Creating and managing companies
What is a company?
A company is essentially your client that you want to run an assessment for. For example, if you're an MSP and you want to run an assessment for a client of yours called "ABC Client," then you will need to create a Company within the vPenTest portal for this company.
Creating a company
IMPORTANT When creating a company, it’s important to fill out as many details as possible. Things such as the company’s domain name can be used for open source intelligence (OSINT) gathering.
Follow these steps to create a company:
- Click Companies in the left navigation menu.
- Click the New Company button.
- Fill out the New Company pop-up modal. The following options are presented:
Field | Description |
---|---|
Full Name | The full name of the company. |
Short Name | The company’s abbreviation (if any). If none exists, you can use the company’s full name. |
Industry | Provide your client’s industry category. |
Domain | Used for Open Source Intelligence (OSINT) gathering, this textbox should contain the domain name of the company. |
Support Email | Optional field, but can be used to send support-related information to the client if necessary (e.g., Agent offline, etc.). |
Time Zone | Provide the company’s time zone. |
Use Vonahi Security branded deliverables | If you ever want to use Vonahi Security branded deliverables, you can select the checkbox for “Yes”. Otherwise, the reports for this company will be branded using your company’s branding (e.g. logo, colors, etc.). |
- Authorized vPenTest Agent Emails for internal assessments.
NOTE If you are conducting an internal security assessment, such as a penetration test or vulnerability assessment, then you can provide an email address to "attach" for an Agent. In other words, when you use this email address for option 2 in the vPenTest Agent menu's registration process, it will automatically associate that Agent with this company. It should also be noted that this email address should be unique per company. If you have the same email associated to multiple companies, you will experience issues registering an Agent to the correct company.
Once you've completed this step, you'll be taken to the company's profile page, which you can find more details on in the next section.
Managing all company information
To manage a company, you can use the Company Profile page, which shows you everything about a particular company, including their users, scheduled/in-progress assessments, Agents, as well as comparison data.
To manage a company's settings, perform the following steps:
- Click Companies in the left navigation menu.
- Click on any company name from the list of companies to view its Company Profile page.
- When you click on a company name, you will be taken to the company's profile page, which is shown below. Using the company profile page, you have the ability to manage several areas in the platform.
Here's a brief overview of the sections you'll run across in the company profile sections:
Profile Details tab
In the Profile Details tab, you'll find information about the following:
- Average IPs tested and run time: This information allows you to understand the average number of IP addresses that vPenTest typically finds on internal and external assessments, as well as how long the assessments typically take.
- Company Profile Details: This tab allows you to see information about the company name, domain, time zone, as well as whether or not if you want to use your own branded reports.
- Internal Agents: This area allows you to quickly manage any Agents by the company, including viewing their UUID, deleting Agents, etc.
- Reports: From the Reports card, you're able to quickly review reports that belong to that company.
- List of Previous Assessments: As you run assessments for the company, you'll start to see their previously run assessments in this section of the page. The details above the table are updated after every assessment.
- Assessment Stats: This area quickly gives you an idea on how many assessments of certain types that you've run for this company.
Company Members tab
The Company Members tab allows you to manage the users that can be created for this particular company. When you create a company member, you're essentially giving that user read-only abilities for that company. When they log in, they'll be able to see the following information:
- Available reports
- In-progress and upcoming scheduled assessments
- Trending data for recurring security assessments
Assessments tab
From the Assessments tab, you'll be able to see in-progress, completed, and upcoming (scheduled) assessments.
List of Agents tab
From the List of Agents tab, you'll be able to fully manage the Agents that belongs to this company. This includes creating, viewing, modifying, and deleting any Agents for this particular company. From this tab, you can also view the UUID that can be used to register a new Agent to this particular company.
Comparison Data tab
The Comparison Data table allows you to see the trend of vulnerabilities from each assessment that was previously performed for that company.