DCA Version 2.0 has been released. This release includes functionality for our new Snapshot Offering. While standard functionality, such as data collection, and forwarding to GreySpark Cyber are still present, we have added a new feature for MSSP's and Services groups to perform short term evaluations on their customer environments.
The GreySpark Snapshot product allows customers and clients to gain an overview of Architectural and Compliance challenges, all locally on the Data Collection Appliance.
This short term (5-7 day) assessment allows MSSP's and other services organizations to assist their customers with evaluating infrastructure and compliance needs, and plan for future purchases and implementation.
Domain and Coverage Configuration
The configuration for the Snapshot includes domain configuration, or business divisions to assess different configurations across different compliance needs, while the coverage configuration allows for domain, software version, and date range selections for activity and reporting. Using syslog-ng, multiple tenants (entirely separate entities for reporting purposes) may also be configured.
The Security Technology and Process Report is a full report with operational and compliance recommendations corresponding to the compliance framework it is generated from. This report is generated as a fully featured word document for customization and utilization.
Report Generation Bug under specific Conditions:
Condition: For a specific tenant and domain, the user has input more than one entry for the same category (i.e. three network firewalls from different vendors) in the coverage table AND these adentries have date ranges that intersect with the report start / end times – i.e. the timespan between date implemented and date retired (if entered) of the entries intersect with the report start / end times. When the user runs a report for this timeframe and any of the technologies in the category are flagged as having NO ACTIVITY (and aren't configured for ACTIVITY OVERRIDE), Table 2 of the report will list these entries, even if another technology in the same category is flagged as having ACTIVITY.