Forum Replies Created
-
Posts
-
Yes. Not just CVEs, we do provide information about misconfigured controls, posture anomalies, missing patches, and more risks.
Absolutely, we can filter reports based on what is necessary to be displayed (By asset, by host etc). Additionally we can customize reports and create templates as well, and automate report generation based on the necessity (Daily, Weekly, Monthly).
Agents are provisioned to auto start once the machine starts up. Based on the provisioning done by the user, any software will also be installed once the agents are up and running. Deployment of agents can happen in a variety of ways.
We have a roadmap for BIOS updates yes. By March (Release 6.2) is when we can expect the release of BIOS updates.
If we were to talk about best practices from a SanerNow POV, there’s no official documentation now. However, we can make use of the EM, RP and PA modules to gain further traction in combating Zero-Day and Critical vulnerabilities. Please refer to the blog below for additional information regarding SanerNow and Zero-Day Attacks. https://www.secpod.com/blog/custom-scripting-in-sanernow-to-remediate-zero-day-vulnerabilities/
One likely outcome is because the communication between the agent and the web socket is interrupted (maybe because of a firewall), causing the agent to turn inactive.
Latest patches are always cumulative for 3rd party. Once 2.y is released it will include the previous fixes cumulatively, whatever were present 2.x or lower versions. The only exceptions being the vendor is maintaining multiple version ranges, mostly happens with developments tools like Java, Python or Wireshark. If the vendor maintains multiple simultaneous ranges, then we would upgrade to the same range. Fore example if as of today Java 8 and 11 both are supported and are maintained, if your machine has 8.x we upgrade to latest version of 8.x, similarly if you have vulnerable 11.x we would migrate you to latest version of 11.x.
We have our cloud deployments in US (AWS Oregon) and Europe (AWS Berlin). You can choose which deployment you want to use if you choose the cloud deployment. I am not aware of any local law that enables GOI from accessing your data since it isn’t under local jurisdiction.
“Persistent vs. Non-Persistent VDI Environments:
Persistent VDI Environment: Each user has their own dedicated virtual desktop that retains changes and configurations.
Non-Persistent VDI Environment: Users are provided with a standard desktop image that resets after each session.
Integration of Agents in the Golden Image:
Agents are included in the golden image, simplifying deployment and ensuring they’re pre-installed and ready for activation.
Agent Activation Process:
Agents within the golden image are initially inactive but automatically connect to the Anchor server upon VDI instance provision to activate.
Agent Uninstallation:
Agents can be uninstalled manually or via a silent parameter during VDI decommissioning, ensuring proper removal without manual intervention.
If any queries persist, please feel free to reach out and I’ll be happy to help out.”
No minimum asset count as such. We only have a minimum monthly bill of USD 200 per month. Which would mean you need to have about 70 devices, in case you subscribe to the full suite of applications/modules. I can share more about pricing on our call.
