The client portal allows you to deliver findings, reports, and files to your clients, complete with a cloud dashboard, asset management, and vulnerability finding. Clients can see, schedule, and manage upcoming pentests. With the Quotes module, clients can also purchase credits to spend on pentests, request pentests, and approve work directly in the portal.
That portal is completely white label and you can adjust settings to showcase different dashboards, insights, and project types depending on the services you're providing. You do so by customizing client portal settings.
TIP! Client Portal Settings are adjusted per client. That means you'll have to change settings for every client!
1. Click Clients on the menu
2. Click the client you'd like to edit
3. From the client menu, go to Client Portal
Cyver allows you to customize most of the client portal features with toggles to adjust visibility, to enable new features, or to offer specific features to your clients.
Security
Custom security features mean you can allow clients to set their own security settings. This means clients choose 2FA, login settings, and lockout attempt requirements for their employees. You can also enforce security standards for clients so your portal stays more secure.
To access this:
1. Go to the Security Tab under the Client Portal and switch the Toggle to ON
Security settings include:
Password Complexity
Set password complexity including requirements and length:
User Lockout
Set or remove user lockout features, including defining maximum failed login attempts and seconds the user will be locked out.
2-Factor Authentication
Update 2FA to be mandatory, optional, or off for both email and authenticator apps:
SSO
Enable/disable SSO apps including Google, Microsoft, and SAML2. You can also remove usernames and passwords so that only SSO can be used to log in.
API
Turn the API feature on or off for this client. This will not affect your own API or API access for other clients.
Jira Integration
Allow this client to connect their Jira account to automatically export findings as tickets and to synchronize ticket status from the portal to their Jira account.
Client Insights
Insights include metrics that clients can access for free. These are automatically generated from data you upload to the portal. Insights can be turned off completely or tailored per client.
- Toggle on/off
- Show risk summaries with published vulnerabilities, defined likelihood, and severity
- Show time-to-fix with risks based on defined fix times
- Edit defined fix times from the default
Request Pentest
Here, you can allow clients to request a pentest in the portal, using defined pentest templates. This means the client can push a button and send you a request based on an existing proposal.
- Enable/Disable clients from requesting pentests
- Set the request form you'd like this client to use.
Findings Retest
With findings retesting settings, you can enable/disable clients and client users sending retest requests. Enable these and your clients can let you know when they've implemented a fix and request a validation from you.
- Turn findings retest requests on/off
- Change settings for who gets notifications. E.g., Client Account Manager (If retesting requires a new proposal and fee), Pentest Users in Project team
Findings Activity
Findings activity includes events such as file updates, status changes, additional instances, etc. This toggle also allows you to message with client users directly on the finding ticket.
Asset Management
Asset management settings mean you can enable clients to upload assets to the portal. If you'd rather that only pentesters can add assets, leave this toggle off. Keep in mind that if this toggle is on, clients can also edit existing assets.
Asset Retesting
With Asset Retesting enabled, clients can access and use retest workflows you set up under Workflows.
Weekly Email
Choose to send client users a weekly summary of portal activity every Monday. This is a great way to keep all client users in the loop, even if they are not logging into the portal daily.
Team & User Management
Team and user management give you the option to adjust whether clients can add new users, create new teams, or add people to teams. These settings mean clients can be more involved on the platform and can set up different teams to manage different assets, to fix findings, or to review security and vulnerabilities.
Planning
This toggle adjusts default settings for project planning across the portal for this client. With it on, clients see all planning across all projects as a default. However, you can always hide planning or planning steps for specific projects from the specific Project menu.
Multi-Language
Multi-language support means that you can offer the Client portal in your client's native language. Enable the toggle and then select the language you'd like to enable. You can also change the default language from English to a language of your choice.
Don't see the language you're trying to support? Contact your Customer Success Manager for options!
Quotes (With Quote Add-on)
If you opt into the Quote Add-on, you can enable Quotes or Proposals for clients in the portal. By enabling the toggle, Clients see a "Quotes" or "Proposals" dashboard, where they can review and accept proposals from your team.
If you enable credits, clients can also purchase, work with, and redeem credit balances towards pentests, scans, or other services you offer.
Continuous Assessments (With Continuous Assessments Add-on)
If you opt into the Continuous Assessments Add-on, you can enable continuous assessments for Clients. This means clients will have a tab in the menu to view and see the results of Continuous Assessments, to see scheduling, and to add their assets. You can also enable a Request form, which works exactly like Request Pentest and Request Retest forms.
Do you have any further questions about Client Portal Settings? Let us know!