Help Center: Administration

Users Page

ADDING A NEW USER

To add someone new to the AA account:

  • Access the Administration Link on the left hand side of the screen.
  • Click on Users.
  • Click on 'Add User' on the right hand top of the screen.
  • Fill in the form and click on 'Save.'
  • AA will send an email to the new user along with log in instructions.
Photo of adding user

Pointers...

EDITING A USER

To edit the information for a user's AA account:

  • Access the Administration Link on the left hand side of the screen.
  • Click on Users.
  • Click on the blue pencil symbol to the left of the user's name.
  • Edit User information.
  • Click on 'Save.'
Photo of blue pencil

DELETING A USER

To delete a user from the AA account:

  • Access the Administration Link on the left hand side of the screen.
  • Click on Users.
  • Click on the red trash can symbol to the left of the user's name.
  • The system will ask you if you are sure you want to delete the user.
  • If yes, click on 'Delete.'
  • If no, then click on 'Cancel.'
Photo of delete

Organizational Tree

The hierarchy of your organization is represented in a tree view that can be minimized or expanded. If the hierarchical structure does not apply to your Organization then it is recommended you just create lateral nodes under the organization.

How to create

Photo or GIF of creating organization tree

Creating an Organization

  • Name
  • System Yes/No

What is a "System"?

A "system" is broadly defined as a collection of interconnected components that work together to achieve certain objectives or perform specific functions. These components can include hardware/devices, software, data, people, and processes. In Active Accreditation it only applies to devices.

For example, let's say we have a business called "Cyber Security LLC" that uses Active Accreditation. Let's say Cyber Security LLC has an application called "SecureMe" that includes a database server and a webserver. Let's say they have another application called "PentestMe" which is a console application that is designed to run on a single server. Their organization tree would have 3 nodes. A single node at the top with "Cyber Security LLC", under that you'd have systems for SecureMe and PentestMe and under the Devices page you would assign the servers to their respective system.

But what happens if I don't assign them to a system?

Any devices that you want to use in Active Accreditation should be assigned to a system in order for Active Accreditation to function as intended. Unassigned devices will still appear on the Active Monitoring Screen but they will not filter through the score as intended. It is highly recommended that you use systems and assign all of your devices within Active Accreditation.

Configuration of Business Rules

When you create a system there are some new parameters to add.

CIA

CIA triad represents the functions of information systems. It’s a commonly used model in cybersecurity. The origin of this model is not clear, but some sources suggest that it emerged over time as an article of wisdom among information security professionals. The concept of confidentiality was formalized in a 1976 U.S. Air Force study, the concept of integrity was laid out in a 1987 paper, and the concept of availability gained prominence after the 1988 Morris worm attack.

The model is useful for defining a comprehensive security posture since it adds another dimension to the data of system classification.

Mitigation Factor

Mitigation Factors can be applied when creating an organization for things such as enclave inherited posture or whatever else you may see fit. For example, if you have a firewall surrounding the perimeter of your isolated enclave, you may apply that as a mitigation factor to the organization. This means that your organization will have applied a Mitigation for your "Mitigation Risk Level" for your devices. This gets applied to all Devices under your Unit.

Active Overwatch Tab

The Active Overwatch tab contains Vulnerability Escalations and Stale Data Threshold.

Vulnerability Escalations

Vulnerability escalations are the rules that get applied to vulnerabilities to increase their risk level based on the number of days having crossed the threshold. For example, if you assign an escalation of 3 days to Medium, a Medium vulnerability will be escalated to a high after 3 days have elapsed without remediation or mitigation. It is required to assign at least 1 escalation in order to create a system.

Stale Data Threshold

Stale data threshold defines how long after the most recent import that the data will incur an additional escalation in the system. Each escalation adds an alert in the system and will cause increases to risk level in the Active Monitoring algorithm.