create API Key To establish a connection between CYRISMA and Halo, you need to generate an API key. Steps to Create an API Key: Navigate to HaloPSA API: In the Halo user interface, go to Configuration > Integrations > HaloPSA API. Create New API Key: Click on the ‘New’ button to begin the API key creation process. Configure API Key Details:

You're Seeing Detections Through your EDR from CYRISMA.

Published September 20th, 2024 by Liam Downward

Overview If you're observing detections from your Endpoint Detection and Response (EDR) system related to the CYRISMA Agent, it’s important to understand how the agent operates and why these detections occur. This article outlines the modes of operation for the CYRISMA Agent, the reasons behind the detections, and how to configure your endpoint prot

CYRISMA Glossary

Published September 3rd, 2024 by Liam Downward

This is a auto-generated Article of all your definitions within the glossary. Glossary This is a auto-generated Article of all your definitions within the glossary. All A C D E F H I K L M N O P Q R S T U V W Active Directory Monitoring The process of tracking and analyzing activities within an Active Directory (AD) environment to detect unauthorize

How to Setup MFA (Multi-Factor Authentication)

Published September 20th, 2024 by Liam Downward

Sign In: Visit msp.cyrisma.com and log in to your account. Navigate to Your Instance: In the left-hand pane, click on your top-level instance. Locate the "Update" button for the address section in the snapshot. Update the Address Information: MFA Method: You will see the "MFA Method" section. Follow the prompts to select or update your Multi-Factor

Why Is My Account Locked? (Causes and Solutions)

Published November 20th, 2024 by Liam Downward

1. Why is Your Account Locked? Multiple Failed Login Attempts: Entering the wrong username or password too many times can result in your account being temporarily locked for security purposes. Administrative Lock: Your account may be locked by an administrator due to inactivity, policy violations, or other reasons. 2. Steps to Unlock Your Account A.

How to Resolve Issues with Batch Scan Scheduling

Published November 25th, 2024 by Liam Downward

Issue If you modify a scheduled scan (e.g., Batch 1 Monthly Vulnerability Scan) to a one-time scan, the scan will no longer appear in the recurring schedule. This guide explains how to reconfigure it as a recurring scan. Steps to Reconfigure the Scan Access Vulnerability Scan History Navigate to Vulnerability Scan History in the CYRISMA instance. Lo

Getting Started with CYRISMA: Your Self-Onboarding Guide

Published April 1st, 2025 by Liam Downward

1. 🔐 Log In to CYRISMA Start by accessing the MSP portal: 👉 https://msp .cyrism a.com/login If it's your first time logging in: Click Forgot Password Enter your email address (used as your username) Check your inbox for reset instructions Create a new password and log in 2. 🏁 Set Up Your First Customer Instance Get your first custo

How CYRISMA's Data Scans Help Prove Exposure Levels and Mitigate Risk

Published January 22nd, 2025 by Liam Downward

The Challenge: Proving Exposure in a Potential Data Breach In the event of a potential data breach, organizations must determine: Whether sensitive information, such as personally identifiable information (PII), financial data, or other critical information, was exposed. Whether the breach exceeds regulatory thresholds that require reporting. How to

Website or External scan is being blocked or failed (IP's that need to be whitelisted)

Published September 20th, 2024 by Liam Downward

Whitelist Requirements: For Web Application Scans Web application scans may originate from the following IP addresses. Ensure these are whitelisted in your firewall: 40.117.185.208 23.96.124.27 20.106.163.214 For External IP Scans External scans may come from any of the following IP addresses. These should also be added to your firewall whitelist: 2

How To Create an External IP Scan

Published September 19th, 2024 by Liam Downward

How to Create an External IP Scan 1. Navigate to Vulnerability Scan: After signing in to your account, go to the Vulnerability Scan section. Click on Schedule a Scan to start the process of creating a new scan. 2. Configure the New Scan: In the Start New Scan form, fill in the following details: Select a Scan Type: From the dropdown, choose External

Video: How To Generate a Cyber Risk Assessment Report

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

May 16th Release Notes

Published May 19th, 2025 by Liam Downward

Fixes in User Experience and Functions 🛠️ Admin Notification Config: Resolved an issue where the "Agent Not Checking In" alert failed with large time values. Notifications now trigger correctly based on the set duration. System Config: Fixed a backend issue that prevented Bitcoin from being saved as the selected currency. Targets: Added the Action c

Video: How To Create an Internal Unauthenticated Vulnerability Scan

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Troubleshooting Vulnerability Scan Errors: Inaccessible OVAL File and No ARF File

Published May 27th, 2025 by Liam Downward

This article outlines the root causes and resolutions for two common errors encountered during vulnerability scans within CYRISMA: "Inaccessible Vulnerability OVAL File" "No ARF File" These errors are typically related to incorrect target configurations or PowerShell issues on the scanned machines. Issue 1: Inaccessible Vulnerability OVAL File Cause

How to Resolve Issues with Setting Up Cloud Scans in CYRISMA

Published November 27th, 2024 by Liam Downward

Steps to Resolve Cloud Scan Issues 1. Setting Up a Scheduled Scan Verify the Cloud Agent:Ensure that a cloud agent has been created and deployed correctly. The cloud agent is necessary to initiate and complete cloud scans. Use a Local Agent if Needed:If a cloud agent isn't available, you can designate a local CYRISMA instance as the cloud agent to p

How Do I Address CVE-2022-0001 in CYRISMA and Confirm It Is Resolved?

Published December 23rd, 2024 by Liam Downward

Steps to Address CVE-2022-0001 Apply the Registry Fix for Windows Devices (Intel Processors): To mitigate CVE-2022-0001, apply the following registry updates: Copy code reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0x00800000 /f reg add "HKEY_LOCAL_MACHINE\S

Understanding the 'CYRISMA Cloud Agent' Idle Status

Published November 6th, 2024 by Liam Downward

Why is the CYRISMA Cloud Agent Idle or Down? The CYRISMA Cloud Agent remains in a down or idle state when: No cloud server has been designated. A data scan has not been initiated. The agent requires an active cloud server and an ongoing data scan to function properly. Steps to Resolve the Idle Status 1. Designate a Cloud Server Assign a machine to a

Office365 Scanning

Published September 20th, 2024 by Liam Downward

Navigate to Admin, click on Integrations the choose Office365 as your Credential Type: Setting up and running a data scan in your Office 365 (O365) environment involves configuring integrations, assigning permissions, and provisioning a cloud agent. Follow the detailed guide below to ensure a seamless process. 3. Click on “+ New registration” 4. Nam

Using CYRISMA for Pre-Sales Cybersecurity Scans

Published January 22nd, 2025 by Liam Downward

What Are Pre-Sales Cybersecurity Scans? Pre-sales cybersecurity scans are limited-scope assessments designed to evaluate a prospect's vulnerabilities, sensitive data exposure, and compliance status. These scans: Require minimal setup. Focus on key systems or areas of interest. Provide actionable insights without committing to a full deployment. How

Resolving Missing Scheduled Scans

Published November 27th, 2024 by Liam Downward

Common Cause Scheduled scans may disappear if the "Number of Scan Instances" setting is configured incorrectly. This parameter defines how many times the scan will execute, even for recurring scans. If set to 1, the scan will run once and not repeat, even if marked as recurring. How to Resolve Missing Scheduled Scans Identify Missing Scans Confirm t

How to use Network Discovery to find Targets

Published September 19th, 2024 by Liam Downward

Navigate to Targets: Visit Admin > Targets in your dashboard. Choose Network Discovery: Select the Network Discovery option to start the process of scanning for available targets. Fill in the Details: Enter the required information for the network discovery. Note that the agent must have admin credentials to access machines in the subnet being sc

Agent Compatibility with Data Scans: Mac and Linux Limitations

Published December 18th, 2024 by Liam Downward

Key Points to Note Unsupported Feature: Neither the Mac Agent nor the Linux Agent currently support performing data scans. Windows Agent Required: To perform a data scan on Mac or Linux devices, a Windows Agent must be used. This ensures the scan can run successfully. Common Issue: Selecting a Mac or Linux Agent for a data scan may cause the scan to

Default Vulnerability Scan in CYRISMA

Published February 18th, 2025 by Liam Downward

📌 Overview Once CYRISMA agents are deployed on endpoints, they are automatically added to the Default Vulnerability Scan. This scan is preconfigured to ensure every new device starts receiving risk insights immediately—no manual scheduling needed. By default, this scan is set to run weekly (every Monday at 9:00 AM), but it can be customized to suppo

Secure Baseline Scan Dashboard

Published September 20th, 2024 by Liam Downward

The Secure Baseline Scan Dashboard provides an overview of your scan performance, allowing you to track vulnerabilities based on system configurations and group policies. Key Features: Secure Baseline Scan Risk Grades: Displays risk grades for your scans, helping you understand how secure your instance is and where vulnerabilities exist. Scan scores

Understanding Auto Patching in CYRISMA

Published February 26th, 2025 by Liam Downward

1. Enabling Auto Patching To enable Auto Patching in CYRISMA: Navigate to Admin > System Configuration. Locate the Auto Patch Installation setting. Toggle "Yes" to enable auto patching. Specify the Auto Patch Installation Delay, which determines when the patches will be applied after a vulnerability is detected. The default delay is 72 hours, but

CYRISMA Quick Start Guide

Published October 30th, 2024 by Liam Downward

CYRISMA Quick Start Guide Step 1: Understanding CYRISMA Licensing CYRISMA licenses are based on either the number of End Points or Users, whichever has the highest count. This ensures the platform is scaled appropriately for your needs. Step 2: ROI , TCO, and Revenue Generation CYRISMA helps organizations increase revenue and reduce costs through it

Setting Up and Using Custom Regex in CYRISMA

Published January 22nd, 2025 by Liam Downward

1. What is Custom Regex ? Regular expressions (regex) are sequences of characters that define search patterns for text. CYRISMA's custom regex feature enables users to create personalized search patterns to identify unique sensitive data types, such as: Internal identifiers (e.g., employee IDs, project codes) Industry-specific information (e.g., SIN

Best Practices for Data Scans in CYRISMA

Published January 22nd, 2025 by Liam Downward

1. Understand the Purpose of Data Scans Before initiating a data scan, clearly define your objectives. Common goals include: Identifying sensitive data like Social Security numbers, credit card numbers, or passwords. Detecting misconfigured files or improper data storage. Supporting compliance with regulations like GDPR, HIPAA, or PCI-DSS. Gaining i

How do I perform Continuous Scanning?

Published December 5th, 2024 by Liam Downward

Understanding Continuous Scanning "Continuous scanning" typically refers to the ability of a platform to run scans automatically at regular intervals, providing reassurance that the system is actively monitoring for vulnerabilities. In practice, continuous scanning is more about providing MSPs and administrators with the perception that a system is

Troubleshooting the "Inaccessible OVAL File" Error

Published November 27th, 2024 by Liam Downward

Steps to Resolve the Error 1. Check Network Connectivity Ensure Stable Internet Access: Verify that the machine being scanned has a stable and reliable network connection. Firewall /Proxy Settings: If your organization uses firewalls or proxies, ensure that the necessary connections for accessing external databases are not being blocked. 2. Verify D

Video: How to Setup a Google Workspace Scan

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Overall Risk Dashboard

Published September 20th, 2024 by Liam Downward

Overview of the Overall Risk Dashboard The Overall Risk Dashboard, provides a comprehensive overview of the security status within a selected customer or organization (instance). This dashboard collects and presents unique data about the customer, as reported by the onsite sensor and hosted in CYRISMA’s cloud infrastructure. To begin viewing data in

Understanding CYRISMA's Internal and External Vulnerability Scans

Published January 22nd, 2025 by Liam Downward

Internal Vulnerability Scans Authenticated vs. Unauthenticated Scans Authenticated Scans: These scans use credentials to log into devices and identify vulnerabilities that require higher-level access to detect. This scan type provides more in-depth results, including configuration issues and vulnerabilities that are not exposed externally. Unauthent

What Happens If a Device Name Changes in CYRISMA?

Published May 7th, 2025 by Liam Downward

Why Doesn’t CYRISMA Detect Name Changes? When the CYRISMA agent is installed, it locks the system’s identity to the original device name. This binding is tied to internal components—specifically the events.dll file—ensuring secure, consistent recognition of the device throughout scans and reporting. What Should I Do If a Device Name Changes? If a de

How to Install the CYRISMA Agent for Mac OS

Published September 20th, 2024 by Liam Downward

Downloading the CYRISMA Agent To download the CYRISMA Agent package: Log in to your CYRISMA instance. Navigate to Admin > Scan Agents. Choose the appropriate installer based on your Mac's architecture: Intel x64: CyBroker_Installer.pkg Arm 64 (Apple M1/M2/M3): CyBroker_Installer_Arm64.pkg Granting Full-Disk Access to Terminal Important Note: Befo

How to Remove Access to Microsoft 365 Cloud

Published November 25th, 2024 by Liam Downward

Issue Removing access to Microsoft 365 (M365) Cloud for a client. Solution To fully remove access to M365 Cloud, follow these steps: Navigate to the Integration Settings Log in to the CYRISMA platform. Go to the Admin section and select Integrations. Remove Office 365 Credentials Locate the Office 365 Credentials section. Delete the existing credent

What is the ARF File Error?

Published September 20th, 2024 by Liam Downward

Overview: The ARF error is a common issue encountered during scanning processes. This article explains the cause of the error and provides recommendations for improving your scanning experience. What Causes the ARF Error? The ARF error occurs when the host times out, resulting in a lost connection during the scan. This can happen for various reasons

Is PsExec and SDelete Required on Every Device?

Published December 20th, 2024 by Liam Downward

Key Components and Their Roles PsExec: Purpose: Enables the agent to perform remote machine scans by facilitating communication with target devices. When Needed: PsExec is only required for remote scans. If the agent is scanning its own host (local machine), PsExec is not utilized. SDelete and SDelete64: Purpose: Securely deletes files identified du

How to Remove Agent Configurations from the CYRISMA Web Platform

Published September 20th, 2024 by Liam Downward

Important Considerations Uninstalling the agent from a computer or removing the computer from the network will not automatically remove the agent or target configurations from the CYRISMA Web Platform. If the agent host machine is still on the network, you have two options: Uninstall the agent software manually and delete the agent configuration in

CYRISMA Agent Installation Guide

Published September 20th, 2024 by Liam Downward

Overview: The CYRISMA CyBroker Sensor is used to scan targets within a local network (LAN) for Data Sensitivity, Vulnerability/Baseline scans, and Agentless scans on various systems (Windows, MAC, Linux). The sensor communicates with the CYRISMA Command Center, which receives scan results. Prerequisites: Sensor Installation Requirements: Must be ins

March 26th 2025 Release Notes

Published March 26th, 2025 by Liam Downward

Fixes in User Experience and Functions Dark Web Setup Dark Web Monitor: Updated domain validation logic to resolve issues preventing valid domains from being monitored. MSP Central Vulnerability Manager PSA Integration: Users can now generate PSA tickets directly from search results within the Central Vulnerability Manager (Search CVM) modal. Quick