monkey/docs/content/reports/security.md

---
title: "Security report"
date: 2020-06-24T21:16:10+03:00
draft: false
description: "Provides actionable recommendations and insight into an attacker's view of your network"
---

{{% notice info %}}
Check out [the documentation for other reports available in the Infection Monkey]({{< ref "/reports" >}}).
{{% /notice %}}

The Infection Monkey's **Security Report** provides you with actionable recommendations and insight into an attacker's view of your network. You can download a PDF of an example report here:

{{%attachments title="Download the PDF" pattern=".*(pdf)"/%}}

The report is split into three main categories:

- [Overview](#overview)
  - [High-level information](#high-level-information)
  - [Used credentials](#used-credentials)
  - [Exploits and targets](#exploits-and-targets)
  - [Security findings](#security-findings)
- [Recommendations](#recommendations)
  - [Machine-related recommendations relating to specific CVEs](#machine-related-recommendations-relating-to-specific-cves)
  - [Machine-related recommendations relating to network security and segmentation](#machine-related-recommendations-relating-to-network-security-and-segmentation)
- [The network from the Monkey's eyes](#the-network-from-the-monkeys-eyes)
  - [Network infection map](#network-infection-map)
  - [Scanned servers](#scanned-servers)
  - [Exploits and post-breach actions](#exploits-and-post-breach-actions)
  - [Stolen credentials](#stolen-credentials)

## Overview

The overview section of the report provides high-level information about the Infection Monkey's execution and main security findings.

### High-level information

This section shows general information about the Infection Monkey's execution, including which machine the infection originated from and how long the breach simulation took.

![Overview](/images/usage/reports/sec_report_1_overview.png "Overview")

### Used credentials

This section shows which credentials were used for brute-forcing.

![Used Credentials](/images/usage/reports/sec_report_2_users_passwords.png "Used Credentials")

### Exploits and targets

This section shows which exploits were attempted in this simulation and which targets the Infection Monkey scanned and tried to exploit.

![Exploits and Targets](/images/usage/reports/sec_report_3_exploits_ips.png "Exploits and Targets")

### Security findings

This section highlights the most important security threats and issues discovered during the attack.

![Threats and issues](/images/usage/reports/sec_report_4_threats_and_issues.png "Threats and issues")

## Recommendations

This section contains recommendations for improving your security, including actionable mitigation steps.

### Machine-related recommendations relating to specific CVEs

![Machine-related recommendations](/images/usage/reports/sec_report_5_machine_related.png "Machine related recommendations")

### Machine-related recommendations relating to network security and segmentation

![Machine-related recommendations](/images/usage/reports/sec_report_6_machine_related_network.png "Machine related recommendations")

## The network from the Monkey's eyes

This section contains the infection map and summary tables on servers the Infection Monkey found.

### Network infection map

This section shows the network map and a breakdown of how many machines the Infection Monkey breached.

![Network map](/images/usage/reports/sec_report_7_network_map.png "Network map")

### Scanned servers

This section shows the attack surface the Infection Monkey discovered.

![Scanned servers](/images/usage/reports/sec_report_8_network_services.png "Scanned servers")

### Exploits and post-breach actions

This section shows which exploits and post-beach actions the Infection Monkey performed during the simulation.

![Exploits and PBAs](/images/usage/reports/sec_report_9_exploits_pbas.png "Exploits and PBAs")

### Stolen credentials

This section shows which credentials the Infection Monkey was able to steal from breached machines during this simulation.

![Stolen creds](/images/usage/reports/sec_report_10_stolen_credentials.png "Stolen creds")
Added GA and some more pages 2020-06-25 03:25:19 +08:00			`---`
			`title: "Security report"`
			`date: 2020-06-24T21:16:10+03:00`
			`draft: false`
docs: Add descriptions for reports and display them on the reports index page 2021-01-05 04:29:04 +08:00			`description: "Provides actionable recommendations and insight into an attacker's view of your network"`
Added GA and some more pages 2020-06-25 03:25:19 +08:00			`---`

Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00			`{{% notice info %}}`
Refactored internal documentation hub links to proper structure which fixed them in production 2021-04-09 21:35:18 +08:00			`Check out [the documentation for other reports available in the Infection Monkey]({{< ref "/reports" >}}).`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00			`{{% /notice %}}`

Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`The Infection Monkey's Security Report provides you with actionable recommendations and insight into an attacker's view of your network. You can download a PDF of an example report here:`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
			`{{%attachments title="Download the PDF" pattern=".*(pdf)"/%}}`

Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`The report is split into three main categories:`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
			`- [Overview](#overview)`
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`- [High-level information](#high-level-information)`
			`- [Used credentials](#used-credentials)`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00			`- [Exploits and targets](#exploits-and-targets)`
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`- [Security findings](#security-findings)`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00			`- [Recommendations](#recommendations)`
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`- [Machine-related recommendations relating to specific CVEs](#machine-related-recommendations-relating-to-specific-cves)`
			`- [Machine-related recommendations relating to network security and segmentation](#machine-related-recommendations-relating-to-network-security-and-segmentation)`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00			`- [The network from the Monkey's eyes](#the-network-from-the-monkeys-eyes)`
			`- [Network infection map](#network-infection-map)`
			`- [Scanned servers](#scanned-servers)`
			`- [Exploits and post-breach actions](#exploits-and-post-breach-actions)`
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`- [Stolen credentials](#stolen-credentials)`
Added GA and some more pages 2020-06-25 03:25:19 +08:00
			`## Overview`

Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`The overview section of the report provides high-level information about the Infection Monkey's execution and main security findings.`
Added GA and some more pages 2020-06-25 03:25:19 +08:00
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`### High-level information`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`This section shows general information about the Infection Monkey's execution, including which machine the infection originated from and how long the breach simulation took.`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
			`![Overview](/images/usage/reports/sec_report_1_overview.png "Overview")`

Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`### Used credentials`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`This section shows which credentials were used for brute-forcing.`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
			`![Used Credentials](/images/usage/reports/sec_report_2_users_passwords.png "Used Credentials")`

			`### Exploits and targets`

Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`This section shows which exploits were attempted in this simulation and which targets the Infection Monkey scanned and tried to exploit.`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
			`![Exploits and Targets](/images/usage/reports/sec_report_3_exploits_ips.png "Exploits and Targets")`

Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`### Security findings`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`This section highlights the most important security threats and issues discovered during the attack.`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
			`![Threats and issues](/images/usage/reports/sec_report_4_threats_and_issues.png "Threats and issues")`
Added GA and some more pages 2020-06-25 03:25:19 +08:00
			`## Recommendations`

Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`This section contains recommendations for improving your security, including actionable mitigation steps.`
Added GA and some more pages 2020-06-25 03:25:19 +08:00
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`### Machine-related recommendations relating to specific CVEs`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`![Machine-related recommendations](/images/usage/reports/sec_report_5_machine_related.png "Machine related recommendations")`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`### Machine-related recommendations relating to network security and segmentation`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`![Machine-related recommendations](/images/usage/reports/sec_report_6_machine_related_network.png "Machine related recommendations")`
Added GA and some more pages 2020-06-25 03:25:19 +08:00
			`## The network from the Monkey's eyes`

Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`This section contains the infection map and summary tables on servers the Infection Monkey found.`
Added GA and some more pages 2020-06-25 03:25:19 +08:00
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00			`### Network infection map`

Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`This section shows the network map and a breakdown of how many machines the Infection Monkey breached.`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
			`![Network map](/images/usage/reports/sec_report_7_network_map.png "Network map")`

			`### Scanned servers`

Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`This section shows the attack surface the Infection Monkey discovered.`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
			`![Scanned servers](/images/usage/reports/sec_report_8_network_services.png "Scanned servers")`

			`### Exploits and post-breach actions`

Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`This section shows which exploits and post-beach actions the Infection Monkey performed during the simulation.`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
			`![Exploits and PBAs](/images/usage/reports/sec_report_9_exploits_pbas.png "Exploits and PBAs")`

Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`### Stolen credentials`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
Copyedits for usage sections (#965) Copy edits - round 2 2021-02-22 20:06:56 +08:00			`This section shows which credentials the Infection Monkey was able to steal from breached machines during this simulation.`
Added the scenarios page, and finished the Security Report page 2020-07-09 23:31:17 +08:00
			`![Stolen creds](/images/usage/reports/sec_report_10_stolen_credentials.png "Stolen creds")`