Performing an Expanded Data Breach Risk Scan

  1. After logging onto the Risk Intelligence Console, click on Scan Computers in the side navigation panel.

    2. In the Choose Organization section, the currently selected organization is shown.

    In the Risk Intelligence Console, 'Organizations' are used to group devices and results using terms familiar to your company. For example an Organization might be defined as an office location or particular types of devices (servers vs workstations) or whatever is meaningful to you.
  2. To change the organization you want to scan, click on Change and select the appropriate organization from those available.
  3. From the Choose a Scan Type list select Expanded Data Breach Risk Scan.

    4.  

    In the screenshot shown above, notice the Short Code. This code is created automatically by the system when accounts and organizations are created - and defines the particular scan type and configuration for the organization.

    Short codes can be used as command line arguments to the CLI scanner as described in the next step.

  4. From the Scan Delivery Method dropdown select Command Line Executable.

    5. The various platforms and corresponding deployment options for the CLI scanner are displayed.

    The simplest way to run a command line scan is to use the provided PowerShell script on Windows platforms or the curl script on Mac and Linux platforms. These scripts are designed to automatically download the CLI executable (if it doesn't exist or is outdated on the target) and launch the selected scan on the device. See CLI Scanner Command Line Arguments for details of the commands you can use to run your scan.

  5. Once you have chosen your command line scan option, enter the appropriate script to run the scan.

    6. As the scan runs, you can monitor its progress and view the scan results of individual devices from the View and Manage - Scan Results page - see Monitoring Scan Progress and Viewing Individual Device Scan Results.

    The time taken to run a scan depends on a variety of factors: the amount of data to be scanned; the amount of used space; the scan type (Data Breach Risk and PCI & PAN scans generally take the longest); the network conditions e.g. internet speed and device usage. Run times can range from a few minutes to several hours or several days for huge amounts of data.

    Once one or more scans have completed you will be able to report on results in the Reporting module. See Reporting and in particular Generating an Expanded Data Breach Risk Report.

    Before you can generate a Data Breach Risk Report you must first create one - see Creating an Expanded Data Breach Risk Report.