Target Status Overview

The Target Status Overview provides a snapshot of all targets in your instance, their scan status, and patch information. Navigate through tabs to view:

• Agents/Total Targets: Lists all agents and their associated targets.
• Unscanned Targets: Targets that have not yet undergone scanning.
• Patched Targets: Targets with successfully applied patches.
• Target Scan Summary: Overview of scan status by category.
• Network Assets: Devices discovered on the network.

Additionally, you can filter the view by Operating System to focus on specific target types.

Adding Targets

Targets can be added to CYRISMA through three main methods:

1. Manual Addition

• Use the Add New Target button for individual target entries.
• Recommended for scenarios where only a small number of targets are being added manually.

2. Bulk Upload

• Upload a CSV file containing details of multiple targets.
• This is ideal for adding large groups of targets efficiently.

3. Network Discovery Scan

• Perform a scan of a network subnet using an agent installed within the subnet.
• Discovered targets can be selected and imported into the system.

Add New Target

To manually add a new target, complete the required fields:

• Host Name: The operating system-recognized name of the target.
• Host FQDN: Fully Qualified Domain Name.
• IP Address: The internal/local IP address of the target.
• Machine Hardware ID: Typically the BIOS serial number (retrieve using wmic bios get serialnumber in an admin command prompt).
• On Domain: Indicate if the target is part of an Active Directory Domain.
• Data Scan Locations: Specify default network shares or local disk scan locations (optional).
• Defined Type: Default is File Share, unless directed otherwise.
• Operating System: Select from the dropdown of supported OSs. Unsupported OSs can still be scanned during unauthenticated scans.
• SQL Authentication: Default is Not Required, unless directed otherwise.
• Vulnerability Profile: Choose a profile matching the target’s OS.
• Secure Baseline Profile: Select a profile and sub-profile that aligns with the OS and configuration of the target.
• File Integrity Profile: Choose Windows or Linux, or select Not Required.
• Target Status: Targets are set as "Enabled" upon entry. Existing targets can be disabled or deleted.
• Information Fields: Results include OS End of Life status, security applications, and open ports.

Deploying Agents

Deploy agents on target machines for authenticated scanning using:

• Domain Group Policy script
• PowerShell script
• Remote Management tools

Once agents are deployed, accept them using the Scan Agent -> New Agent feature under Admin -> Scan Agents.

Network Discovery

The Network Discovery feature scans subnets to discover local IP devices. Results include all discovered devices, with supported OSs automatically included as targets.

Steps to Perform a Network Discovery Scan:

Initiate Discovery: Click Network Discovery and then Add New.

Configure Scan:

• Scan Name: Identify the scan.
• IP Address: Specify IP ranges or subnet notations.
• Credential: Use a configured default credential or specify one for the scan.
• Scan Schedule: Choose to run the scan immediately, schedule it for a future date, or set up recurring scans.
• Notification: (Optional) Select a recipient for scan completion notifications.
• Sensor: Select an agent to perform the scan.

Submit: When all fields are complete, submit the scan. Duration depends on the number of devices scanned.

Viewing Results:

• Click on the scan name to see a detailed list of discovered devices.
• Add selected targets into the system for future scans.

Key Features and Recommendations:

• CSV Uploads: Ideal for scaling target additions.
• Manual Additions: Reserved for one-off or small batches of targets.
• Network Discovery: Best for initial scans and identifying unmanaged devices.