Up
Previous Next

Sheriff CSMâ„¢

Modifying a Custom Scan Profile

To modify a custom profile for vulnerability scans
  1. Go to Environment > Vulnerabilities > Overview, and click Profiles.
  2. Click the pencil (Pencil) icon of the profile you want to modify.

    Note: Only admin and global admin accounts can modify a custom profile. Non-admin users can only edit the profiles they've created.

    Deep, Default, and Ultimate profiles are default Sheriff CSM profiles that can't be modified.

    The Edit Profile: <name of profile> popup displays.

    Edit Profile popup from Overview.

  3. Modify the settings as needed.

    Options available in a custom profile

    Option

    Description

    Autoenable

    Displays a list of plugin categories or families. Allows users to modify the description, the owner and the auto-enable options.

    Plugins

    Allows for detailed adjustment of the plugins that the Sheriff vulnerability scanner uses to scan your assets. Sheriff CSM displays the number of plugins available as well as the number of plugins enabled in the current profile.

    Prefs

    Allows for personalized configuration for each profile.

    These preferences are generated dynamically. They may change after an Sheriff Lab Intelligence Update.

    View Config

    Shows the final configuration.

    Sheriff CSM displays the preferences selected in the previous option in plain text.

  4. Enable or disable the plugins as needed with the Enable All or Disable All options. Currently, the Enable New, Disable New, and Intelligent options have no designated functionality in Sheriff CSM.

  5. Click Update.

    Sheriff CSM displays "Update Status" at the top of the page.

    After it completes, the vulnerabilities overview page displays.

To enable or disable specific plugins
  1. Click Plugins when editing a profile.

    Sheriff CSM displays two lists, Family and CVE ID, for you to filter the plugins.

    Edit Profile popup from Overview.

  2. Use one of the lists to make a selection, depending on what you are looking for.

    Sheriff CSM displays the list of plugins based on your selection.

    Edit Profile popup from Overview.

  3. Select the plugins you want to enable or disable, and then click Update .
  4. Alternatively, use the Enable All/Disable All buttons to enable or disable all the plugins belonging to the same group.

    Note: If you choose Enable Non DOS, Sheriff CSM only enables the less aggressive plugins, making sure the appliance remains in service, no data is destroyed and no testing services are interrupted.

To search the Threat Database for available plugins
  1. Go to Environment > Vulnerabilities > Threat Database.

    Sheriff CSM displays the threat families with the number of plugins in each severity.

  2. Use one of the four methods, Date Range, Keywords, CVE ID, and Risk Factor, to search for the plugin you want.

  3. Click Search.

    This returns a list of the plugins related to the search. Hovering the mouse over an ID will display the plugin details.

    Search results for Plugin on Threat Database page.

Note: The CVE links take you to the corresponding Vulnerability Details page on http://www.cvedetails.com.
Topic revision: r19 - 13 Jan 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.