Skip to main content

CyTech AQUILA - Virtual Penetration Testing (Module)

Overview:

Virtual penetration testing is a controlled, authorized simulated attack on an organization’s systems that’s performed remotely (often against virtualized, cloud, or networked environments) to discover security weaknesses before malicious actors do.

Key Features:
  • Dashboard - shows overall asset status, recurring vulnerabilities, trends, and recent scan results.
  • Scan - lets users run different penetration tests, set scope, schedule, and monitor progress.
  • Reports - provide summarized findings with severity, remediation guidance, compliance mapping, and export options.

Let’s proceed to navigate the Virtual Penetration Testing Module kindly follow the instructions below:

Step 1: Log in to CyTech – AQUILA. https://usdc.cytechint.io/

Step 2: In the left side panel, you can see the list of six (6) domains, kindly choose and click the Risk Management (Domain) -> Virtual Penetration Testing (Module) -> Dashboard (Sub Module)

image.png

 "Dashboard (Sub-module)" - Virtual Penetration Testing (Module)

The Virtual Penetration Testing Dashboard provides an overview of asset status, highlights top recurring vulnerabilities, shows trends of detected and open vulnerabilities over time, and lists recent scans with their progress and completion status.

image.pngimage.png

Uses of Dashboard Sections (1–6)

  1. Asset Status - showshows the overall security health at 35% Medium, with a reminder to review and address vulnerabilities.
  2. Managed Vulnerabilities - currentlydisplays showsthe 0total accepted or mitigated issues,issues meaningto no vulnerabilities have been marked astrack resolved yet.findings.
  3. Top Recurring Vulnerabilities -  lists repeated issues such as CSP misconfigurations and missing cookie attributes, categorized by severity (Medium/Low) and last detected 70 days ago.severity.
  4. Detected Vulnerabilities Over Time - graph tracks vulnerabilities across recent days, broken down by severity levels (Critical, High, Medium, Low).levels.
  5. Recent Scans - table shows the last tests performedperformed, (e.g., NMAP, SSLyze, OWASP ZAP), along withincluding their targets, progressscan (100%),types, progress, and status (Completed).status.
  6. Open Vulnerabilities - chart provides a line trend of unresolved risks over a selected timeframetime (1 week, 1 month, 1 year).frame.

1. Asset Status
This section is the Asset Status view for monitoring asset vulnerabilities. It shows the overall asset risk level, the specific target being assessed, and its average risk rating based on scans. A detailed list of detected vulnerabilities is displayed, including the issue name, affected target, severity level, and the scan tool used. It also includes options to search, filter, and navigate through multiple pages of vulnerabilities, giving both a high-level risk score and a detailed breakdown of findings for remediation.

 image.png

2. Managed Vulnerabilities
This section will show you the risk that were reviewed and accepted based on organization risk appetite and mitigated risk, risks that have been addressed through remediation task. The search box in this section is designed to help users quickly locate specific vulnerabilities or scan results. It is paired with a filter option that allows narrowing results based on scan type (such as NMAP, OpenVAS, OWASP ZAP, or SSLyze) and selected targets. This makes it easier to focus on particular findings, streamline analysis, and avoid manually going through long vulnerability lists.

 image.png

3. Top Recurring Vulnerabilities 

 image.png

 image.png

4. Detected Vulnerabilities Over Time

 image.png

5. Recent Scans

 image.png

6. Open Vulnerabilities

 image.png

 

 

 

Back to top