Risk Intelligence Help

Run Expanded Data Breach Risk Scan from the CLI

The Data Breach Risk Scan is configured to discover the following types of sensitive data: Credit Cards, Social Security Numbers, Driver's License and Date of Birth. The new Expanded Data Breach Risk Scan (ExDBRS) also includes the Technical Safeguards component which Tests for 18 baseline Windows end-point configurations.

  1. Select Scan Computers from the side navigation menu:
  2. In the Choose Organization section, the currently selected organization is shown. Click Change if you want to scan a different organization.
  3. In the Risk Intelligence Console, 'Organizations' are used to group devices and results using terms familiar to your company. For example an Organization might be defined as an office location or particular types of devices (servers vs workstations) or whatever is meaningful to you.
  4. Select Expanded Data Breach Risk Scan from the Choose a Scan Type list.
  5. Notice the Short Code alongside the scan type. This code is created automatically by the system when accounts and organizations are created - and defines the particular scan type and configuration for the organization.

    Short codes can be used as command line arguments to the CLI scanner as described in the next step.

  6. Next, choose Command Line Executable from the Scan Delivery Method dropdown.
  7. The various platforms and corresponding deployment options for the CLI scanner are displayed:

    Windows Option 1:

    Copy and paste the following:

    PowerShell (New-Object System.Net.WebClient).DownloadFile('https://app.ri.logicnow.com/scan_me/templates/IKSFXXO/win_script.txt','win_script.bat');&win_script.bat

     

    Windows option 2:

    1. Download the RIlauncher.exe file using the link provided.
    2. Once you have downloaded the exe, open a command window and run:
    3. C:> RIlauncher.exe

     

    MacOS Option:

    Linux Option:

    Not all scan types can be run on Linux systems. Those scan types will only display instructions for Windows and Mac.
  8. Choose the option you need and follow the instructions. The scanner uses the short code to identify the organization and scan type.
  9. The simplest way to run a command line scan is to use the provided PowerShell script on Windows platforms or the curl script on Mac and Linux platforms. These scripts are designed to automatically download the CLI executable (if it doesn't exist or is outdated on the target) and launch the selected scan on the device. See CLI Scanner Command Line Arguments.

Once you have run your scan, you can view scan results for individual devices scanned (see View Individual Device Scan Results) or use the Reporting features to analyze scan data on all devices throughout your organization.

To view specific scan results for the Expanded Data Breach Risk Scan, see Expanded Data Breach Risk Scan Report for Individual Host.