monkey/docs/content/usage/reports/security.md

98 lines
3.9 KiB
Markdown
Raw Normal View History

2020-06-25 03:25:19 +08:00
---
title: "Security report"
date: 2020-06-24T21:16:10+03:00
draft: false
---
{{% notice info %}}
Check out [the documentation for the other reports as well](../).
{{% /notice %}}
The Monkey's Security Report is built to provide you with actionable recommendations and insight to the Attacker's view of your network. You can download a PDF of this example report:
{{%attachments title="Download the PDF" pattern=".*(pdf)"/%}}
The report is split into 3 main categories: "Overview", "Recommendations" and "The network from the Monkey's eyes".
- [Overview](#overview)
- [High level information](#high-level-information)
- [Used Credentials](#used-credentials)
- [Exploits and targets](#exploits-and-targets)
- [Security Findings](#security-findings)
- [Recommendations](#recommendations)
- [Machine related recommendations relating to specific CVEs](#machine-related-recommendations-relating-to-specific-cves)
- [Machine related recommendations relating to network security and segmentation](#machine-related-recommendations-relating-to-network-security-and-segmentation)
- [The network from the Monkey's eyes](#the-network-from-the-monkeys-eyes)
- [Network infection map](#network-infection-map)
- [Scanned servers](#scanned-servers)
- [Exploits and post-breach actions](#exploits-and-post-breach-actions)
- [Stolen Credentials](#stolen-credentials)
2020-06-25 03:25:19 +08:00
## Overview
The overview section of the report provides high-level information about the Monkey execution and the main security findings that the Monkey has found.
### High level information
The report starts with information about the execution, including how long the simulation took and from which machine the infection started from.
![Overview](/images/usage/reports/sec_report_1_overview.png "Overview")
### Used Credentials
The report will show which credentials were used for brute-forcing.
![Used Credentials](/images/usage/reports/sec_report_2_users_passwords.png "Used Credentials")
### Exploits and targets
The report shows which exploits were attempted in this simulation and which targets the Monkey scanned and tried to exploit.
![Exploits and Targets](/images/usage/reports/sec_report_3_exploits_ips.png "Exploits and Targets")
### Security Findings
The report highlights the most important security threats and issues the Monkey discovered during the attack.
![Threats and issues](/images/usage/reports/sec_report_4_threats_and_issues.png "Threats and issues")
2020-06-25 03:25:19 +08:00
## Recommendations
This section contains the Monkey's recommendations for improving your security - what mitigations you need to implement.
### Machine related recommendations relating to specific CVEs
![Machine related recommendations](/images/usage/reports/sec_report_5_machine_related.png "Machine related recommendations")
### Machine related recommendations relating to network security and segmentation
![Machine related recommendations](/images/usage/reports/sec_report_6_machine_related_network.png "Machine related recommendations")
2020-06-25 03:25:19 +08:00
## The network from the Monkey's eyes
This section contains the Infection Map and some summary tables on servers the Monkey has found.
### Network infection map
This part shows the network map and a breakdown of how many machines were breached.
![Network map](/images/usage/reports/sec_report_7_network_map.png "Network map")
### Scanned servers
This part shows the attack surface the Monkey has found.
![Scanned servers](/images/usage/reports/sec_report_8_network_services.png "Scanned servers")
### Exploits and post-breach actions
This part shows which exploits and Post Breach Actions the Monkey has performed in this simulation.
![Exploits and PBAs](/images/usage/reports/sec_report_9_exploits_pbas.png "Exploits and PBAs")
### Stolen Credentials
This part shows which credentials the Monkey was able to steal from breached machines in this simulation.
![Stolen creds](/images/usage/reports/sec_report_10_stolen_credentials.png "Stolen creds")