Scanning Issues in Secure Baseline
This article addresses issues raised by users regarding secure baseline scans in CYRISMA: Suppression functionality not working as expected. Clarification on scanning representative machines based on Group Policy. These insights aim to provide users with guidance on effective usage of the secure baseline feature and avoid common pitfalls.
Written by Liam Downward
Updated at December 4th, 2024
- User Manual
- Self Onboarding Guide
- Agents
- The Cyber Risk Assessment Process
- PSA Integrations
- General Questions and Troubleshooting
- The Cyber Risk Assessment Process (Video Tutorials)
- Sales and Prospecting Articles
- CYRISMA Partner Portal Access
- Glossary
- API Documents
- CYRISMA Change Log
- Support Ticket SLA
- Billing Questions
Table of Contents
Issue: Clarification on Scanning Representative Machines
Problem
Users are scanning all devices in their environment without realizing they only need to scan representative machines based on Group Policy.
Why This Matters
Scanning all machines in environments with consistent Group Policy settings results in unnecessary scans and redundant data.
Best Practice
- Scan a Representative Machine: Select one machine from each Group Policy to represent its settings.
- Avoid Scanning All Machines: If 100 devices share the same Group Policy, scanning all 100 devices is redundant.
How to Implement
- Identify the number of unique Group Policies in your environment.
- Select one machine from each Group Policy as a representative.
- Run secure baseline scans only on the selected representative machines.
Next Steps for Users
- Implement the representative machine scanning approach.
- Look for updates in CYRISMA documentation for clear instructions.
Additional Notes
- Group Policy Trends: While remote work has reduced the prevalence of Group Policy enforcement in some environments, it remains a key consideration for many organizations.
Conclusion
CYRISMA is committed to addressing these issues to improve user experience. For further questions or to report additional concerns, please reach out to our support team.