monkey/docs/content/reports/security.md

4.0 KiB

title date draft description
Security report 2020-06-24T21:16:10+03:00 false Provides actionable recommendations and insight into an attacker's view of your network

{{% notice info %}} Check out [the documentation for other reports available in the Infection Monkey]({{< ref "/reports" >}}). {{% /notice %}}

The Infection Monkey's Security Report provides you with actionable recommendations and insight into an attacker's view of your network. You can download a PDF of an example report here:

{{%attachments title="Download the PDF" pattern=".*(pdf)"/%}}

The report is split into three main categories:

Overview

The overview section of the report provides high-level information about the Infection Monkey's execution and main security findings.

High-level information

This section shows general information about the Infection Monkey's execution, including which machine the infection originated from and how long the breach simulation took.

Overview

Used credentials

This section shows which credentials were used for brute-forcing.

Used Credentials

Exploits and targets

This section shows which exploits were attempted in this simulation and which targets the Infection Monkey scanned and tried to exploit.

Exploits and Targets

Security findings

This section highlights the most important security threats and issues discovered during the attack.

Threats and issues

Recommendations

This section contains recommendations for improving your security, including actionable mitigation steps.

Machine-related recommendations

Machine-related recommendations

The network from the Monkey's eyes

This section contains the infection map and summary tables on servers the Infection Monkey found.

Network infection map

This section shows the network map and a breakdown of how many machines the Infection Monkey breached.

Network map

Scanned servers

This section shows the attack surface the Infection Monkey discovered.

Scanned servers

Exploits and post-breach actions

This section shows which exploits and post-beach actions the Infection Monkey performed during the simulation.

Exploits and PBAs

Stolen credentials

This section shows which credentials the Infection Monkey was able to steal from breached machines during this simulation.

Stolen creds