2020-06-25 03:25:19 +08:00
---
title: "Security report"
date: 2020-06-24T21:16:10+03:00
draft: false
2021-01-05 04:29:04 +08:00
description: "Provides actionable recommendations and insight into an attacker's view of your network"
2020-06-25 03:25:19 +08:00
---
2020-07-09 23:31:17 +08:00
{{% notice info %}}
2021-04-09 21:35:18 +08:00
Check out [the documentation for other reports available in the Infection Monkey ]({{< ref "/reports" >}} ).
2020-07-09 23:31:17 +08:00
{{% /notice %}}
2021-02-22 20:06:56 +08:00
The Infection Monkey's **Security Report** provides you with actionable recommendations and insight into an attacker's view of your network. You can download a PDF of an example report here:
2020-07-09 23:31:17 +08:00
{{%attachments title="Download the PDF" pattern=".*(pdf)"/%}}
2021-02-22 20:06:56 +08:00
The report is split into three main categories:
2020-07-09 23:31:17 +08:00
- [Overview ](#overview )
2021-02-22 20:06:56 +08:00
- [High-level information ](#high-level-information )
- [Used credentials ](#used-credentials )
2020-07-09 23:31:17 +08:00
- [Exploits and targets ](#exploits-and-targets )
2021-02-22 20:06:56 +08:00
- [Security findings ](#security-findings )
2020-07-09 23:31:17 +08:00
- [Recommendations ](#recommendations )
2021-02-22 20:06:56 +08:00
- [Machine-related recommendations relating to specific CVEs ](#machine-related-recommendations-relating-to-specific-cves )
- [Machine-related recommendations relating to network security and segmentation ](#machine-related-recommendations-relating-to-network-security-and-segmentation )
2020-07-09 23:31:17 +08:00
- [The network from the Monkey's eyes ](#the-network-from-the-monkeys-eyes )
- [Network infection map ](#network-infection-map )
- [Scanned servers ](#scanned-servers )
- [Exploits and post-breach actions ](#exploits-and-post-breach-actions )
2021-02-22 20:06:56 +08:00
- [Stolen credentials ](#stolen-credentials )
2020-06-25 03:25:19 +08:00
## Overview
2021-02-22 20:06:56 +08:00
The overview section of the report provides high-level information about the Infection Monkey's execution and main security findings.
2020-06-25 03:25:19 +08:00
2021-02-22 20:06:56 +08:00
### High-level information
2020-07-09 23:31:17 +08:00
2021-02-22 20:06:56 +08:00
This section shows general information about the Infection Monkey's execution, including which machine the infection originated from and how long the breach simulation took.
2020-07-09 23:31:17 +08:00
![Overview ](/images/usage/reports/sec_report_1_overview.png "Overview" )
2021-02-22 20:06:56 +08:00
### Used credentials
2020-07-09 23:31:17 +08:00
2021-02-22 20:06:56 +08:00
This section shows which credentials were used for brute-forcing.
2020-07-09 23:31:17 +08:00
![Used Credentials ](/images/usage/reports/sec_report_2_users_passwords.png "Used Credentials" )
### Exploits and targets
2021-02-22 20:06:56 +08:00
This section shows which exploits were attempted in this simulation and which targets the Infection Monkey scanned and tried to exploit.
2020-07-09 23:31:17 +08:00
![Exploits and Targets ](/images/usage/reports/sec_report_3_exploits_ips.png "Exploits and Targets" )
2021-02-22 20:06:56 +08:00
### Security findings
2020-07-09 23:31:17 +08:00
2021-02-22 20:06:56 +08:00
This section highlights the most important security threats and issues discovered during the attack.
2020-07-09 23:31:17 +08:00
![Threats and issues ](/images/usage/reports/sec_report_4_threats_and_issues.png "Threats and issues" )
2020-06-25 03:25:19 +08:00
## Recommendations
2021-02-22 20:06:56 +08:00
This section contains recommendations for improving your security, including actionable mitigation steps.
2020-06-25 03:25:19 +08:00
2021-02-22 20:06:56 +08:00
### Machine-related recommendations relating to specific CVEs
2020-07-09 23:31:17 +08:00
2021-02-22 20:06:56 +08:00
![Machine-related recommendations ](/images/usage/reports/sec_report_5_machine_related.png "Machine related recommendations" )
2020-07-09 23:31:17 +08:00
2021-02-22 20:06:56 +08:00
### Machine-related recommendations relating to network security and segmentation
2020-07-09 23:31:17 +08:00
2021-02-22 20:06:56 +08:00
![Machine-related recommendations ](/images/usage/reports/sec_report_6_machine_related_network.png "Machine related recommendations" )
2020-06-25 03:25:19 +08:00
## The network from the Monkey's eyes
2021-02-22 20:06:56 +08:00
This section contains the infection map and summary tables on servers the Infection Monkey found.
2020-06-25 03:25:19 +08:00
2020-07-09 23:31:17 +08:00
### Network infection map
2021-02-22 20:06:56 +08:00
This section shows the network map and a breakdown of how many machines the Infection Monkey breached.
2020-07-09 23:31:17 +08:00
![Network map ](/images/usage/reports/sec_report_7_network_map.png "Network map" )
### Scanned servers
2021-02-22 20:06:56 +08:00
This section shows the attack surface the Infection Monkey discovered.
2020-07-09 23:31:17 +08:00
![Scanned servers ](/images/usage/reports/sec_report_8_network_services.png "Scanned servers" )
### Exploits and post-breach actions
2021-02-22 20:06:56 +08:00
This section shows which exploits and post-beach actions the Infection Monkey performed during the simulation.
2020-07-09 23:31:17 +08:00
![Exploits and PBAs ](/images/usage/reports/sec_report_9_exploits_pbas.png "Exploits and PBAs" )
2021-02-22 20:06:56 +08:00
### Stolen credentials
2020-07-09 23:31:17 +08:00
2021-02-22 20:06:56 +08:00
This section shows which credentials the Infection Monkey was able to steal from breached machines during this simulation.
2020-07-09 23:31:17 +08:00
![Stolen creds ](/images/usage/reports/sec_report_10_stolen_credentials.png "Stolen creds" )