Cyrisma Knowledge Base

Understanding Risk Level vs. Exploitability in CYRISMA

Published May 21st, 2025 by Liam Downward

📊 What is Risk Level ? Risk Level refers to the severity of a vulnerability, often influenced by metrics such as CVSS scores, vendor assessments, and system impact. These are categorized as: Critical High Medium Low A Critical or High risk level means the vulnerability could cause significant harm if exploited—but does not necessarily mean it’s bein

Agents Not Appearing in the "Agents Waiting Provisioning" Area

Published November 25th, 2024 by Liam Downward

Issue When setting up provisioning, agents do not appear in the "Agents Waiting Provisioning" section, even though the devices have been deployed. Root Cause This issue is typically caused by a time synchronization error on the device. If the system time is off by more than 5 minutes from the standard time, the agent may fail to authenticate and app

Selling Cybersecurity Services - Approaches to Objection Handling

Published March 19th, 2025 by Liam Downward

Common Objections and How to Respond Below are effective ways to handle frequent objections during your sales conversations. Objection 1: "We're a small company—do we really need cybersecurity ?" Prospects may underestimate their risk exposure due to their size. Here's how to address this: Cyber Attacks Happen to SMBs: Smaller businesses are increas

Using CYRISMA for Pre-Sales Cybersecurity Scans

Published January 22nd, 2025 by Liam Downward

What Are Pre-Sales Cybersecurity Scans? Pre-sales cybersecurity scans are limited-scope assessments designed to evaluate a prospect's vulnerabilities, sensitive data exposure, and compliance status. These scans: Require minimal setup. Focus on key systems or areas of interest. Provide actionable insights without committing to a full deployment. How

Provisioning and Reporting API Guide

Published September 19th, 2024 by Liam Downward

The Cyrisma Provisioning and Reporting API enables partners to automate platform onboarding, manage organizations and users, and retrieve scan and risk data for reporting and integration purposes. The API supports two primary functions: Provisioning Operations Automate partner setup, instance creation, user management, MFA configuration, and lifec

Video: How to Setup a Google Workspace Scan

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

How to Raise Your Compliance Score in CYRISMA

Published April 30th, 2025 by Liam Downward

Key Actions That Improve Your Compliance Score To positively impact your compliance score, focus on these core areas: 1. Deploy the Active Directory (AD) Monitor CYRISMA assesses security settings within your Active Directory. A misconfigured AD is a major vulnerability and impacts compliance scoring. Ensure: AD monitor is deployed and active Key se

Can I change the CYRISMA Agent File Name?

Published November 15th, 2024 by Liam Downward

Key Points: Background Operation: The agent runs silently without interrupting the user’s workflow. It does not display pop-ups or other visible alerts to the user, ensuring no disruption. An icon in the system tray shows that the agent is running, but it is generally unnoticed unless the user specifically checks. Silent Installation: A mass insta

Troubleshooting CYRISMA Scans Failing Due to Sophos Endpoint Protection

Published January 30th, 2025 by Liam Downward

Root Cause Analysis What Happens During a CYRISMA Scan? CYRISMA’s scan agent initiates a port scanning process to identify open ports. The scanner attempts to execute a Python-based port scanner, which unpacks necessary files into the Windows temp directory. Once port scanning completes, the full vulnerability scan proceeds. Symptoms of the Issue Sc

Patch Configuration: Granular Control Over Blackout Hours

Published May 1st, 2025 by Liam Downward

🛠️ Key Capabilities ✅ Exclude Specific Machines from Patching Prevent certain devices—such as critical servers or legacy systems—from receiving automatic patches. Ideal for sensitive systems that require manual updates or downtime coordination. Helps avoid patch-related compatibility issues. ⛔ Block Third-Party Applications from Auto-Patching Design

How to White Label Reports in CYRISMA

Published March 10th, 2025 by Liam Downward

Steps to White Label Reports in CYRISMA Access the MSP Portal Navigate to msp. cyrisma .com and log in using your MSP administrator credentials. Select Your Organization On the left-hand navigation panel, locate and click on your organization’s name. This will take you to the organization settings page where you can manage your branding preferences.

Default Vulnerability Scan in CYRISMA

Published February 18th, 2025 by Liam Downward

📌 Overview Once CYRISMA agents are deployed on endpoints, they are automatically added to the Default Vulnerability Scan. This scan is preconfigured to ensure every new device starts receiving risk insights immediately—no manual scheduling needed. By default, this scan is set to run weekly (every Monday at 9:00 AM), but it can be customized to suppo

How to Use Industry Comparison and vCISO Services

Published October 30th, 2024 by Liam Downward

How to Use Industry Comparison and vCISO Services Access Industry Comparison: Click on Industry Comparison in the menu. Here, you will find options to view your instance's scores compared to others in your industry. Explore Metrics: By clicking on each metric—Data Sensitivity, Vulnerability, Secure Baseline, and Compliance—you can access different a

Resolving Missing Scheduled Scans

Published November 27th, 2024 by Liam Downward

Common Cause Scheduled scans may disappear if the "Number of Scan Instances" setting is configured incorrectly. This parameter defines how many times the scan will execute, even for recurring scans. If set to 1, the scan will run once and not repeat, even if marked as recurring. How to Resolve Missing Scheduled Scans Identify Missing Scans Confirm t

Failed O365 Credentials Due to Invalid "Secret Value"

Published November 27th, 2024 by Liam Downward

Common Causes: Client Secret ID vs. Secret Value: In the Azure portal, the client secret ID is visible, but the client secret value is not. The secret value is crucial for proper authentication and must be securely stored at the time of creation, as it will not be displayed again in the Azure interface. Incorrect Secret Value: If the secret value en

Understanding Agent-Based Scanning vs. Sensor-Based Scanning

Published November 27th, 2024 by Liam Downward

Agent-Based Scanning Agent-based scanning utilizes agents installed directly on the target devices. These agents handle the scanning process locally, without requiring remote access. When to Use Agent-Based Scanning Authenticated Vulnerability Scans: For scans that require login credentials to analyze system vulnerabilities. Secure Baseline Scans: T

Vulnerability Scan Compare

Published September 20th, 2024 by Liam Downward

Steps to Compare Vulnerability Scans Select Scan Type: Choose the scan type that matches the target you wish to compare. Options include: Internal Authenticated Internal Unauthenticated / External - IP Addresses External - Web Application URLs Select Target: From the "Select Target" dropdown, choose the specific device or IP that has prior vulnerabi

Understanding CYRISMA's Internal and External Vulnerability Scans

Published January 22nd, 2025 by Liam Downward

Internal Vulnerability Scans Authenticated vs. Unauthenticated Scans Authenticated Scans: These scans use credentials to log into devices and identify vulnerabilities that require higher-level access to detect. This scan type provides more in-depth results, including configuration issues and vulnerabilities that are not exposed externally. Unauthent

Streamlining MSP Operations with CYRISMA’s Centralized Vulnerability Manager (CVM)

Published April 17th, 2025 by Liam Downward

1. Start with Centralized Visibility Access All Clients in One Place: Log into the MSP interface to see vulnerabilities and risk across every client and endpoint from one dashboard. Aggregate and Filter Data: Instantly search by vulnerability, root cause, OS, client, or asset type (workstations, servers, etc.). No more jumping between instances. Tip

How to Uninstall the CYRISMA Agent

Published September 20th, 2024 by Liam Downward

Uninstalling the CYRISMA Agent on Windows There are three methods to uninstall the CYRISMA Agent on a Windows machine: 1. Manual Uninstallation via File Explorer Navigate to C:\CYRISMA_Agent\. Locate the file unins000.exe. Double-click the file and follow the on-screen instructions to complete the uninstallation process. 2. Uninstalling via Remote M

You're Seeing Detections Through your EDR from CYRISMA.

Published September 20th, 2024 by Liam Downward

Overview If you're observing detections from your Endpoint Detection and Response (EDR) system related to the CYRISMA Agent, it’s important to understand how the agent operates and why these detections occur. This article outlines the modes of operation for the CYRISMA Agent, the reasons behind the detections, and how to configure your endpoint prot

Troubleshooting Agent Installation Problems

Published September 19th, 2024 by Liam Downward

1. General Troubleshooting Steps 1.1. Agent Fails to Install Symptoms: Installer does not complete. Error messages, e.g., "Permission denied." Resolutions: Ensure Admin Rights: Install with administrator privileges. On Windows, right-click the installer and select Run as Administrator. Verify Prerequisites: Windows: Ensure .NET Framework 4.8+ is ins

How to Remove Agent Configurations from the CYRISMA Web Platform

Published September 20th, 2024 by Liam Downward

Important Considerations Uninstalling the agent from a computer or removing the computer from the network will not automatically remove the agent or target configurations from the CYRISMA Web Platform. If the agent host machine is still on the network, you have two options: Uninstall the agent software manually and delete the agent configuration in

How To Deploy Agents

Published September 19th, 2024 by Liam Downward

How to Install Agents Navigate to Scan Agents: Visit Admin > Scan Agents in your dashboard. Generate a Windows Installation Key: Click on the option to Generate a Windows Installation Key. This key will be necessary for agent installation. Decide on Agent Deployment Method: Visit the Agent Status section to determine how you want to deploy your

Why Is My Account Locked? (Causes and Solutions)

Published November 20th, 2024 by Liam Downward

1. Why is Your Account Locked? Multiple Failed Login Attempts: Entering the wrong username or password too many times can result in your account being temporarily locked for security purposes. Administrative Lock: Your account may be locked by an administrator due to inactivity, policy violations, or other reasons. 2. Steps to Unlock Your Account A.

How to Delete a Mitigation Plan

Published November 27th, 2024 by Liam Downward

Steps to Request Deletion of a Mitigation Plan: Identify the Need for Deletion: If you have created a mitigation plan and need it deleted, ensure that it is no longer required for any ongoing processes. If the plan is no longer relevant or was created by mistake, a support ticket will be needed to initiate the deletion. Create a Support Ticket: Open

Why is my Web App Scanning Failing?

Published November 25th, 2024 by Liam Downward

Issue The Web App scan for a URL (e.g., http://www.cyrisma.com ) may fail or produce incorrect results if the URL includes unnecessary prefixes, such as " www ." Solution To resolve the issue: Verify the URL Configuration Ensure the URL entered for the Web App scan does not include " www ." unless explicitly required by the application. Example: Cha

Secure Baseline Scan History

Published September 20th, 2024 by Liam Downward

Features of the Secure Baseline Scan History Table The table includes the following details for each scan: Scan Name: The unique name assigned to the scan. Targets Scanned: The number of targets assessed during the scan. Issued By: The individual who initiated the scan. Start and End Dates: The scan’s duration, showing when it began and ended. Numbe

Why Some Windows KBs Appear in Vulnerability Scans but Not in Patch Manager

Published May 19th, 2025 by Liam Downward

Issue Summary You may encounter a scenario where a Windows KB article appears in the Vulnerability Scan results for an endpoint (e.g., Patch - KB5055528), but that same KB does not appear under the Windows tab in Patch Manager > Root Cause Breakdown or during a CVE search. This can understandably create confusion, especially when trying to assess

Security Service Tiers, Packaging, and Pricing with CYRISMA

Published March 27th, 2025 by Liam Downward

CYRISMA -Powered Service Models to Explore CYRISMA enables you to create flexible service models that cater to different client needs, including: Tailored Professional and Assessment Services: Use the 30-day free instance to provide customized scans and insights. Scalable Managed Services: Offer customer-managed, co-managed, or fully managed service

Where to Find Information on User Roles?

Published September 20th, 2024 by Liam Downward

Overview: Understanding user roles is crucial for managing access and functionality within the CYRISMA platform. This article outlines where to find detailed information about each user role and their permissions. Accessing User Roles Information 1. Organizational Dashboard The Organizational Dashboard, also known as the Service Provider Interface,

Guide to Probe Scanning in CYRISMA

Published March 13th, 2025 by Liam Downward

When to Use Probe Scanning If a client or prospect is not ready to deploy agents on all endpoints. When performing preliminary internal scans during the sales or prospecting phase. If network-wide credentialed scanning is preferred over deploying agents on each device. How Probe Scanning Works 1. Deploying the Probe Agent Install a CYRISMA agent on

Video: How to Create an External IP Scan

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video. Click below for a written walkthrough How To Create an External IP Scan - Cyrisma

Password-Protected Reports in CYRISMA

Published April 8th, 2025 by Liam Downward

Why Are Reports Password Protected? CYRISMA reports often contain sensitive vulnerability, compliance, or data classification results. Password-protecting these reports helps: Prevent unauthorized access if a file is downloaded or shared. Ensure an additional layer of protection during file storage or transmission. Maintain compliance with industry

How To Setup Microsoft Secure Score

Published October 30th, 2024 by Liam Downward

Accessing Microsoft Secure Score Navigate to Secure Score: Go to the main menu. Select Compliance > Microsoft Secure Score. Key Features Risk Grades: The dashboard displays both your current and previous risk grades, helping you track changes in your Microsoft Cloud environment's security configuration. Switch between reporting periods by selec

Why Does Endpoint Protection Like ThreatLocker Block the CYRISMA Agent Installation?

Published December 26th, 2024 by Liam Downward

Symptoms The PowerShell script fails with the error: "The underlying connection was closed: An unexpected error occurred on a send." The script is unable to download the CYRISMA Agent from the URL (e.g., https://dl.cyrisma.com/...). The download works successfully when accessing the URL directly via a browser. Endpoint protection logs (e.g., ThreatL

How to Create an External Web Application URL Scan

Published September 19th, 2024 by Liam Downward

Navigate to Vulnerability Scan: After signing in to your account, go to the Vulnerability Scan section. Click on Schedule a Scan to begin the process of creating a new scan. Configure the New Scan: In the Start New Scan form, fill in the following details: In the field labeled Scan name, input a descriptive name for the scan. For example, "VS_EX_Web

How To Create an Internal Unauthenticated Vulnerability Scan

Published September 19th, 2024 by Liam Downward

Navigate to Schedule a Scan: Go to Vulnerability Scan > Schedule a Scan > Create. Name the Scan: Enter a descriptive name for your scan, such as "VS_INT_UnAuth_1". Select Scan Type: Choose the "Internal - Unauthenticated" option. Choose Agent: Select the desired agent for the scan. Typically, it is recommended to run this from a server. To ens

Why You May Be Seeing an "Access Denied" Error When Logging into the CYRISMA Portal

Published January 7th, 2025 by Liam Downward

What’s Happening? For example, you might see a URL like this: https://msp.cyrisma.com?_gl=1*xy8ppx*_ga*NDc5OT... These tracking codes are flagged by our security system as potential threats and are blocked to ensure the safety of our portal. How to Fix It To resolve this issue, follow these steps: Access the Portal Directly: Use a clean URL without

Agents Not Appearing in Dashboard After Installation

Published November 25th, 2024 by Liam Downward

Symptoms The CYRISMA agent installation completes successfully. The agent does not appear in the CYRISMA dashboard. Logs show errors such as: Agent to Instance Pairing FAILURE! Unable to connect to the remote server. Root Cause This issue occurs when endpoint protection software or security tools block outgoing HTTPS requests or PowerShell executi

Secure Baseline Scan in Progress

Published September 20th, 2024 by Liam Downward

Displayed Information Each row in the Scans in Progress table includes the following columns: Scan Name: Identifies the name of the scan. Clicking the name allows you to view more details about the scan. Targets: Indicates the total number of targets included in the scan. Issued By: Displays the name of the individual who initiated the scan. Complet

Autotask PSA Integration Guide

Published October 31st, 2024 by Liam Downward

1. Create API User To set up a secure API user in Autotask, follow these steps from the admin console of the Autotask Web interface. Steps to Create a Secure API User: Access Users: Navigate to Resources > Users under Account Settings in the Autotask Web interface. Select New API User: From the New drop-down selector, choose “New API User”. Choos

How to Deploy CYRISMA Agents via PowerShell

Published September 20th, 2024 by Liam Downward

Sample PowerShell Script (Without Auto Provisioning) This script requires manual provisioning in the CYRISMA Command Center after installation. $a = "/verysilent /key=XXXXXX /URL=XX" $WebClient = New-Object System.Net.WebClient $WebClient.DownloadFile("https://dl.cyrisma.com/6167656E7473/Cyrisma_Setup.exe", "C:\windows\temp\Cyrisma_Setup.exe") $proc

What Happens If a Device Name Changes in CYRISMA?

Published May 7th, 2025 by Liam Downward

Why Doesn’t CYRISMA Detect Name Changes? When the CYRISMA agent is installed, it locks the system’s identity to the original device name. This binding is tied to internal components—specifically the events.dll file—ensuring secure, consistent recognition of the device throughout scans and reporting. What Should I Do If a Device Name Changes? If a de

How To Create an External IP Scan

Published September 19th, 2024 by Liam Downward

How to Create an External IP Scan 1. Navigate to Vulnerability Scan: After signing in to your account, go to the Vulnerability Scan section. Click on Schedule a Scan to start the process of creating a new scan. 2. Configure the New Scan: In the Start New Scan form, fill in the following details: Select a Scan Type: From the dropdown, choose External

Schedule a Secure Baseline Scan

Published September 20th, 2024 by Liam Downward

Navigate to Secure Baseline at the top of your screen and click on Scheudle a Scan 1. Assign a Scan Name Provide a name for the scan that is: Specific: Helps to clearly identify this scan or series of scans. Unique: Avoids confusion with other scans. For recurring scans, use a name that reflects the purpose or frequency of the scans. 2. Set the Scan

Configuring Local Data Scans Across Multiple Agents

Published November 25th, 2024 by Liam Downward

Issue When attempting to perform a local data scan across all agents, it appears only the initially selected agent is being scanned. The user is selecting all agents and paths, but the scan only targets the first selected agent. Solution Key Points No Group Scan for Data Scans Data scans in CYRISMA do not support group scans where all agents are sca

Website or External scan is being blocked or failed (IP's that need to be whitelisted)

Published September 20th, 2024 by Liam Downward

Whitelist Requirements: For Web Application Scans Web application scans may originate from the following IP addresses. Ensure these are whitelisted in your firewall: 40.117.185.208 23.96.124.27 20.106.163.214 For External IP Scans External scans may come from any of the following IP addresses. These should also be added to your firewall whitelist: 2

Video: CYRISMA Quick Start Guide

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Best Practices for Data Scans in CYRISMA

Published January 22nd, 2025 by Liam Downward

1. Understand the Purpose of Data Scans Before initiating a data scan, clearly define your objectives. Common goals include: Identifying sensitive data like Social Security numbers, credit card numbers, or passwords. Detecting misconfigured files or improper data storage. Supporting compliance with regulations like GDPR, HIPAA, or PCI-DSS. Gaining i

Resolving CYRISMA Agent Issues with SentinelOne Security

Published September 20th, 2024 by Liam Downward

How to Identify if You Are Affected To determine if your CYRISMA Agent is impacted, check the CYRISMA Agent log for the following error: jsaf.provider.windows.powershell.PowershellException: Cannot find a variable with the name 'AmsiContext'.Cannot find a variable with the name 'AmsiInitFailed'. If this error appears, it indicates that SentinelOne i

How to Resolve Compliance Detection for TLS Certificate

Published November 25th, 2024 by Liam Downward

Issue After installing an SSL certificate on a firewall, scans still detect the compliance failure: "FAILED Compliance: TLS: No Self-Signed Certificates. Description: Ensure TLS certificates are signed by a separate issuer." Cause The scan is detecting that the certificate is self-signed or not signed by a publicly trusted certificate authority (CA)

Setting Up PSA Integrations with CYRISMA

Published September 19th, 2024 by Liam Downward

Overview CYRISMA supports integration with various Professional Services Automation (PSA) platforms, allowing for streamlined workflows and enhanced management of risk and compliance tasks. This guide covers the setup process for integrating CYRISMA with popular PSA platforms, including ConnectWise, Autotask, N-able, and Halo. Detailed Setup Instruc

List of Applications Patchable by CYRISMA

Published December 4th, 2024 by Liam Downward

Patchable Applications Compression Tools 7z.exe WinRAR Winzip Document Viewers & Editors Adobe Acrobat Reader DC Continuous LibreOffice Notepad++ Browsers & Web Clients Microsoft Edge Chrome Media Tools VLC Media Player iTunes.exe Apple iTunes Remote Tools TeamViewer TightVNC UltraVNC RealVNC VNC Connect Programming & Development Tools D

Office365 Scanning

Published September 20th, 2024 by Liam Downward

Navigate to Admin, click on Integrations the choose Office365 as your Credential Type: Setting up and running a data scan in your Office 365 (O365) environment involves configuring integrations, assigning permissions, and provisioning a cloud agent. Follow the detailed guide below to ensure a seamless process. 3. Click on “+ New registration” 4. Nam

Setup AD Monitor

Published September 20th, 2024 by Liam Downward

Setting up Entra ID Monitor Navigate to Compliance Go to Compliance > Set up AD Monitor. Configure Entra ID Monitor Provide a name for the monitor. Select Monitor Type as Entra ID Monitor. Notification and Scheduling Options Choose whether to receive a summary notification once the scan finishes. Select the desired Schedule Type: Now: Runs the sc

How to setup a Dark Web Monitor

Published September 19th, 2024 by Liam Downward

Domain Monitoring Setup Step 1: Access Dark Web Domain Monitor Navigate to Dark Web → Setup Dark Web Monitor. Choose the Domain Monitor option. Step 2: Enter Domain Details Input Domain: Enter your organization’s primary domain (e.g., yourcompany.com). Company Name: Enter the company name associated with the domain you want to monitor. Step 3: Activ

How to Resolve Issues with Setting Up Cloud Scans in CYRISMA

Published November 27th, 2024 by Liam Downward

Steps to Resolve Cloud Scan Issues 1. Setting Up a Scheduled Scan Verify the Cloud Agent:Ensure that a cloud agent has been created and deployed correctly. The cloud agent is necessary to initiate and complete cloud scans. Use a Local Agent if Needed:If a cloud agent isn't available, you can designate a local CYRISMA instance as the cloud agent to p

How to Create a Data Scan

Published September 19th, 2024 by Liam Downward

Click on Data Scan and Schedule Scan: Assign a Scan Name: Enter a descriptive name for your scan in the Scan Name field. Select Scan Type: Use the dropdown menu under Select Scan Type to choose from the following options: Local O365 Email O365 OneDrive SharePoint Gmail Google Drive Set Credentials: Choose the credential to be used for the scan: Use

Why Agent-Based Scanning is Recommended

Published November 27th, 2024 by Liam Downward

Challenges with Sensor-Based Scanning Network Dependency:Sensor-based scanning requires the target machines to be online and accessible to the network probe. This can lead to failures if: Target machines are located on different networks. They are connected through a VPN. Credential Requirements:For a successful scan, the sensor must have valid cred

vCISO Action Plans in CYRISMA

Published January 30th, 2025 by Liam Downward

How the VCISO Action Plan Works Compliance & Industry Benchmarking Within the Compliance tab, CYRISMA aggregates scan results and provides an Industry Comparison . The platform benchmarks the organization’s security posture against industry standards. The goal is to identify gaps and ensure improvement over time. Score-Based Action Plan Developm

Exporting a CSV File of CVEs Tied to Assets

Published November 27th, 2024 by Liam Downward

Steps to Export CVE and Asset Data Navigate to the Vulnerability Dashboard Go to Vulnerability Scanning in the CYRISMA menu. Select Vulnerability Dashboard. Locate the Report Section Scroll down to the section labeled All Vulnerabilities (90 Days) - Impacted Hosts for Each. Export the CSV File On the right-hand side of this section, locate the CSV E

Support Ticket SLA

Published September 20th, 2024 by Liam Downward

First Response Time (FRT): We aim to acknowledge your inquiry within 1-2 hours during business hours. This initial response will confirm receipt of your request and provide an estimated timeline for resolution. Average Resolution Time: Simple Issues: For straightforward issues, we strive to resolve them within 24-48 hours. These include minor techni

Instance Access: Seamless Navigation Between Client Environments

Published April 25th, 2025 by Liam Downward

Why It Matters For MSPs managing several customer environments, switching between instances has traditionally required logging out and back in through the main portal—an inefficient and time-consuming process. This friction reduced productivity and introduced avoidable delays when responding to tickets, conducting assessments, or providing real-time

How to Create a Client Instance

Published September 19th, 2024 by Liam Downward

Sign In: Visit msp.cyrisma.com and sign in to your account. Navigate to New Instance : Go to the "Instance" section, then click “New Instance.” Fill Out the Client Instance Form: Client Name: Enter the name of the client. Address, Town, State, ZIP Code: (Optional) Fill in the client's address details. Instance Label: Enter a unique label for the ins

Understanding the 'CYRISMA Cloud Agent' Idle Status

Published November 6th, 2024 by Liam Downward

Why is the CYRISMA Cloud Agent Idle or Down? The CYRISMA Cloud Agent remains in a down or idle state when: No cloud server has been designated. A data scan has not been initiated. The agent requires an active cloud server and an ongoing data scan to function properly. Steps to Resolve the Idle Status 1. Designate a Cloud Server Assign a machine to a

Video: How to Create a Data Scan

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

How to Suppress and Globally Suppress Open Ports in CYRISMA

Published June 20th, 2025 by Liam Downward

Suppressing an Open Port for a Specific Host Log in to the CYRISMA dashboard. Navigate to Vulnerability Scan > Scan History and select either: Internal Unauthenticated External Web App Click on the scan result and drill down by selecting a machine or IP address from the Vulnerabilities Breakdown chart. Once in the Host Vulnerability Summary, expa

If an endpoint is online at any stage of a month (even 1 day) will it bill that entire month?

Published November 15th, 2024 by Liam Downward

Yes, that’s correct. If an endpoint is not online for the entire month, it won’t be billed for that month. In your scenario, if you have 45 endpoints in an instance, but only 30 are online for the month (and the remaining 15 are offline for longer than a month), you will only be billed for the 30 active endpoints. Here’s a breakdown: Active endpoint

Where Do I Login To My MSP Dashboard?

Published November 20th, 2024 by Liam Downward

1. Incorrect Username or Password One of the most frequent causes of login issues is entering the wrong username or password. Ensure that: Your username is typed correctly, with no extra spaces or typos. Your password matches exactly, keeping in mind that passwords are case-sensitive. You’re not using autofill with outdated credentials. If you're un

Why Is there a 5-Item Selection Limit in Data Scans?

Published February 25th, 2025 by Liam Downward

1. System Performance & Resource Allocation Shared Cloud Agents : CYRISMA utilizes shared ServiceMa Cloud Agents to conduct data scans. When users initiate extensive scans (e.g., scanning thousands of mailboxes), it can overburden the shared infrastructure. Heavy scanning loads can lead to queueing delays as agents are tied up, impacting other u

How to Suppress Secure Baseline Rules in CYRISMA

Published March 17th, 2025 by Liam Downward

Suppressing Secure Baseline Rules To suppress Secure Baseline rules on a specific machine: Log into the CYRISMA platform. Navigate to Secure Baseline → Scan History. Identify the scan and the machine you want to suppress a rule for. Click on the bar graph representing the specific machine to view the rules. Identify the rule you'd like to suppress:

Why Do My Vulnerability Scans Have a High Failure Rate?

Published November 25th, 2024 by Liam Downward

Problem When submitting an internal authenticated vulnerability scan, a significant number of targets fail due to configuration or accessibility issues. This can result from: Lack of proper credentials for remote scanning. Inefficiencies in the scanning method (e.g., remote vs. agent-based scanning). Solution 1. Identify the Issue For the internal a

Video: How To Create an Internal Unauthenticated Vulnerability Scan

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Video: How to Create a Client Instance

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Why Are CYRISMA Agents Not Showing Up for Provisioning?

Published November 25th, 2024 by Liam Downward

Problem Description Newly deployed PCs were not appearing in CYRISMA for provisioning, even though the installation script successfully ran. The root cause was an error in the script's syntax, specifically with the formatting of the CYRISMA server URL. Steps to Resolve the Issue Inspect the Script Syntax Review the deployment script carefully. In th

Patch Manager

Published September 20th, 2024 by Liam Downward

1. Root Cause Breakdown The Root Cause Breakdown section lists vulnerabilities by their underlying causes, enabling users to identify and address issues at the source. The table displays: Root Cause: The primary software or configuration issue contributing to vulnerabilities. No. of CVEs: The number of Common Vulnerabilities and Exposures associated

Video: How To Create a Secure Baseline Scan

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

How CYRISMA's Data Scans Help Prove Exposure Levels and Mitigate Risk

Published January 22nd, 2025 by Liam Downward

The Challenge: Proving Exposure in a Potential Data Breach In the event of a potential data breach, organizations must determine: Whether sensitive information, such as personally identifiable information (PII), financial data, or other critical information, was exposed. Whether the breach exceeds regulatory thresholds that require reporting. How to

How to Resolve Issues with Batch Scan Scheduling

Published November 25th, 2024 by Liam Downward

Issue If you modify a scheduled scan (e.g., Batch 1 Monthly Vulnerability Scan) to a one-time scan, the scan will no longer appear in the recurring schedule. This guide explains how to reconfigure it as a recurring scan. Steps to Reconfigure the Scan Access Vulnerability Scan History Navigate to Vulnerability Scan History in the CYRISMA instance. Lo

How to Deploy CYRISMA Agents in a Prospecting Scenario

Published January 22nd, 2025 by Liam Downward

Understanding the Prospecting Scenario In a prospecting scenario, the goal is to perform targeted scans that provide a snapshot of the client’s cybersecurity vulnerabilities and compliance posture. Typically, this involves: Deploying a limited number of agents to key systems. Running scans to identify vulnerabilities or sensitive data exposure. Pres

Agent Compatibility with Data Scans: Mac and Linux Limitations

Published December 18th, 2024 by Liam Downward

Key Points to Note Unsupported Feature: Neither the Mac Agent nor the Linux Agent currently support performing data scans. Windows Agent Required: To perform a data scan on Mac or Linux devices, a Windows Agent must be used. This ensures the scan can run successfully. Common Issue: Selecting a Mac or Linux Agent for a data scan may cause the scan to

Vulnerability Scan History

Published September 20th, 2024 by Liam Downward

Navigating the Vulnerability Scan History At the top of the page, there is a Select Scan Type filter bar, allowing you to categorize the scan history by specific scan types. These categories include: All Scans: Displays every scan conducted, across all types. Internal Authenticated: Shows scans conducted internally with authentication credentials. I

Secure Baseline Scan Dashboard

Published September 20th, 2024 by Liam Downward

The Secure Baseline Scan Dashboard provides an overview of your scan performance, allowing you to track vulnerabilities based on system configurations and group policies. Key Features: Secure Baseline Scan Risk Grades: Displays risk grades for your scans, helping you understand how secure your instance is and where vulnerabilities exist. Scan scores

Syncro PSA Integration Guide

Published October 31st, 2024 by Liam Downward

1. Create API Token To establish a secure connection between CYRISMA and Syncro, you will need to create an API token with the appropriate permissions. Steps to Create a Token: Navigate to API Tokens: In the Syncro user interface, go to Admin > API Tokens. Create New Token: Click the ‘New Token’ button to initiate the token creation process. Conf

Understanding Grades for Targets Scanned in a Data Scan

Published December 27th, 2024 by Liam Downward

1. What Does an A+ Grade Indicate? An A+ grade typically reflects that the scanned item is low-risk when considered on its own. For example: Standalone IP Addresses: An IP address on its own generally poses minimal risk because it lacks meaningful context. If someone were to access just the IP address without any accompanying information (e.g., inte

Can Vulnerability and Secure Baseline Scanning Be Conducted on Disconnected Machines?

Published December 18th, 2024 by Liam Downward

How It Works Self-Scanning by Installed Agents : Each installed agent is capable of performing self-scanning directly on the machine where it resides. This allows for comprehensive vulnerability and secure baseline assessments without requiring real-time network connectivity. Scheduled Scans: Agents can be configured to run scheduled scans at predet

Scanning Issues in Secure Baseline

Published December 4th, 2024 by Liam Downward

Issue: Clarification on Scanning Representative Machines Problem Users are scanning all devices in their environment without realizing they only need to scan representative machines based on Group Policy. Why This Matters Scanning all machines in environments with consistent Group Policy settings results in unnecessary scans and redundant data. Best

Vulnerability Scan in Progress

Published September 20th, 2024 by Liam Downward

Real-Time Scan Monitoring The Vulnerability Scan in Progress table displays all active scans with live updates. Each row in the table represents an individual scan, showing key details such as: Scan Name: Unique identifier for the scan, set at creation. Issued By: The user who initiated the scan. Completed Targets: Number of targets that have been f

Linux Agent Compatibility with SuSe Linux 15

Published November 27th, 2024 by Liam Downward

Is the Linux Agent Compatible with SuSe Linux 15? Yes, the Cyrisma Linux agent is compatible with SuSe Linux 15. However, it's important to note that the installation process for SuSe Linux 15 currently requires a Debian-based package (.deb). At this time, .rpm-based package installations are not supported. Installation Recommendations If you're loo

Video: How to Create an External Web Application URL Scan

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Understanding Authenticated vs. Unauthenticated Vulnerability Scans in CYRISMA

Published June 24th, 2025 by Liam Downward

🔐 What Are Authenticated Scans? Authenticated scans are performed using valid credentials (local, domain, or Entra) that allow deeper access into a system. When configured correctly, these scans return the most accurate, detailed picture of a device’s security posture. Data collected includes: Installed software, patch levels, and OS hotfixes Runnin

Removing Retired or Incorrect Agents from Reports

Published November 27th, 2024 by Liam Downward

Issue Agents that have been retired or do not belong to a specific group (e.g., DCG) are still appearing in reports, even after being removed from the instance. Steps to Address the Issue 1. Verify Agent Removal Confirm that the retired agent (e.g., Host-SQL95) is no longer active in your environment by navigating to Admin > Scan Agents. For agen

Resolving "No ARF File Found" Error Due to PowerShell Timeouts

Published May 28th, 2025 by Liam Downward

What is an ARF File? The Asset Reporting Format (ARF) file contains the results of the full vulnerability scan performed by the CYRISMA agent. When this file is missing, it indicates the scan did not complete successfully. Root Cause The scan process in CYRISMA runs in two stages: Preliminary Checks – These gather basic data (open ports, weak SSL/TL

Is PsExec and SDelete Required on Every Device?

Published December 20th, 2024 by Liam Downward

Key Components and Their Roles PsExec: Purpose: Enables the agent to perform remote machine scans by facilitating communication with target devices. When Needed: PsExec is only required for remote scans. If the agent is scanning its own host (local machine), PsExec is not utilized. SDelete and SDelete64: Purpose: Securely deletes files identified du

How to use the Patch Manager and Root Cause Analysis

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Video: How to Deploy Agents

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Why Is Patch Data Missing After Running an Internal Scan?

Published November 27th, 2024 by Liam Downward

Issue After initiating an internal scan, patch data does not appear in the Patch Manager, leaving users unclear on which patches are required for the customer’s environment. Resolution Steps 1. Verify Scan Completion Ensure that the internal scan has fully completed. Incomplete scans may not populate the necessary data in the Patch Manager. To confi

Halo PSA Integration Guide

Published October 31st, 2024 by Liam Downward

1. Create API Key To establish a connection between CYRISMA and Halo, you need to generate an API key. Steps to Create an API Key: Navigate to HaloPSA API: In the Halo user interface, go to Configuration > Integrations > HaloPSA API. Create New API Key: Click on the ‘New’ button to begin the API key creation process. Configure API Key Details:

How do I perform Continuous Scanning?

Published December 5th, 2024 by Liam Downward

Understanding Continuous Scanning "Continuous scanning" typically refers to the ability of a platform to run scans automatically at regular intervals, providing reassurance that the system is actively monitoring for vulnerabilities. In practice, continuous scanning is more about providing MSPs and administrators with the perception that a system is

How To Create an Internal Authenticated Vulnerability Scan

Published September 19th, 2024 by Liam Downward

Navigate to Schedule a Scan: Go to Vulnerability Scan > Schedule a Scan in your dashboard. Name the Scan: Enter a descriptive name for your scan, such as "VS_INT_Auth_1". Select Scan Type: From the dropdown menu, choose "Internal - Authenticated". Choose Agent or Agent Group: Select the desired agent for the scan. Alternatively, you can choose an

Understanding CYRISMA Scoring and How to Improve Your Grades

Published November 27th, 2024 by Liam Downward

1. Scoring for Data, Vulnerability, and Secure Baseline Scans How Scores Are Calculated:Scores are based on the s from completed scans, not on the remediation actions themselves. After you patch vulnerabilities, address sensitive data issues, or adjust OS configuration settings, your score will not immediately improve. You must run a new scan to ref

How to Suppress and Globally Suppress Vulnerabilities in CYRISMA

Published March 14th, 2025 by Liam Downward

Suppressing a CVE for a Specific Machine: Log in to the CYRISMA dashboard. Navigate to Vulnerability Scan and select Scan History. Select the machine containing the CVE to suppress. In the vulnerability list, find the CVE and click the three-dot (•••) menu. Select Suppress. This suppresses the CVE for the selected machine only. Provide a Justificati

Billing for Endpoints vs. Microsoft Licenses

Published November 26th, 2024 by Liam Downward

How Billing is Determined Our pricing model is based on the higher of two metrics: Endpoint Count – This includes the number of laptops, desktops, and servers being monitored. Microsoft Licenses – This includes the number of Microsoft user accounts being scanned and monitored for email activity. If a client has a higher count of Microsoft licenses c

How to Customize a Secure Baseline Scan by Suppressing Benchmarks

Published November 26th, 2024 by Liam Downward

Steps to Customize Your Secure Baseline Scan Navigate to Scan History Log into the CYRISMA platform. From the left-hand menu, select Scan History to access the list of previously conducted scans. Select the Secure Baseline Scan Find the specific Secure Baseline Scan you want to modify and click on it. This will open a detailed view of the scan resul

Troubleshooting the "Inaccessible OVAL File" Error

Published November 27th, 2024 by Liam Downward

Steps to Resolve the Error 1. Check Network Connectivity Ensure Stable Internet Access: Verify that the machine being scanned has a stable and reliable network connection. Firewall /Proxy Settings: If your organization uses firewalls or proxies, ensure that the necessary connections for accessing external databases are not being blocked. 2. Verify D

How to Add a Cloud Agent to Your CYRISMA Instance

Published November 27th, 2024 by Liam Downward

Step 1: Enable Cloud Scans for the Instance Before adding a cloud agent, you must enable cloud scans during the instance setup. Log into the MSP Interface: Use your MSP credentials to access the CYRISMA MSP portal. Navigate to the Instance Details: Go to the Organization Details Dashboard for the specific instance where you want to enable the cloud

Understanding Auto Patching in CYRISMA

Published February 26th, 2025 by Liam Downward

1. Enabling Auto Patching To enable Auto Patching in CYRISMA: Navigate to Admin > System Configuration. Locate the Auto Patch Installation setting. Toggle "Yes" to enable auto patching. Specify the Auto Patch Installation Delay, which determines when the patches will be applied after a vulnerability is detected. The default delay is 72 hours, but

How To Create a Secure Baseline Scan

Published September 19th, 2024 by Liam Downward

Step 1: Navigate to Secure Baseline Scan Access the Scan Scheduler: Go to Secure Baseline -> Schedule a scan. Step 2: Configure the Scan Name the Scan: Provide a descriptive name for your scan, for example, "SB_Compliance_Sample_1". Select Desired Agent: Choose a specific agent, or select an agent group to have multiple agents scan simultaneously

Central Vulnerability Manager

Published March 25th, 2025 by Liam Downward

Accessing the Central Vulnerability Manager Log in to your MSP Portal within CYRISMA at msp.cyrisma.com On the top navigation panel, select Central Vulnerability Manager at the top. Key Features Unified Vulnerability Visibility Aggregates vulnerability data from all your customer instances. Provides detailed insight into both third-party and Windows

Windows Patching – Understanding the Process and Best Practices

Published February 25th, 2025 by Liam Downward

How Windows Patching Works Microsoft regularly releases patches to address security vulnerabilities, fix bugs, and enhance system performance. These patches are typically delivered through cumulative updates, known as roll-up patches, which bundle multiple updates together. Roll-up Hot Patches Cumulative Updates: Microsoft consolidates multiple patc

Why Can't I Undo a Patch Done by CYRISMA?

Published March 17th, 2025 by Liam Downward

Why Doesn’t CYRISMA Allow Automatic Rollbacks? Currently, CYRISMA is designed as a proactive security tool to quickly remediate vulnerabilities identified in your environment. Once a patch or configuration change is applied through the CYRISMA agent, it cannot be reversed automatically. This design ensures consistent security baselines and complianc

Managing Aged Devices in CYRISMA: Best Practices and Billing Guidance

Published January 22nd, 2025 by Liam Downward

How CYRISMA Tracks and Bills Devices CYRISMA considers a device a billable target under the following conditions: Agent Installation: Devices with CYRISMA agents installed are tracked and counted as targets. Network Discovery: Devices identified via network discovery and added as "mergeable targets" are also billed until manually removed. Devices re

ConnectWise PSA Integration Guide

Published October 31st, 2024 by Liam Downward

1. Create Security Role ConnectWise API access functions under the rights of the assigned API account using role-based security. It is essential to avoid using a pre-existing role such as “Admin” for the API account. Instead, create a dedicated role with sufficient rights to perform necessary API actions. Steps to Create a Role: Navigate to Security

CYRISMA Setup Guide: Integrating with PSA Platforms

Published October 31st, 2024 by Liam Downward

Logging into CYRISMA Access the Managed Service Interface: Log into the CYRISMA Managed Service interface at https://msp.cyrisma.com . PSA Configuration Overview Individual instances within CYRISMA are organized hierarchically into a list of organizations and instances. Important: PSA configuration must be performed at the organization level, not at

How to Change the Secure Baseline Profile for Targets

Published November 25th, 2024 by Liam Downward

Steps to Change the Secure Baseline Profile Access Admin Settings Navigate to Admin > Targets. Edit the Desired Target Locate the target you want to modify in the target list. Click the pencil icon in the Update column for the target. Change Secure Baseline Profile In the Secure Baseline Profile drop-down menu, select DISA STIG. Save the changes

Deploying CYRISMA Agent via Microsoft Intune (with Detection Rules)

Published May 22nd, 2025 by Liam Downward

Applies to: CYRISMA Windows Agent Deployment Use case: Deploy the CYRISMA Agent through Microsoft Intune using a Win32 app package and validate installation using file or registry detection rules. 🧰 Step 1: Prepare the Batch Script Create a batch script to download and install the CYRISMA agent silently. Save the following as Install_CYRISMA.bat: @e

Handling Dark Web Monitor Results in CYRISMA

Published March 25th, 2025 by Liam Downward

Step 1: Identify the Exposed Data When reviewing the results, pay close attention to the following data fields: Email Addresses: Identify any corporate or employee-associated addresses. Passwords: Check for plaintext or weakly hashed credentials. Data Breach Source: Determine where the breach occurred (e.g., specific platforms or databases). Breach

Stellar Cyber Integration

Published September 19th, 2024 by Liam Downward

Connector Overview: CYRISMA Capabilities Collect Yes Respond No Native Alerts Mapped N/A Runs on DP Interval Configurable Collected Data Content Type Vulnerabilities Hosts Response Actions Action Index Syslog Linux Syslog Assets Third-Party Native Alert Integration Details Field Details Required Fields N/A Required Credentials API Name API Ke

Google Workspace Scanning

Published September 20th, 2024 by Liam Downward

Navigate to Admin, click on Integrations and select Google as the Credential Type: Access to Google Cloud by the CYRISMA agent is enabled via a JSON security file provided by Google. The overview steps to generate this file are shown here: With the above overview in mind, follow the detailed guide below to generate the JSON security file. 1. CREAT

CYRISMA CyBroker Sensor Preparation and Setup

Published October 30th, 2024 by Liam Downward

The CYRISMA “CyBroker Sensor” is used to scan targets within the LAN subnet where the sensor is installed. Data Sensitivity scans can take place against any UNC file path hosted by a Target and Vulnerability/Baseline scans can take place against Windows, MAC and Linux machines on the local network. CYRISMA Command Center Web Application receives sca

Setting Up and Using Custom Regex in CYRISMA

Published January 22nd, 2025 by Liam Downward

1. What is Custom Regex ? Regular expressions (regex) are sequences of characters that define search patterns for text. CYRISMA's custom regex feature enables users to create personalized search patterns to identify unique sensitive data types, such as: Internal identifiers (e.g., employee IDs, project codes) Industry-specific information (e.g., SIN

Alternative CYRISMA Installation Script for Windows

Published March 3rd, 2025 by Liam Downward

Prerequisites Administrator privileges on the machine where the agent is being installed. Internet access to download the CYRISMA installer. Ensure bitsadmin is enabled on the system (available by default on Windows). Installation Methods There are two versions of the script: With Auto-Provisioning Enabled (Automatically registers the agent). Withou

How Do I Address CVE-2022-0001 in CYRISMA and Confirm It Is Resolved?

Published December 23rd, 2024 by Liam Downward

Steps to Address CVE-2022-0001 Apply the Registry Fix for Windows Devices (Intel Processors): To mitigate CVE-2022-0001, apply the following registry updates: Copy code reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0x00800000 /f reg add "HKEY_LOCAL_MACHINE\S

How to Create a Custom GRC Framework in CYRISMA

Published July 10th, 2025 by Liam Downward

1️⃣ Start the Custom Framework Builder Click on "Create Custom Framework" in the top-right corner of the Compliance Assessment page: 2️⃣ Open the GRC Framework Builder In the builder interface: Enter a custom name for your new framework at the top. At the bottom-left, you can define custom domains (categories or focus areas). On the right-hand side,

Shadow IT: Application & Plugin Visibility and Risk Grading

Published April 25th, 2025 by Liam Downward

Why It Matters Without proper visibility into installed applications across client systems, organizations face significant challenges: Security risks from unapproved or outdated software Compliance gaps from missing software controls Operational inefficiencies in inventory management With Shadow IT, CYRISMA bridges this gap by giving you a clear, ri

How to Install the CYRISMA Agent for Mac OS

Published September 20th, 2024 by Liam Downward

Downloading the CYRISMA Agent To download the CYRISMA Agent package: Log in to your CYRISMA instance. Navigate to Admin > Scan Agents. Choose the appropriate installer based on your Mac's architecture: Intel x64: CyBroker_Installer.pkg Arm 64 (Apple M1/M2/M3): CyBroker_Installer_Arm64.pkg Granting Full-Disk Access to Terminal Important Note: Befo

How to Update an Instance Name in CYRISMA

Published November 25th, 2024 by Liam Downward

Steps to Update the Instance Name Log into the MSP Interface Access the CYRISMA MSP dashboar d using your login credentials. Navigate to the Organization Details Select the organization for which you want to update the instance name. Open the Organization Details dashboard. Edit the Instance Name Locate the row displaying the instance address. Click

How to use Network Discovery to find Targets

Published September 19th, 2024 by Liam Downward

Navigate to Targets: Visit Admin > Targets in your dashboard. Choose Network Discovery: Select the Network Discovery option to start the process of scanning for available targets. Fill in the Details: Enter the required information for the network discovery. Note that the agent must have admin credentials to access machines in the subnet being sc

Network Discovery in CYRISMA: A Comprehensive Guide

Published January 22nd, 2025 by Liam Downward

1. What is Network Discovery? Network discovery is the process of identifying all devices and endpoints connected to a network. This includes servers, workstations, IoT devices, printers, routers, and more. By performing network discovery, you can: Map the organization's network topology. Identify unknown or rogue devices. Prepare for targeted scans

Setup Dark Web Monitor

Published September 20th, 2024 by Liam Downward

Dark Web Enrollment The Dark Web section in CYRISMA offers two primary monitoring options: Domain Monitor Monitors your organization's domains across dark web sources Select the "Domain Monitor" option from the enrollment page Configuration is simplified with clear domain entry fields Email Address Monitor Allows monitoring of specific email address

Maximizing CYRISMA’s 30-Day Free Consulting Instance for Prospecting

Published March 4th, 2025 by Liam Downward

Step 1: Plan Your Prospecting Strategy Before deploying the 30-day free instance, define your goals: Identify the scope of the assessment. Determine how many endpoints you’ll deploy agents on. Plan the assessment deliverables and highlight the value of your managed services. Ensure a clear action plan for what will be accomplished within the 30-day

How to Remove Access to Microsoft 365 Cloud

Published November 25th, 2024 by Liam Downward

Issue Removing access to Microsoft 365 (M365) Cloud for a client. Solution To fully remove access to M365 Cloud, follow these steps: Navigate to the Integration Settings Log in to the CYRISMA platform. Go to the Admin section and select Integrations. Remove Office 365 Credentials Locate the Office 365 Credentials section. Delete the existing credent

Why Can't I Provision Agents?

Published November 25th, 2024 by Liam Downward

Issue When attempting to provision agents in a CYRISMA instance, users with a "Tech" role in MSP may encounter an error due to insufficient permissions. This occurs because the "Tech" role in MSP maps to the "Security Administrator" role in the instance, which does not include provisioning permissions. Solution Understand Role Mapping The "Tech" rol

How to Setup MFA (Multi-Factor Authentication)

Published September 20th, 2024 by Liam Downward

Sign In: Visit msp.cyrisma.com and log in to your account. Navigate to Your Instance: In the left-hand pane, click on your top-level instance. Locate the "Update" button for the address section in the snapshot. Update the Address Information: MFA Method: You will see the "MFA Method" section. Follow the prompts to select or update your Multi-Factor

How to Differentiate Your CYRISMA-Powered Services

Published March 13th, 2025 by Liam Downward

Making Cybersecurity Simple Many businesses, especially small and medium-sized enterprises (SMEs), find cybersecurity complex and overwhelming. Use CYRISMA to simplify their security needs: Quick Deployment & Easy Use: Demonstrate how CYRISMA allows for a seamless onboarding experience. Clear Risk Data & Actionable Insights: Offer simple, ea

My Mitigation Plans

Published September 20th, 2024 by Liam Downward

Accessing Your Mitigation Plans View Assigned Plans: In the My Mitigation Plans section, you can see all plans assigned to you along with their status. Sorting Plans by Scan Type Use the Drop-Down Menu: At the top left of the section, utilize the drop-down menu to sort the plans by scan type. For this example, select Vulnerability Scan. Viewing Deta

Getting Started with CYRISMA: Your Self-Onboarding Guide

Published April 1st, 2025 by Liam Downward

1. 🔐 Log In to CYRISMA Start by accessing the MSP portal: 👉 https://msp .cyrism a.com/login If it's your first time logging in: Click Forgot Password Enter your email address (used as your username) Check your inbox for reset instructions Create a new password and log in 2. 🏁 Set Up Your First Customer Instance Get your first custo

What is the ARF File Error?

Published September 20th, 2024 by Liam Downward

Overview: The ARF error is a common issue encountered during scanning processes. This article explains the cause of the error and provides recommendations for improving your scanning experience. What Causes the ARF Error? The ARF error occurs when the host times out, resulting in a lost connection during the scan. This can happen for various reasons

N-able PSA Integration Guide

Published October 31st, 2024 by Liam Downward

1. Create API Key To facilitate the connection between CYRISMA and N-able, you will need to generate an API key. Steps to Create an API Key: Navigate to My Account: In the N-able user interface, click on ‘My Account’, located in your user sub-menu on the top navigation bar. Access API Keys Tab: From the My Account page, navigate to the ‘API Keys’ ta

Debian Support and Hardware Compatibility

Published November 20th, 2024 by Liam Downward

Why Our Agent Doesn’t Support Raspberry Pi 1. Debian Compatibility Across Architectures Debian Linux is a versatile operating system that can run on many hardware architectures, including: x86/x64 (Intel-compatible processors) ARM (used by Raspberry Pi and similar devices) 2. Processor Architecture Differences Raspberry Pi: Uses an ARM processor.

Resolving O365 Scan Issues Due to Password Requirements

Published November 27th, 2024 by Liam Downward

Issue O365 scans fail when using a global admin account due to invalid password configurations. The error highlights password requirements and disallowed special characters. Resolution Steps 1. Review Password Requirements Ensure the global admin account's password complies with the following rules: Must be at least 8 characters long. Must include a

Troubleshooting Vulnerability Scan Errors: Inaccessible OVAL File and No ARF File

Published May 27th, 2025 by Liam Downward

This article outlines the root causes and resolutions for two common errors encountered during vulnerability scans within CYRISMA: "Inaccessible Vulnerability OVAL File" "No ARF File" These errors are typically related to incorrect target configurations or PowerShell issues on the scanned machines. Issue 1: Inaccessible Vulnerability OVAL File Cause

Video: How To Generate a Cyber Risk Assessment Report

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Schedule a Vulnerability Scan

Published September 20th, 2024 by Liam Downward

1. Start New Scan In the Schedule a scan section, you can configure the key settings for a new vulnerability scan: Select a Scan Type: Choose the type of scan from the dropdown. Options include: Internal Authenticated: Scans internal network targets with authentication. Internal Unauthenticated: Scans internal network targets without authentication.

Video: How To Setup Microsoft Secure Score

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Video: How to Create a Compliance GRC Assessment

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

Why Are My Patches Not Disappearing?

Published November 27th, 2024 by Liam Downward

Issue Patches that have been successfully applied are still displayed in the vulnerability section of devices, even though they do not appear in the Root Cause Analysis. Cause This issue can occur if the affected devices have not been rebooted after the patches were applied. A reboot is often required to finalize the patching process and for the sys

Error Adding Agents to a Scan

Published November 25th, 2024 by Liam Downward

Issue When attempting to add agents listed under "Agents Awaiting Provisioning" to a scan, users encounter the error: “Problem while adding agent. Please try again later!” Cause This issue occurs because the agents must first be provisioned. However, provisioning agents requires Systems Administrator permissions. Users with the Security Administrato

Video: How to setup a Dark Web Monitor

Published February 28th, 2025 by Liam Downward

Your browser does not support HTML5 video.

How to Create a Compliance GRC Assessment

Published October 30th, 2024 by Liam Downward

Follow these steps to create a Compliance GRC Assessment for your client: Navigate to Compliance: Click on Compliance in the main menu. Select Compliance Assessment. Choose GRC Framework: From the available options, choose the specific GRC framework you will be assessing for your client. Fill Out Questions: Answer the questions related to the select

How To Generate a Cyber Risk Assessment Report

Published September 19th, 2024 by Liam Downward

How to Generate a Cyber Risk Assessment Report Once all the scans are complete, follow these steps to create your report: Access the Report Builder: Navigate to the Report Builder located on the left-hand side of the dashboard. Select the Cyber Risk Assessment Report: Click on the Cyber Risk Assessment Report option. Choose Scans to Include: In the