Cisco Cyber Vision¶
The Cisco Cyber Vision agent is designed to identify and analyze vulnerabilities within the Cisco platform. It processes this information and uploads the findings to Faraday, ensuring that all detected vulnerabilities are reported accurately according to user-defined presets. This allows for comprehensive monitoring and management of potential security risks.
Setup Parameters¶
- CYBERVISION_TOKEN
This key is essential for successfully authenticating every request sent from the agent to the Cyber Vision platform. You can find this key in the Cisco Cyber Vision web interface under Admin > API > Token, as shown in the example image below. - CYBERVISION_HTTPS_URL
This parameter serves as the base URL for accessing your Cisco Cyber Vision web interface. It is utilized to construct API communication URLs and retrieve data. The URL must be HTTPS and include only the initial portion. For example, in the example image below, the URL ishttps://123.0.0.456/#/
, but for this parameter, onlyhttps://123.0.0.456
is required.
Execution Parameters¶
- Cybervision Presets
This parameter is of List type, indicating that you need to input all values separated by commas (,). Each item should correspond to the name of the presets from which you want the agent to retrieve vulnerabilities. For instance, in the example image, if you select Preset1, Preset2, and Preset3 from the Cyber Vision Overview for processing, the text area of this parameter should be filled withPreset1, Preset2, Preset3
.
Agent Execution¶
To execute the agent, simply provide the list of Cybervision Presets, select a workspace destination, and click the Run button. In the example image, we've chosen 'Preset1', 'Preset2', and 'Preset3' to gather data from, and assigned 'workspace' as destination, where all the collected data will be stored.