Usage Instructions: Configure and Launch In most cases the defaults should be selected: a. Fulfillment Option: 64-bit AMI b. Select desired Software Version c. Select the desired Region d. Action: Launch from Website e. The recommended EC2 Instance Type: is m5.xlarge f. Select desired VPC and subnet g. Select "Create New Based On Seller Settings" and provide name and description h. Select your Key Pair Launch Once the VM instance is created, please wait for 5 minutes before you access the Cavirin Server (instructions below) Copy the AMI ID

First Access to Cavirin: You can access the Cavirin server via the instance IP address: https://<your_public_ip_address>. The IP can be found in the EC2 console When you access https://<your_public_ip_address>, it will prompt for the license.

Please reach out to the Cavirin Sales team for the license The default users: userid = administrator password = your unique instance ID from the AWS Console. userid = groupadmin password = your unique instance ID from the AWS Console. userid = devops password = your unique instance ID from the AWS Console. userid = analyst password = your unique instance ID from the AWS Console.

Note:

• Sensitive information saved by customers are Service Account credentials or host credentials. The Service Account or host credentials can be used for deep scanning of the VMs.
• All data at rest has been stored in an encrypted vault. Only Cavirin APIs can access the encrypted information.
• System Credentials are aligned to the customer's security practices. With any SSO mechanism, customers can customize and enforce the system's credentials and key rotation as per security practice. Cavirin recommends resetting credentials, every 90 days.
• Only Cavirin APIs can interact with the encrypted data that is at rest in an encrypted Vault. No user can directly interact once the application data has been pushed to the vault. The application has unique workflows (Docker, Cloud & On-repm) for its operation. The workflows use the APIs to perform the operations and use the encrypted credentials or keys or any data pushed to the Cavirin Vault.
• To assess and monitor the health:
  • Health checks on via Dashboard -- Please check the components if there is any inappropriate information shown and streamlined in the data
  • As the application is supported with RBAC, the user management page will show the roles and responsibilities to check for the operating privileges of the user
  • The resources and Asset Group page show the Security and compliance posture score showcasing the status of deep assessment of the assets
  • The Monitor section shows the events logging in the platform with all the sources of the environment
  • The Super admin login has access to the Audit logs to trace the functions of each user's activities
  • Through CLI, we do check the health of each process running in the platform. The Python script located at /var/lib/cavirin/tools shows the status of each process daemon to perform a regular health check.