Customer Requests

Currently, making changes to XCS settings on the agent requires direct intervention on the endpoint, which is both inconvenient and disruptive to the user. Essential tasks such as adding applications to the Virtual Desktop, resetting containment, launching a Virtual Desktop session, and creating application shortcuts can only be performed locally. To streamline management and enhance security, there needs to be an option to modify all XCS settings directly through the portal, including but not limited to: - Adding/removing applications in the Virtual Desktop - Resetting containment without requiring user interaction - Launching Virtual Desktop sessions remotely - Creating and deploying application shortcuts for the Virtual Desktop - Adjusting other agent settings such as those found in the advanced tasks, DLP tasks, firewall tasks, and containment tasks tabs without manual endpoint access Currently, some changes require modifying profile settings to allow user overrides, which contradicts security best practices. Enabling full administrative control via the portal would eliminate the need for user intervention while maintaining security and operational efficiency. Implementing these capabilities would significantly improve the management experience and reduce disruption for both administrators and end users.

We would like the platform to include industry-standard security compliance templates that can be used to assess and verify whether a client is complying with common security standards such as: HIPAA (Health Insurance Portability and Accountability Act) GDPR (General Data Protection Regulation) SOC 2 (System and Organization Controls) PCI-DSS (Payment Card Industry Data Security Standard) ISO 27001 (Information Security Management System) NIST CSF (National Institute of Standards and Technology Cybersecurity Framework) CIS Controls (Center for Internet Security) These templates should allow for a checklist-style audit or compliance assessment where the platform can automatically compare a client’s environment against the necessary security requirements for each framework. We also need a feature that allows us to check and monitor compliance in real-time or through periodic assessments. This should involve: An easy-to-read dashboard or portal view where we can quickly see if a client is in compliance or if there are any gaps. The ability to track and alert when a client falls out of compliance or needs an update (e.g., outdated encryption, insufficient data protection measures, etc.). Automated reminders and alerts for upcoming compliance deadlines, audits, or renewals. It would also be incredibly helpful to generate a professional, high-level executive report on a client’s security compliance status. This report should include: An overview of compliance with industry standards. A summary of security gaps or issues preventing full compliance. Risk assessment and priority actions required to close any gaps. Visual elements (e.g., graphs, risk heatmaps, compliance scores) to make the report more digestible for business decision-makers. A clear executive summary with high-level insights that are suitable for stakeholders without technical expertise. We would greatly appreciate the ability to generate these reports at the click of a button and have them available in a polished, client-friendly format (PDF or similar).

When trying to patch vulnerabilities based on their CVE, there is no way to check on the status of the patch job after you select the Vulnerability Name and then click on install patch.

To enhance the sales process and demonstrate the value of Xcitium's security solutions to potential customers, we propose the development of a comprehensive risk assessment report. This report would provide a detailed analysis of the prospect's current cybersecurity posture, highlighting potential vulnerabilities and quantifying the financial impact of a cyberattack. Report Components: Executive Summary: A concise overview of the prospect's security risks and potential financial losses. Threat Landscape Analysis: An assessment of the current threat landscape relevant to the prospect's industry and geographic location. Vulnerability Assessment: Web Vulnerability Scanning: Identification of vulnerabilities in the prospect's web applications and infrastructure. Dark Web Monitoring: Detection of leaked credentials, exposed data, or other indicators of compromise. Cloud Footprint Analysis: Assessment of the prospect's cloud infrastructure for misconfigurations and vulnerabilities. Domain Analysis: Evaluation of the prospect's domain security, including potential for phishing or impersonation attacks. Unknown File Analysis: Scanning for potentially malicious or suspicious files within the prospect's network. Financial Impact Analysis: An estimation of the potential financial losses that could result from a cyberattack, including direct costs (e.g., data recovery, incident response) and indirect costs (e.g., lost revenue, reputational damage). Recommendations: A prioritized list of actions the prospect can take to mitigate identified risks, with a clear explanation of how Xcitium's solutions can address these vulnerabilities. Data Sources: The report would leverage data from various Xcitium tools and services, including: Threat Hunter Assessment Tool Dark web monitoring tools Cloud footprint tools Web vulnerability scanning Internal threat intelligence Benefits: Powerful Sales Tool: Equip MSPs and sales teams with a compelling tool to demonstrate the value of Xcitium's solutions to potential customers. Increased Customer Acquisition: The report's detailed analysis and financial impact assessment can help persuade prospects to choose Xcitium for their security needs. Enhanced Customer Relationships: By providing valuable insights into their security posture, the report can help build trust and credibility with potential customers. Competitive Advantage: A comprehensive risk assessment report can differentiate Xcitium from competitors who may not offer a similar level of analysis. Additional Considerations: Customization: Allow for white label and customization of the report based on the prospect's industry, size, and specific security concerns. Delivery: Offer the report in various formats (e.g., PDF, presentation) for easy consumption and sharing. Follow-up: Encourage follow-up conversations with prospects to discuss the report findings and propose solutions.

To enhance the value Xcitium provides to its customers and MSP partners, we propose the implementation of detailed security review reports. These reports would be generated on a monthly basis for continuous monitoring and in a more comprehensive format for quarterly review meetings. The goal is to provide customers with a clear understanding of their security posture, its evolution over time, and the value delivered by Xcitium's solutions. Report Components: Executive Summary: A concise overview of the customer's security posture, key findings, and recommendations. Security Score: A numerical representation of the customer's overall security health, derived from multiple factors. Asset Inventory and Analysis: Employees, devices, IPs, domain names, and other relevant assets. Analysis of asset vulnerabilities and potential attack vectors. Threat Detection and Response: Details from Xcitium XDR, including detected threats, attempted attacks, and successful mitigations. Incident response summaries from the SOC, highlighting the effectiveness of Xcitium's interventions. Vulnerability Management: Overview of vulnerabilities discovered by Xcitium and external scans.Progress on remediation efforts and reduction of the attack surface. Cloud Security: Assessment of cloud applications and infrastructure for misconfigurations and vulnerabilities. Analysis of cloud footprint changes and potential security implications. Threat Intelligence: Identification of new unknown files, leaked credentials, and other indicators of compromise.Actions taken to mitigate threats and protect sensitive data. User and Device Posture: Evaluation of user behavior and device compliance with security policies. Identification of potential risks and opportunities for improvement. Support and Service: Summary of tickets and support interactions, highlighting the responsiveness and effectiveness of Xcitium's customer service. Data Sources: The reports would aggregate data from various Xcitium tools and services, including: Threat Hunter Assessment Tool Dark web monitoring tools Cloud footprint tools Web vulnerability scanning Xcitium XDR SOC incident logs User and device activity logs Ticketing and support systems Benefits: Enhanced Customer Communication: Provide customers with transparent and actionable insights into their security posture. Demonstrated Value: Showcase the effectiveness of Xcitium's solutions in mitigating risks and improving security. Improved Customer Retention: Build stronger relationships with customers by providing ongoing value and demonstrating a commitment to their security. Upsell Opportunities: Identify areas where additional Xcitium products or services could further enhance the customer's security posture. Additional Considerations: Customization: White label reports should Allow for tailoring of the report to the specific needs and preferences of each customer. Scheduling and Delivery: Automate report generation and delivery for both monthly and quarterly reviews. Interactive Dashboards: Supplement the reports with interactive dashboards for real-time visibility into key security metrics.

Default password 8 dig but some customer min requirement is 12 dig could we add password default dig config for customer?

Customers are complaining that the data exported from Global Software inventory is too concise. It should be able to at least export the installed device name for a certain software or export the software inventory for a certain device. This is required for the endpoint manager functionality.

Add Category based Web filters and access to control Web filters through Xcitium platform

It would be very beneficial to add dark web monitoring.

This page still has Xcitium's Endpoint Manager logo vs my White Labeling logo. Request that this page be able to be customized and logo should be inline with White Labeling standards of customer.