Security Audits

Run security audits, understand scores, and interpret results.

What is a Security Audit?

A VigilPrism security audit evaluates your system against security best practices. Each audit:

  • Runs 55+ checks on Windows or 60+ checks on Linux
  • Generates a security score (0-100)
  • Identifies misconfigurations and vulnerabilities
  • Provides remediation guidance for each finding

Running Audits

From the Dashboard

  1. 1. Navigate to Systems → select an agent
  2. 2. Click Run Audit
  3. 3. Select audit type (Full Audit recommended)
  4. 4. Click Start Audit

From the Agent (CLI)

# Full audit
sudo vigilprism-agent --audit-now
# Verbose output
sudo vigilprism-agent --audit-now --verbose
Via API
curl -X POST http://server:8000/api/v1/systems/{agent_id}/audit \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"type": "full", "include_vulnerability_scan": true}'
Understanding the Security Score
The security score (0-100) is calculated based on passed checks and severity of findings:
Score RangeGradeInterpretation
90-100AExcellent - security best practices followed
80-89BGood - minor improvements needed
70-79CAcceptable - notable gaps exist
60-69DPoor - significant security issues
0-59FCritical - immediate action required
Severity Levels
Critical
Immediate security threat. Active vulnerabilities or missing fundamental controls.
Examples: Firewall disabled, default credentials, unpatched critical CVE
Action: Fix within 24 hours
High
Significant security weakness. Exploitation is possible.
Examples: Weak password policy, no antivirus, SSH root login enabled
Action: Fix within 1 week
Medium
Security gap that increases risk. Weakens defense-in-depth.
Examples: No account lockout, system logging disabled, excessive file permissions
Action: Fix within 1 month
Low
Minor security improvement. Best practice deviation with minimal immediate risk.
Examples: Missing security headers, non-optimal DNS config
Action: Plan for future fix
Check Categories
System Security
  • Firewall status
  • Disk encryption
  • Secure Boot
  • Antivirus status
  • Automatic updates
Authentication & Access
  • Password policy
  • Account lockout
  • Inactive accounts
  • Session timeout
  • MFA status
Network Security
  • SSH configuration
  • Open ports
  • DNS security
  • Network encryption
Audit & Monitoring
  • System logging
  • Log retention
  • Time sync (NTP)
  • Failed login monitoring
Remediation Guidance
Each failed check includes:
  • 1.Problem Description - What was found
  • 2.Risk Explanation - Why it matters
  • 3.Remediation Steps - How to fix it
  • 4.Impact Assessment - What might break
Example Remediation
# Finding: Firewall is not enabled
# Linux remediation:
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw enable
# Windows remediation:
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True
Exporting Reports
FormatUse Case
HTMLHuman-readable, shareable
PDFFormal reports, printing
JSONAutomation, SIEM integration
CSVSpreadsheet analysis
Export via API
curl http://server:8000/api/v1/audits/{audit_id}/export?format=pdf \
  -H "Authorization: Bearer $TOKEN" \
  -o audit-report.pdf
Previous
Agent Deployment
Next
Compliance Frameworks