Overview

In beSECURE, assets are hostnames or IP addresses. Asset groups are used as a filtration option. You can create an asset group using hosts from multiple scans or from the same scan.


Example 1: If a scan is running for a Linux server, Windows server, and desktop IP addresses, you can create an asset group just for the Linux server. This creates an option for a “filtered” report only for the Linux server.


Example 2: There are five different scans running. The asset group allows data from different scans to be combined into groups to show vulnerabilities.


beSECURE can display vulnerability information in two different views:

  • IT Assets-Designed for IT personnel
    • Displays Organization, Scan Name, Host, Risk, Vulnerability Name, Service and Port, and Scan Date information.
    • The hyperlinks in the data table go directly to the specific Vulnerability Details page in beSECURE.
  • OT Assets- Operational Technology
    • Displays Organization, Scan Name, Operating System, Host, Net BIOS, Log, Manager, and Scan Date information.
    • The hyperlink for the hosts shows the specific ports the vulnerabilities were found on.
    • The Manager option allows you assign assets to a person and creates a log displaying who the manager switched to, and what notes the manager kept.
    • The “Previous Findings” option compares past data to with current data.


Creating an asset group

To create an asset group, do the following:

  1. Log in to beSECURE.
  2. Select Results > Assets > Groups.
  3. Select the Newbutton.
  4. In the Name box, enter a name for the group.
  5. Select Apply.
  6. On the Asset Group List page, select the group you just created. 
  7. On the Asset Group Detailspage, you can set the following options:
    1. Settings tab - Assign a parent group if there’s a group hierarchy, assign a color to differentiate this group from others, and see which hosts are in the group.
    2. Automations tab- Allows an asset group to be configured with specific information using filters such as Hosts, Port, High, or Medium Risk. 
      1. Select Select one to add multiple automation options. For example, you can add a filter for hosts with more than one medium or high risk or vulnerabilities from a specific vulnerability category.
      2. The Primary Search Criteria is a general filter including the Organization and Scan Name.
      3. The Secondary Search Criteria allows you to add more specific filters.
    3. Permissions tab - You can assign a user to the “owned by” category giving that them control over the asset group.
  8. Select Save and Test to show how many matches are returned up for the asset group you are creating.
  9. Select Save and Run to save your changes and activate the asset group.
  10. If are making changes to an existing asset group, select Modify


To generate an HTML, PDF, CSV, or XML formatted report of the asset group, select the corresponding icon from the upper-right corner of the page.


Generating a report using the Asset Group option

To generate a report using the Asset Group option, do the following:

  1. Log in to beSECURE.
  2. Select Results > Reports.
  3. On the Report Download page, select Generate Report. The Generate report dialog appears.
  4. Select an Organization.
  5. Select a Scan name.
  6. Select a Scan Date.
  7. Select an Asset Group.
  8. Select a Report Type.
  9. Select Generate.


Searching for asset groups

To search for a specific asset group, do the following:

  1. Log in to beSECURE.
  2. Select Results > Assets > Search.
  3. On the Assets Search page, use the provided filters to search assets groups based on Scan Name, Operating System, Organizations, and Host Name.


Searching for vulnerabilities by asset group

To search for vulnerabilities by asset group, do the following:

  1. Log in to beSECURE.
  2. Select Results > Search.
  3. On the Vulnerability Search page, in addition to other filters, make a selection from the Asset Group box.


Viewing IT Assets

The IT Assets list contains a list of assets focused on vulnerabilities per asset. To view the IT Assets List, do the following:

  1. Log in to beSECURE.
  2. Select Results > Assets > IT Assets.
  3. Select an Asset Group, Organization, and/or Scan.
  4. Select Show.
  5. Your list of assets will appear. You can select a vulnerability to view its details.
  6. Select Export to generate an Excel report of these details.


Viewing OT Assets

The OT Assets list contains a list of assets focused on ports and operating systems. This list is designed to help with fixing issues per node, rather than per vulnerability. To view the OT Assets list, do the following:

  1. Log in to beSECURE.
  2. Select Results > Assets > OT Assets.
  3. Select an Asset Group, Organization, and/or Scan.
  4. Select Show.
  5. Your list of assets will appear. You can select an asset to see a list of its ports that have vulnerabilities, or a port to see a list of its vulnerabilities.
  6. Select Export to generate an Excel report of these details.


How IT and OT vary