DeepSurface: Hosts
DocumentationInstallation GuideOverviewLet DeepSurface Host For YouGetting StartedSystem RequirementsSelf Hosted Quick Start - Installing to Cloud PlatformsSelf Hosted - Installation Using an OVARegistration, Package Installation, and InitializationFirst Steps After Initialization of the ConsoleDeployment OptionsMain and Subordinate ConsolesAgent-Based DeploymentUser Managed Scan DeploymentCredentialed Scanning DeploymentMixed EnvironmentDeployment ToolsActive Directory Group PolicyMicrosoft Endpoint Configuration Manager (part of InTune)Tanium DeployHCL BigFixIvantiVirtual MachinesVMWareVirtual BoxVirtualBox Guest AdditionsAWS EC2 (BYOL)AWS EC2 (Usage Based)Azure CloudGoogle CloudAdditional Items to ConsiderMain Console Server CertificatesLDAPTOFUClock SyncDeepSurface CommandsMultiple Vulnerability SourcesAPI DocumentationUser GuideReportingDashboardsExportsRisk InsightHostsPatchesVulnerabilitiesVulnerability InstancesUsersRemediation Workflow ManagerPlansSettingsIntegrationsWorkflowExportingAccepted Risk PlansAccepted Risk WorkflowExploreModelPathsActivityTasksConfiguration AlertsScan LogsNotification SettingsScanningStatusAgentsUser ManagedCredentialed Scanning SettingsCredentialsScan GroupsGeneral SettingsCloud ScanningNetwork ConnectivitySubordinatesVulnerability SourcesSetupSensitive Assets: PolicesSensitive Assets: ManualAdmin SettingsSMTP SettingsCertificatesOutbound ProxyAuthentication ProvidersUsersTagsIntegrations GuideVulnerability SourcesCrowdStrike SpotlightSentinelOneCarbon Black CloudMicrosoft Defender for EndpointWazuhLansweeper CloudNessus APITenable.io APISecurity Center/Tenable.sc APIRapid7 InsightVM APIQualys APINozomi GuardianEclypsiumAWS InspectorRemediationJira SoftwareTanium (BETA)Authentication ProvidersLDAP (Active Directory)SAML (Azure Active Directory)SAML (Google)SAML (Okta)PAMCyberArkDelinea (Thycotic)Microsoft LAPSSecurity GuideFirewall ConfigurationBase Network RequirementsAgent Network RequirementsCredentialed Scanning Network RequirementsAPI Network RequirementsHow DeepSurface Scans WorkDomain (LDAP) ScanningHost Scanning RoutineReasons for the Administrative Access RequirementEndpoint Protection ConsiderationsOther ItemsScope of Data Storage and RetentionIPS/IDS ConsiderationsLoggingResetting the DSADMIN passwordProduct InformationChangelogsOpen source LicensesEnd User License Agreement (EULA)

The hosts report answers the question, what hosts pose the greatest risk to my environment? By default, the main page of the
hosts report shows the top 100 hosts that carry the most risk in your environment. This can be filtered down to your liking (as described in the previous section) and clicking on any of the host items in the report will bring you to the detail page
for that host.

Filtering
Host, patch, vulnerability, and vulnerability instance reprots all have robust filtering options. To learn more about filtering see the Filtering Section of the help documentation.
Exporting
Any report can be exported as an Excel spreadsheet or PDF. For more information on exporting, see the Exporting Section of the help documentation.
Detail View
Detail pages in general are discussed in the common elements section, but a host detail page has some unique sections and elements that are discussed below:
1. The Summary Panel: the summary panel gives you a broad and high-level overview of what DeepSurface knows about a particular host. Starting at the top, the summary panel tells you:
- When/if a host was last scanned by DeepSurface and any third party vulnerability source(s)
- A breakdown of all the vulnerability instances present on this host
- High-level counts of all patches needed, vulnerabilities present, and critical sensitive assets
- A breakdown of the exploit status of all the vulnerabilities present on this host
- A breakdown of the CVSS scores of all the vulnerabilities present on this host
- All of the identifiable information and notable software that installed on this host

2. Risk Factors: On the "Risk and Remediation" tab (open by default), there is a section unique to a hosts detail page. To help users better understand the factors that contribute to assigning a risk rating and reduction score to a host, DeepSurface provides a breakdown of contributing factors. Contributing factors could include:
- Vulnerability attack scenarios
- Vulnerable users at risk
- Exposed Sensitive Assets
- Known exploited vulnerabilities present
To learn more about any of these contributing factors, click on the link provided and do a deep-dive into every element presented.
3. Vulnerabilities and patches: A list of all vulnerabilities present (both with and without patches) and all missing patches for a given host can also be found on the "Risk and Remediation" tab. If there are more than 200 present of any of these categories, you can follow the link to take to the corresponding report, filtered by this host:

4. DeepSurface scanning tab: The hosts detail page includes a tab that is unique to only this report. The "DeepSurface Scanning" tab gives you an insight into the information and status that DeepSurface received from the most recent scan of this host. The status of the most recent scan, as well as any pertinant logs will be displayed here as well. If a host was only reported by a third party vulnerability source, but not scanned by DeepSurface in any way, then a message and status alerting you to that will be displayed instead.