Who can use this feature?
Workspace Owners, Super Admins, and Admins
Only supported using the Cerby web app
With the Cerby Security Hub, you gain a centralized view of the current health and status of your accounts and automation tasks, enabling you to stay on top of any issues that could compromise the security of your workspace. By aggregating data and presenting it in a single, user-friendly dashboard, the Security Hub highlights any risky behavior and misconfigurations in your workspace accounts so you can take action as follows:
Spot and address potential vulnerabilities before they escalate.
Make proactive decisions.
Reduce the likelihood of breaches and maintain a secure workspace.
The Security Hub dashboard
Figure 1 displays the Security Hub page, highlighting the total number of accounts and the number of orphan accounts within the workspace.
Figure 1. Security Hub view in the Cerby web app dashboard
The Security Hub view centralizes the following elements and information:
The time when the Security Hub view was last updated is displayed in the top-right corner.
The Refresh button enables you to update the view with the latest information.
The Automation tasks issues card is the main card on the dashboard. It displays the automation tasks that had issues in the last seven days.
The Total number of accounts is displayed on the first card on the right side.
The Assign owners to orphaned accounts card indicates whether there are cards in the workspace that do not have an Owner.
The Automation tasks issues card
The Automation tasks issues card displays the list of automation tasks that had issues in the last seven days. The following task types group these issues:
User access termination
User access management
Routine user data sync
From this card, you can address automation task issues that need attention by either acknowledging them by marking them as read, as they must be reviewed by Cerby, accessing the corresponding view, or opening the article with documentation about the task. Refer to the article Address the automation task issues displayed in the Security Hub to learn more about automation task issues and how to acknowledge them.
Figure 2 shows the composition of the Address the issues blocking automation card.
Figure 2. Automation task issues displayed in the Address the issues blocking automation card
The Address the issues blocking automation card displays the following information:
The number of issues blocking the automation tasks in the workspace, located in the card title
The View all tasks in the Automation Log link is a shortcut to access the Automation Log
The following categories group the automation task types:
User access termination
User access management
Routine user data sync
The specific task type error inside each category
The number of issues per task type
To quickly access the individual cards for each automation task issue that needs your attention in each category, click the right arrow () within the issue type categories. A side drawer is displayed, as shown in Figure 3.
Figure 3. Automation task issues side drawer displayed
per category in the Security Hub
The side drawer contains the following tabs at the top:
Unread issues: It displays the automation task issues that require acknowledgment and have not yet been marked as read. Their status changes to read-only when you click the Mark as read button individually or in bulk.
NOTE: Unread reflects status only. It does not imply fault or severity on its own.
Read issues: It displays the automation task issues that were previously Unread and have been marked as read (acknowledged).
NOTES:
Read issues under the Read issues tab and do not contribute to Unread counts. If a new related activity occurs later, a new unread issue is created.
The read status indicates the item was seen and acknowledged; it doesn’t confirm the underlying condition was fixed.
You can mark automation task issues as read in the following ways:
Individually
In bulk
Both the Unread and Read issues tabs contain individual automation task issue cards if the issue is recognizable and belongs to an established category. Figure 4 shows an example of an issue card displayed within the side drawer.
Figure 4. Example of an individual automation task issue card
displayed in the Security Hub
Figure 5 shows the information and elements displayed in each automation task issue card.
Figure 5. Information and elements displayed in each automation task issue card
Consider the following notes regarding individual automation task issue cards:
The Under review by Cerby chip appears only on cards where the Cerby team has acknowledged the issue and is working on it.
The CTA next step button may vary or be absent on the card. It might direct you to the page in the platform where you can take action or to a Cerby help center article for more information about the functionality of the affected module.
All individual issue cards contain the Mark as read button.
You can also contact the Cerby support team directly from the card by clicking the contact our Support team link.
By clicking the right arrow () in the automation issue card, you can access the issue details screen, as shown in Figure 6.
Figure 6. Issue details screen displayed in the Security Hub
The details displayed in this screen include the following:
The issue name, the status chip, and the date and time when it occurred
The issue description, a link to the Cerby Support team, and any available action
The screenshot captured when the automation stopped and the error occurred, if available
The automation identifier
The name of the user who triggered the automation task, the trigger source, and the date and time when it started
If the issue comprises multiple nested issues, the card title is: Multiple issues found, as shown in Figure 7.
Figure 7. Automation task issue card with multiple nested issues
If multiple issues are detected but do not belong to one of the established categories, they aren’t grouped in a single card; instead, they are displayed together, as shown in Figure 8.
Figure 8. Multiple uncategorized issues displayed together in the side drawer
The Total number of accounts card
The Total number of accounts card indicates the total number of accounts in the workspace. You can access the Total accounts dashboard by clicking the See all accounts link.
Figure 9 shows the information displayed on the card.
Figure 9. The Total workspace accounts card
The Total Accounts dashboard displays the total number of accounts across all statuses.
The Orphan accounts card
The Orphan accounts card helps you quickly identify any accounts that should be assigned to one or more Owners. Refer to the article Assign Owners to orphan accounts in your workspace to learn more about orphan accounts.
IMPORTANT: An account is marked orphaned when no active user is assigned as its Owner. The following are some of the common ways an account is orphaned:
Orphaned accounts create unmonitored access, increasing the risk of misuse or unauthorized entry. So, you must have at least one active Owner or disable the account if it’s no longer needed. This restores accountability and reduces security risk. |
Get started
As a workspace Owner, Admin, or Super Admin, you must complete the next steps to start getting the most benefits of the Security Hub:
Log in to your Cerby workspace.
Select the Security Hub option from the left navigation drawer. The Security Hub view is displayed.
Select the card you want to act on.
Now, you are ready to make your workspace safer.
Related articles
Refer to the following articles to learn more about the Security Hub view: