Skip to content

Administration

On the Admin page of Nanitor, administrators can access the following sections: Account Settings, Organization Management, and System Management. Each section contains various settings that allow you to manage your organization and its assets effectively, as discussed in more detail below.

The Administration page can always be accessed by clicking the Admin icon in the upper right corner of the UI.

The Administration page in the Nanitor UI

Note that as a user, you will only see the sections that you have access to, the others are grayed out. All users will see the "Account Settings". However, "Organization Management" is only available for organization admins, and "System Management" is only available to the system admin that manages the Nanitor instance.

Account Settings:

This section contains settings that are specific to the user who is currently logged into Nanitor. Here, you can view and edit your personal information, change your password, enable two-factor authentication, and switch between organizations.

Profile: In this section, you can view and edit your personal information, such as your name, email address, and phone number.

Password: Here, you can change your password to ensure the security of your account.

Organization: This section displays the name of the organization that you are currently managing. An organization is where all you are assets and configurations belong, When you have set up more than one organization (multi-tenant feature), you can switch to a different organization by selecting it from the dropdown menu. Each managed organization in Nanitor requires a separate license.

Two-Factor Authentication: This setting allows you to enable two-factor authentication for your account, which provides an additional layer of security.

For a detailed guide: see the guide for User Account Settings.

Organization Management

This section is where you can manage the settings that are specific to the organization that you are currently viewing. This includes configuring what triggers an issue creation, selecting compliance frameworks, enabling and configuring benchmarks, downloading agents and standalone collectors, creating notification rules, viewing the Nanitor license information, managing asset labels, and setting up and configuring collectors. You can also create API keys for users to use the Nanitor Public API and configure asset archival rules to determine when assets should be removed automatically due to inactivity.

Settings: This section allows you to configure the issue creation behavior for device issues, software issues, user issues, and open ports. You can also specify the issue type priority scaling factor and configure the issue priority age scaling factor. Additionally, you can select compliance frameworks and set a primary compliance framework. You can also view and configure the benchmarks for the organization and set its priorities. Moreover, you can toggle on/off the Vulnerabilities support, Network discovery, Active directory discovery and Automatic agent upgrades. You can also set the organization slug and specify a log server for SIEM integration. Finally, you can set the health score target and toggle "Limit user sessions" on/off.

Users: In this section, you can view a list of all the Nanitor users added to the organization and their permissions. You can also invite new users by specifying their email addresses and permission level.

Downloads: Here, you can download all the available agent and standalone collector packages for monitoring assets. The downloaded installers can be used for installation on your assets or with a software distribution tool like SCCM.

Notification Rules: This section allows you to create notification rules that define a condition triggering a notification to be sent out through email or a Slack channel. A condition in that sense could be when a new, highly rated vulnerability has been detected or the scope of one of your remediation projects has been changed. Notification rules are helpful to watch for any kind of events in Nanitor without the need to do a due diligence after logging into Nanitor.

License: In this section, you can view information on the Nanitor license for the organization, including identifiers, created date, allowed assets, trial license status, and expiration date. You can also enter a new license key to update the license.

Labels: This section displays the list of asset labels defined in the organization. You can view the asset priority rating defined for each label, and the assignment rules used to automatically assign devices to the label.

Collectors: This section lists the installed collectors and provides a way to nominate assets to become collectors. You can also view the credentials and assets tabs, which show the credentials defined and collected assets, respectively.

Version: Here, you can view information about the Nanitor version installed on the server.

PII (Personally Identifiable Information): This section allows you to enable PII search for credit card numbers, USA social security numbers, UK national insurance numbers, and email addresses. Once the PII functionality is enabled the Nanitor agents will look for possible matches and report any findings. Nanitor will create an issue for all findings of the issue type PII.

PII Ignore List: This section allows you to define ignore patterns and paths to deal with false positives that come up in PII.

API Keys: In this section, you can create API keys for the user to use the Nanitor Public API.

Asset Archival: This section displays the asset archival rules and allows you to configure the period before auto-archival or whether only manual archival is allowed.

System Management Settings

In this section, you can manage the settings that are common to all organizations for the Nanitor instance. This includes viewing and managing benchmarks, users, SAML identity providers, organizations, and agents. You can also create a new organization on this page.

Benchmarks: This section displays all the benchmarks that are imported into the Nanitor instance and their information, such as name, CIS version, Nanitor revision, created at, and description.

Users: This section displays a list of all the users added to the Nanitor instance.

SAML Identity Providers: This section allows you to add and download service provider metadata to set up the IDP for SAML.

Organizations: This section displays a list of organizations added in the instance.

New Organization: Here, you can create a new organization by providing a new slug and a license key.

Agents: This section lists all the available agents that can be downloaded and installed for the instance.

Common use cases

Frequent use cases related to the Administration include:

  • Inviting users to join my organization

  • Adding application benchmarks to an organization

  • Enabling SAML authentication for my organization

  • Configuring 2FA for signing into my account

  • Downloading agents to deploy on assets

  • Adding collected devices

  • Enabling PII search for credit cards

  • Defining asset labels

  • Assigning asset labels automatically based on specified conditions

  • Priority rating assets: We recommend doing this on a per-label basis, i.e. going to the Labels settings and assigning a default Asset Priority assignment for each label.