Cylitic determines a system’s security posture by gathering, analyzing, and scoring multiple data points about each system. These data points typically include: 

  • Whether the operating system in use is supported and receives timely security updates from the vendor.
  • The amount and severity of unique software vulnerabilities on the system that require security patches.
  • Whether the system drives are encrypted and only accessible to authorized users.
  • Whether the system is operating with “least-privileges” or running as an administrator or privileged account.
  • Whether the system is protected by a firewall that appropriately defends it from unauthorized network traffic.
  • Other factors, which may be configured to support a customer’s unique security policies and controls.

 

After gathering, analyzing, and scoring these data points, Cylitic assigns a system security posture label that corresponds to the system's current risk level.

 

System Security Posture options:

  • Excellent: This is an excellent security posture because the system has no issues.
  • Good: This is a good security posture because the system only has a few issues.
  • Needs attention: This is a low security posture that needs attention because the system has several issues.
  • Poor: This is the lowest security posture because the system has many significant issues.
  • Unmanaged: Cylitic is not installed, and the system is unprotected.