Web Gateway agent
Hello,during the analysis of the report of the Immediate Threats test “GLOBEIMPOSTER RANSOMWARE WITH MEDUSALOCKER SPREADING VIA RDP” we verified that the access to a malicious URL has been correctly blocked. The related event registered by the SIEM reports:The action is blocked because “Not allowed to use this browser” The useragent reported in the event is “useragent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36”Our doubt is related to the fact that none of the reported browser version is currently installed on the host where the agent is running. We would like to ask if the agent uses an internal browser that is different from the default one used on the host? Thank you in advance!Lucio
Service based agent connection
UPDATE: I just checked the console and now it appears to be connected. It looks like it takes about 10 to 15 minutes post-reboot to come up. Seems a bit long, but I’ll take it for now. :-) I recently installed the service based agent on three machines. Two are running Windows Server 2019 and the other is running Windows 10 Pro. The two machines running Windows Server are working properly. On the Windows 10 Pro machine, the service based agent will only connect to the gateway when the user account is logged on. Has anyone seen this? The PC is joined to an Azure AD domain, so it’s not a traditional AD setup. This agent is configured for the email assessments as well, while the other two are not. Any ideas on how to solve this, or is this expected behavior given how this machine is configured? Thanks.
Accessing the CLI
I have installed the latest Cymulate service based agent on my Windows 10 box. I cannot seem to find the CLI anywhere on the system. Is it installed with the agent installation or do I need to grab it from someplace on the site? When I open CMD as an admin and run any of the “cymulate” commands, it tells me that the command cannot be found.
Add profile to service based agent - Could not save profile
Hi,When I attempt to add a user profile for testing with a domain user, after I click add, the cymulate interface comes back with “Could not save profile”The profile creation does not work. Tried with a couple of existing domain accounts and a new one.Does anyone know how to resolve this issue?Thanks,Richard
Cloning real landing pages
Hello cymulate communityWe are designing Phishing campaigns and we would like to "clone" landing pages or login pages from our corporate websites because trying to copy them with the design tools is practically impossible.My users are trained to be wary of poorly designed pages. How do you load "realistic" templates for your campaigns? Thanks
Endpoint Security Assessment Report shows NO EDR INTEGRATION? How do we trust this report?
I have my EDR tool integrated with Cymulate. I ran an Endpoint Security Assessment which took almost 12 hours to complete with Cymulate Best Practice template but the generated report shows no EDR integrated and hence high risk score ! That sounds very ironic and confusing. Is this how it is supposed to work? Anyone facing similar issue?
Cymulate Cybersecurity Newscast
✅ Cisco success story.🎯 Russian propaganda gives away the location of the infamous Wagner group HQ in Ukraine.⚠️ Microsoft critical new recommendations for running Microsoft Exchange.https://www.linkedin.com/posts/cymulate_hi-welcome-to-the-cymulate-cybersecurity-activity-6965308053411741697-hTHD?utm_source=linkedin_share&utm_medium=member_desktop_web
How do you benchmark your organization's security posture vs. other organizations?
Hi Hatters!I believe that setting benchmarks to assess your organization’s security posture vs. other organizations is important to understand issues that are crossing regions, industries and more, and prioritize focuses to align your security posture with industry standards.Having said that, there’s lack of data visibility to security posture trends and it’s hard to find a single source of truth which is normalized and clarified for instant use.So, I wanted to ask:What kind of security benchmarks are you setting and tracking today? What are these benchmarks’ parameters? (by region, by industry, by organization’s size etc) Which data sources are you using to create the benchmark? Are you using any regulatory/standardized frameworks for benchmarks?Thank you!
Assurance process for mitigation steps
Having a mitigation assurance process is important for focusing engineering efforts and efficiently keeping up with the organizational security posture program.How do you currently assure findings from various assessments are properly mitigated by your engineering teams?
Already have an account? Login
LoginCUSTOMER / CYMULATE EMPLOYEE LOGIN
Login to the community
No account yet? Create an account
LoginCUSTOMER / CYMULATE EMPLOYEE LOGIN
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.