•Publish Messages in Home Module: Messages can be published that will then appear in the Home module to all or only certain users after they sign in. These can be created in an HTML editor and include images. The editor offers a number of features for creating these, which allows files to be attached and previews of the final version. Expiration dates can also be set for individual messages so that they are no longer displayed in the Home module.
•Audit Log: View and manage the record of system activities.
•Customize Notifications: Notifications sent to users via e-mail on their assignments, their activities in the system, and other events of interest can be fully customized or disabled. In addition, a number of pre-configured variables are also available for use in these messages.
•Projects: Configurations for projects can be changed, such as whether risk and compliance interviews will be sent automatically or manually to reviewers and whether interviewees and reviewers will be able to download certain documents for interviews. The default templates for these documents can also be customized and restored. In addition, users can create custom justifications for accepting risks and non-compliances, as well as disable those provided by Modulo.
•Interface Options: System administrators can modify certain default settings for the interface, including the default system language, whether or not graphs and maps will be displayed throughout the various modules, the number of items to be displayed in lists, the theme for the interface, and the system logo.
•Create Workflow Rules: Rules can be created for a number of system elements so that certain actions take place automatically if the conditions set in the rule are true.
•Customize the Risk Score: The default formula used to measure the risk associated with vulnerabilities can be customized or restored.
•Create Object Types: Custom types of assets, events, and other default and custom system objects can be created, allowing attributes to be applied to one or more types instead of the object as a whole.
•Create Objects and Attributes: Custom system objects can be created in the Administration module for use through the API. Attributes can be created for all registered and future types of custom and default objects, appearing as new fields for submitting different types of content (attachments, links, plain text, etc.). Each attribute can be set as a required field in the object.
•Event Layout Editor: The order of tabs in events can be changed, tabs can be hidden, default values can be provided for required fields, custom tabs can be created, and access control for each tab can be managed for system profiles and Workflow roles.
•Module Editor: Custom modules can be created with their respective sections. These sections may contain external pages, which can be browsed directly within the main interface, or areas for managing instances of the custom objects registered in the system. Each module can be enabled or disabled as necessary.
•Customize Scales: The main metrics and indicators used by the system can be edited, allowing their intervals, colors, names, and descriptions to be adapted to your organization’s needs.
•Access Control: The access control model is based on profiles and roles, allowing for greater flexibility when configuring permissions. A number of default access profiles are provided with the system, and custom profiles can also be created. Users automatically inherit all permissions granted to each profile and role to which they are assigned. The system comes with a set of pre-configured permissions for the roles and profiles supported so that users can simply be included in profiles or assigned to roles in order to have the permissions to perform their activities. The permissions granted by default can be edited and, if necessary, can be restored.
•Access Control Queries: You can create queries to view information on who is included in profiles and roles, as well as view information on the people included in the audience of system queries, dashboards from the Data Analytics module, and generic reports from the Organization module.
•Integration Tasks: Routines can be created for integrating the system with other services and systems. These tasks can be scheduled to import objects from an LDAP directory; import vulnerabilities detected by scanners and map these vulnerabilities to assets in the organizational structure; import assets from a Qualys or NeXpose inventory or from an XML file; synchronize with Qualys remediation to automatically update Workflow events treating vulnerabilities; export query results to SQL tables; and more. They can be configured to run automatically at certain schedules, and the history of tasks with details on each can also be viewed. Note that tasks for importing objects from XML files are also available in SaaS environments.
•Online Support: Updates and technical support are provided for system installations with valid Service Level Agreements (SLA). Through the Support Portal you can register occurrences, ask questions, and access procedures, knowledge articles, the product life cycle policy and user manuals.