Advanced Search
Search Results
76 total results found
CyberRisk Rating
Alles, was sie über das CyberRisk Rating by KSV1870 wissen müssen. Everything you need to know about the CyberRisk Rating by KSV1870.
Compliance Monitor
Nimbusec Compliance Monitor (Project Name Krahken) monitors assets for compliance issues. These can be either of type regulary or business related.
Nimbusec KB
This book includes information about Nimbusec related topics.
Datenschutz Rating (Coming Soon)
Alles, was Sie über das Datenschutz-Rating by KSV1870 wissen müssen. Everything you need to know about the data protection rating by KSV1870.
DORA Modul Service
Regulatory Compliance
Detailed description about regulatory compliance, its meaning and the checks behind
Business Compliance
Detailed description about business compliance, its meanings and possibilities for checks that can be accomplished.
How To's
A chapter filled with answers on questions coming up by customers using the compliance monitoring tool
Issues / Violations
This chapter explains various topics around issues or violations that may occur within the compliance monitor.
API
Information to our Nimbusec API
Server Agent
Additional information about the Nimbusec Server Agent
FAQ
Getting Started
Understand Nimbusec Results And Alerts
Guides
GDPR Export Description
A short description of the spreadshhet supllied at the end of a GDPR project.
Integration Projects
Integrations
CyberRisk Manager
Der CyberRisk Manager hat im Wesentlichen die Funktion, einen klaren und leicht nachvollziehbaren Überblick über alle seine Lieferanten zu ermöglichen. Hier werden die einzelnen Punkte der CyberRisk Manager Seite nochmal genau durchgegangen. The CyberRisk Man...
Risikominimierung | Risk management
Die Risikominimierung dient dazu, internes Risiko für die eigenen Lieferanten individuell festzulegen und notwendige Maßnahmen zu definieren. The Risk Management is used to individually determine internal risks for the company's own suppliers and to define th...
CyberRisk Rating
Das Cyber Risk Rating ist ein Sicherheitsurteil, das auf einer gründlichen Bewertung des Cybersicherheitsstatus eines Unternehmens basiert. Es misst, wie gut ein Unternehmen in Bezug auf Cybersicherheit abschließt und ob es den angegebenen Anforderungen und St...
Allgemeine Informationen | General information
Datenschutz Manager
Die Hauptfunktion des Datenschutz-Managers besteht darin, einen einfachen und klaren Überblick über das Datenschutz-Rating jedes eingebundenen Lieferanten zu bieten. Hier werden die einzelnen Punkte der Datenschutz Manager Seite noch einmal genau erläutert. T...
Datenschutz Rating
Das Datenschutz Rating bewertet auf einfache und transparente Weise die Vertrauenswürdigkeit der aktuellen Datenschutzmaßnahmen Ihrer Organisation oder Ihrer Geschäftspartner. The data protection rating assesses the trustworthiness of your organisation's or b...
Work Around -> ab Rank 1 - N
About
The compliance monitor (codename Krahken) is intended to collect all data from our other products and present them in a unified portal. Additionally it has 2 main purposes: Adding functionality for Compliance Scans and Analytics Adding functionality for A...
Compliance Monitoring Issues
General Information In the world of website compliance, a lot of differnt compliance violotions can occour. Therefore we decided to make a clear separation of those violations and introduced different violation categories: Regulatory Violations Business V...
Issue Handling
There are 2 types of actions, that can bei set to resolve issues: Resolve / Acknowledge Ignore Resolve an issue By resolving an issue, the compliance monitor assumes that the cause has been fixed. e.g.: If you resolve an issue for a cookie named...
Regulatory vs. Business Compliance
When working with the compliance monitor, you will likely very often see the term "regulatory" or "business" in combination with "compliance". There is a simple reason for that: Compliance is more complicated than security monitoring. While security foll...
How To: Reproduce Cookie Violations
This how-to describes how it is best to reproduce cookie violations, as this is often a very confusing topic. First of all it would be good to know, how exactly our crawler works in this case: How Nimbusec visits websites The crawler of Nimbusec is te...
Auto Acknowledge
Issues can be auto acknowledged to simplify the issue handling process by keeping most of the transparency. What does it do? If there is a rule, that allows e.g. a specific cookie to be set on a website, the issue will be auto acknowledged on our side. Th...
API Documentation
APIv3 docu: https://openapi.nimbusec.com/?urls.primaryName=Nimbusec%20Website%20Security%20API%20v3#/
FQL Documentation
Installation on Linux
Installation This guide describes the installation of the Nimbusec Server Agent. The Server Agent is optional for the function of the product, but improves the detection rate greatly. Therefore, it is strongly recommended to install the Server Agent. Installa...
Installation on Windows
This document describes the Install Process of the nimbusec Server Agent under Windows Server 2008 and 2012. The Server Agent adds extended functionality to the nimbsuec service. Installation Download the appropriate version of the Server Agent for your Se...
Configuration
Outdated CMS Version The use of an outdated version of a content management system (CMS) can lead to various security issues. A list of known security vulnerabilities sorted by version number can be found in the publicly accessible CVE Details database¹. In m...
Reputation
Hatred or Violence Browser plug-ins like WOT [1] allow to evaluate a website by the user, e.g.regarding questionable contents like hate speech, racism or discrimination. Your website has received poor ratings in this category. The result is that the plug-in w...
Transport Layer Security (TLS)
Certificate Legacy Certificates By legacy we mean distrusted certificates. An example from the past is the distrust of the Symantec PKI [1]. The best solution to date is, to replace the existing distrusted certificate with a new one from any Certificate Auth...
Verifying PDF Integrity
The Cyber Risk Rating Portal issues multiple documents at the end of the rating process for every supplier. The documents are among others the Cyber Risk Rating Certificate which contains the overall rating scores for the supplier along with the WebRisk score ...
Compliance Monitoring Issues
General Information In the world of website compliance, a lot of differnt compliance violotions can occour. Therefore we decided to make a clear separation of those violations and introduced different violation categories: Regulatory Violations Business V...
Security Header Ratings
Explanation Security Header Ratings allow an objective assessment about the website's condition in terms of the security of the HTTP response headers. By adding and configuring security headers according to best practices, another layer of security will stren...
What is Discovery?
Nimbusec Discovery's Mission Nimbusec Discovery aims to identify all websites related to your organization and perform a passive security analysis by simulating one single website visitor per domain. A Nimbusec Discovery report is an objective, external over...
What is Nimbusec?
Nimbusec is a website security monitoring tool that notifies you, when your website was hacked or is in danger. It allows you to react before your customers or your reputation are harmed. Safe: Nimbusec never exposes data of your servers to the cloud, resp...
Alert actions
Each alert offers the user the ability to perform three different actions: Mark as resolved Mark to ignore Ask for support To trigger one of those actions, click on "Actions" on the top right corner of the relevant issue. Mark as resolved When an a...
Blacklist alerts
Blacklists are lists of internet addresses that are known for security problems. These lists are maintained by organisations like Google, cybersecurity companies or non-profits who try to warn about "black sheep" within the online community. There are two ways...