Human-based risks
Plain HTTP Credentials
OS: Windows
Description
Verifies whether or not the user has submitted credentials over insecure HTTP connections since the last scan.
Recommendation
Avoid using insecure HTTP sites (non HTTPS), especially submitting login / register forms.
High Risk Browsing
OS: Windows
Description
Verifies whether or not the user has browsed sites marked as phishing or fraud since the last scan.
Recommendation
Only access / browse trusted websites and make sure to read the URL before clicking it, to avoid becoming a victim of fraud or phishing.
High Detection Count
OS: Windows
Description
Verifies if the user has been exposed to a high number of threats since the last scan.
Recommendation
Avoid executing files coming from untrusted sources and limit your browsing to trusted sites only.
Removable Device Infection
OS: Windows
Description
Verifies whether or not the user has been exposed to a threat from a removable device (e.g., flash drive, external HDD) since the last scan.
Recommendation
Plug in only trusted removable devices, and disable AutoPlay to lower the risk of exposure to threats from corrupted external devices.
SMB Infection
OS: Windows
Description
Verifies if the user has accessed any malicious files over a network shared folder since the last scan.
Recommendation
Only access SMB shares that are trusted. You should also avoid accessing shares that are outside the internal network.
Browsing Infection
OS: Windows
Description
Verifies if the user has accessed any malicious URLs since the last scan.
Recommendation
Only access / browse trusted websites and make sure to read the URL before clicking it, to avoid becoming a victim of fraud or phishing.
Old User Password
OS: Windows
Description
Verifies if the user has not changed the login password for the account (local or domain) for more than 90 days.
Recommendation
Change the login password for the local / domain account at least every 90 days.
Shared HTTP Password External
OS: Windows
Description
Verifies if the user uses the same passwords across different external sites.
Recommendation
Avoid using the same password for multiple websites.
Shared HTTP Password Internal with External
OS: Windows
Description
Verifies if the user uses the same passwords shared between internal and external websites.
Recommendation
Avoid using a password for internal website as well as for external websites.
Old HTTP Password
OS: Windows
Description
Verifies if the user has not changed the login password for HTTP accounts (internal or external) for more than 60 days.
Recommendation
Update passwords for your HTTP accounts periodically (at least once every 60 days).
Public WiFi connection
OS: Windows
Description
Verifies if the user has been connected to a public, unprotected WiFi network since the last scan.
Recommendation
Avoid connecting to unprotected WiFi networks, or at least make sure also use a VPN service during the connection to that network.
Password not required
OS: Windows
Description
Verifies if the user accounts have the "password not required" attribute set to True, making it possible to set no password for that account and overwriting any in-place password policy.
Recommendation
Set "password not required" to False for every existent user account.
Password does not expire
OS: Windows
Description
Verifies if the user accounts have the "password does not expire" attribute set to True, thus lowering the chances of users changing the password periodically.
Recommendation
Set "password does not expire" to False for every existent user account and change it at least every 90 days.
Idle User
OS: Windows
Description
Verifies if any idle users have left their workstation unlocked since the last scan.
Recommendation
Always lock your workstation before leaving it idle.
Samba PlainText/LM/NTLM authentication
OS: Windows
Description
Verifies if any SMB connections have used plain text, LM hash, NTLMv1 or NTLMv2 authentication data since the last scan.
Recommendation
Restrict the use of plain text, LM hash, NTLMv1 or NTLMv2 authentication mechanisms on SMB clients and servers.
Low password complexity policy
OS: Windows
Description
Verifies if there is any password complexity policy in-place on the endpoint.
Recommendation
Avoid using the same password for multiple websites.