Cylitic determines a system’s security posture by gathering, analyzing, and scoring multiple data points about each system. These data points typically include:
- Whether the operating system in use is supported and receives timely security updates from the vendor.
- The amount and severity of unique software vulnerabilities on the system that require security patches.
- Whether the system drives are encrypted and only accessible to authorized users.
- Whether the system is operating with “least-privileges” or running as an administrator or privileged account.
- Whether the system is protected by a firewall that appropriately defends it from unauthorized network traffic.
- Other factors, which may be configured to support a customer’s unique security policies and controls.
After gathering, analyzing, and scoring these data points, Cylitic assigns a system security posture label that corresponds to the system's current risk level.
System Security Posture options:
- Excellent: This is an excellent security posture because the system has no issues.
- Good: This is a good security posture because the system only has a few issues.
- Needs attention: This is a low security posture that needs attention because the system has several issues.
- Poor: This is the lowest security posture because the system has many significant issues.
- Unmanaged: Cylitic is not installed, and the system is unprotected.