Cyberwatch Documentation
1. Overview
Cyberwatch is a Vulnerability Monitoring software.
Its purpose is to facilitate the management of vulnerabilities published by authorities, from detection to decision.
Cyberwatch generates helpful dashboards to assess the IT risk with the appropriate context and to provide decision support.
This section of the software is the technical documentation of Cyberwatch.
2. Use the Assets management module
- 2.1 Assets discoveries
- 2.1.1 Network scans
- 2.1.2 LDAP / Active Directory
- 2.1.3 VMware
- 2.1.4 Amazon Web Services
- 2.1.5 OpenStack
- 2.1.6 DNS
- 2.1.7 WHOIS public database
- 2.1.8 Google Cloud Platform
- 2.1.9 Microsoft Azure
- 2.1.10 Docker images
- 2.1.11 Nutanix
- 2.1.12 Declarative discoveries
- 2.1.13 Industrial scans
- 2.2 Presentation of different Cyberwatch scan modes
- 2.3 Add an asset
- 2.3.1 Cyberwatch agent
- 2.3.1.1 Add an asset in Cyberwatch in agent-based mode
- 2.3.1.2 Prerequisites for assets monitored in agent-based mode
- 2.3.1.3 Technical details on Windows agent
- 2.3.1.4 Technical details on Linux agent
- 2.3.1.5 Technical details on macOS agent
- 2.3.1.6 Include Cyberwatch agent in a template
- 2.3.1.7 Use the Cyberwatch agent command line
- 2.3.2 Agentless connections
- 2.3.2.1 Add an asset in Cyberwatch in agentless mode
- 2.3.2.2 Assets prerequisites for agentless connections
- 2.3.2.3 Troubleshoot errors when adding an agentless connection
- 2.3.2.4 Technical information on agentless connections for Windows systems
- 2.3.2.5 Technical information on agentless connections for Linux systems
- 2.3.2.6 Use WALLIX for agentless connections
- 2.3.2.7 Use Conjur for agentless connections
- 2.3.2.8 Use HashiCorp Vault for agentless connections
- 2.3.2.9 Import agentless connections using an XLSX file
- 2.3.3 Add air-gapped assets through a form
- 2.3.4 Add a Docker image
- 2.3.5 Add a network target or a website
- 2.3.6 Add a cloud project
- 2.3.1 Cyberwatch agent
- 2.4 Assets status
- 2.5 Delete an asset
- 2.6 List of supported operating systems
- 2.7 Syntax for assets comments
3. Vulnerability management
- 3.1 Vulnerability scans
- 3.2 Ignore a vulnerability
- 3.3 Deploy a security fix
- 3.4 Reboot an asset
- 3.5 Manually apply a corrective action
- 3.6 Windows cab file usage
- 3.7 List of software monitored by Cyberwatch scans
- 3.8 List of optional Cyberwatch scans
4. Compliance management
- 4.1 Rules evaluation
- 4.2 Add repositories to assets
- 4.3 Default repositories
- 4.4 Apply a CERTFR_AD analysis to an Active Directory asset
- 4.5 Use the Compliance Custom module
- 4.6 Add benchmarks
5. Encyclopedias
- 5.1 Vulnerability encyclopedia
- 5.2 Description of Cyberwatch compliance repositories
- 5.3 Use security issues
- 5.4 Perform a search
- 5.4.1 Use saved queries
6. Reports
7. Settings
- 7.1 Scanning policies
- 7.2 Use custom analyses
- 7.2.1 Declarative data syntax
- 7.3 Use the criticality policy to prioritize vulnerabilities
- 7.4 Automatically exclude vulnerabilities
- 7.5 Deployment and reboot policies
- 7.6 Manage custom repositories
- 7.7 Rules
8. Manage Cyberwatch users
- 8.1 Manage Cyberwatch users
- 8.2 Manage rights of Cyberwatch users
- 8.3 Permissions
- 8.4 Password-less accounts and use cases
9. Cyberwatch API Documentation
10. Administration
- 10.1 Configure a LDAP directory
- 10.2 Configure the SAML Service Provider
- 10.3 Authentication through OpenID Connect
- 10.4 Integrations
- 10.5 Configure Cyberwatch to use a remote Syslog server
- 10.6 Using Gravatar
11. Administration of the Cyberwatch software
12. Advanced guides for the administration of the Cyberwatch software
- 12.1 Description of cbw-on-premise services
- 12.2 Update the base of the orchestrator
- 12.3 Troubleshooting
- 12.4 Docker configuration
- 12.5 Advanced configuration of Cyberwatch web front end server
- 12.6 Advanced configuration and administration of Cyberwatch database
- 12.7 Offline administration guides
- 12.8 Procedure to change the hostname of a Cyberwatch node
- 12.9 Migrate Cyberwatch from Docker Swarm to MicroK8s
- 12.10 Procedure for renewing TLS certificates on master and satellite nodes
- 12.11 Advanced use of the cyberwatch command
- 12.12 Migrate a Cyberwatch instance to another server
- 12.13 Configure the number of concurrent jobs executed by the application
13. Cyberwatch deployment
14. Changelog
Changelog of the Cyberwatch software
15. Technical support
For any technical question, please contact the Cyberwatch support:
- by e-mail at support@cyberwatch.fr
- by phone at +33 1 84 80 88 84
16. Newsletter
A newsletter alerting about publication of new Cyberwatch releases can be automatically sent to users.
The newsletter includes the changelog of updates and tips on how to use new features.
To subscribe to this newsletter, please fill this form with your e-mail address.