CYRISMA Quick Start Guide

Master the basics of the CYRISMA platform quickly and efficiently with this comprehensive Quick Start Guide.

Written by Liam Downward

Updated at November 22nd, 2024

+ More

Table of Contents

CYRISMA Quick Start Guide CYRISMA Agent Installation Guide

CYRISMA Quick Start Guide

Step 1: Understanding CYRISMA Licensing

CYRISMA licenses are based on either the number of End Points or Users, whichever has the highest count. This ensures the platform is scaled appropriately for your needs.

Step 2: ROI, TCO, and Revenue Generation

CYRISMA helps organizations increase revenue and reduce costs through its comprehensive security and compliance management. By consolidating security tasks and providing automation, the platform reduces time spent on manual processes and delivers measurable ROI.

Step 3: Agent-Based vs. Agentless

CYRISMA supports both deployment models:

Agent-Based: Ideal for continuous monitoring and detailed data collection from individual endpoints.
Agentless: Useful for network-based scanning without requiring software on individual endpoints.

Step 4: High-Level Overview of CYRISMA Features

Key CYRISMA features include:

Vulnerability Management
Data Classification
Secure Baseline Scanning
Dark Web Monitoring
Compliance Assessments (HIPAA, PCI, NIST, etc.)
Patch Management
Reporting and Dashboards

Step 5: Logging into the MSP Interface

To access the MSP interface:

Go to the CYRISMA login page.
Enter your credentials.
Upon first login, change your password and create additional user accounts via the Admin panel.

Step 6: Creating an Instance or Organization

From the MSP dashboard, create a new client instance by navigating to "Organizations" and selecting "Create New Instance." Provide the necessary information to set up the new organization.

Step 7: Logging into the Deployed Instance

Once the instance is deployed, you can log in using the instance-specific URL with the credentials created during setup.

Step 8: Quick Start – Collecting Data in 5 Minutes

Use the Quick Start feature to begin collecting data within 5 minutes. Access this feature from the instance dashboard to initiate your first scan quickly.

Step 9: Deploying CYRISMA Agents or Sensors

For Agent-Based deployment: Download the CYRISMA agent and install it on your endpoints.
For Agentless deployment: Configure a network sensor to perform agentless scans.

CYRISMA Agent Installation Guide

Overview:

The CYRISMA CyBroker Sensor is used to scan targets within a local network (LAN) for Data Sensitivity, Vulnerability/Baseline scans, and Agentless scans on various systems (Windows, MAC, Linux). The sensor communicates with the CYRISMA Command Center, which receives scan results.

Prerequisites:

Sensor Installation Requirements:

Must be installed on Windows Server (2012 R2, 2016, 2019) or Windows 10/11 Workstations.
Ensure communication with cyrisma.com domain (configure web filters/firewalls to allow access).
Anti-virus should exempt C:\Cyrisma_Agent, and Anti-Spam should allow mail from cyrisma.com.
.NET Framework 4.7.2 is required; install this prior to setup if not already present.
Create a local network admin account with necessary rights to perform scans on network machines.

Sensor Installation Steps:

Log into the Cyrisma Command Center, generate the Windows Installation Key, and retrieve the agent installer.
Download and run the installer on the target machine using the generated key and instance URL.
Optionally, deploy via command line using the /verysilent and /role=sensor options for silent install or network scanning mode.
After installation, the agent contacts the Command Center for provisioning.
Optional Feature - Auto Provisioning:
- By default, after installation, the agent must be provisioned manually in the Command Center.
- To automate provisioning during installation, use the /autoprovision=yes switch in the command line.
- Example Command:=
- Cyrisma_Setup /verysilent /key=nnnn-nnnn-nnnn /url=https://ccNNNNNN.cyrisma.com /autoprovision=yes
- The autoprovision switch must be placed after the key and URL switches with no spaces around "=" signs.
- This feature is useful for large-scale deployments but should be used carefully to prevent accidental agent installations.

Agent Provisioning:

Once installed, log into the Command Center, select the agent, and provide network credentials for sensor-based scanning.
Adjust security policies to exclude or allow CYRISMA components (C:\Cyrisma_Agent) in Endpoint Protection.

Endpoint Protection Compatibility:

Local Scanning: The agent runs as “System” with local machine access rights.
Network Scanning: The agent uses a service account with specified credentials to scan other network machines.

If Endpoint Protection detects or blocks the agent, modify security settings to allow CYRISMA. This can include adding exclusions for specific agent executables such as:

DataSpotliteAgent.exe
psexec.exe
cytcp.exe
fileconv.exe
And others as listed in the document.

Conclusion:

Ensure the agent is properly installed and provisioned before starting network scans. Endpoint security systems may need configuration changes to avoid interference with CYRISMA’s operations.

Installation Guide

For step-by-step instructions and important notes on integrating CYRISMA with your environment, please review the official CYRISMA Agent Installation Guide here:

Step 10: Risk-Based Vulnerability Management

CYRISMA provides various methods of vulnerability management:

Internal Authenticated/Unauthenticated Scanning
External IP Scanning
Web Application URL Scanning Additionally, it integrates Patch Management to help automate the remediation process.

Step 11: Data Classification Setup

Set up data classification scans for both on-premise and cloud environments to identify and protect sensitive information.

Step 12: Secure Baseline Scanning

Perform secure baseline scans to evaluate your operating system's security configurations and detect vulnerabilities.

Step 13: Dark Web Scanning

Configure Dark Web monitoring to detect and alert on compromised data. Review and analyze results to take corrective action where needed.

Step 14: Compliance Monitoring

Leverage CYRISMA’s compliance tools:

Industry Comparison: Benchmark against industry standards.
Active Directory Monitoring: Detect and mitigate weaknesses in directory structures.
Microsoft Secure Score: Enhance security in Microsoft environments.

Step 15: Compliance Assessments

CYRISMA provides assessments for frameworks like HIPAA, PCI, and NIST. These assessments are valuable for ongoing compliance and can serve as a revenue stream for managed services.

Step 16: Mitigation Plans

Assign and track mitigation tasks within CYRISMA for:

Data Classification
Vulnerability Management
Secure Baseline Both internal teams and clients can manage and track responsibilities for ongoing security improvement.

Step 17: Report Builder and Reporting

CYRISMA’s report builder allows users to generate detailed reports from scans, assessments, and dashboards. Reports can be customized and exported in multiple formats, such as PDF and CSV.

Step 18: System Configurations

Configure the platform to optimize performance and security:

Set Secure Locations: Define where sensitive data is stored.
Manage Memory Usage: Monitor and optimize memory usage.
Scan Agents and Targets: Configure scan agents and assign specific scanning targets.
Cloud Integrations: Integrate with AWS, Azure, Google Cloud to scan cloud environments.

Step 19: Configuring MSP and Client Instance for PSA Integration

CYRISMA integrates with popular PSA systems like ConnectWise, Autotask, HaloPSA, and N-able. To configure the integration:

For MSP: Access the “PSA Integrations” settings in the MSP dashboard.

For Client Instances: Configure API credentials for each instance to enable seamless PSA integration, allowing ticket generation and compliance data synchronization.