Getting started with your company clusters
Last updated
Last updated
Company Clusters are what makes you you. If the Threat Library is what you are defending against, then Company Clusters are what you are protecting in the first place. These can be classified as assets, attack-surface, supply chain, data, people and 'others'. They can also be your company's name (brand), sector and region.
One type of asset equals one asset cluster in Liberty91. For example, if you use FileZilla in your organization, then FileZilla would be a cluster, and its classification would be 'asset'. Inside the cluster could be (this is always the case), or related to the asset, or maybe or targeting that asset.
Your Company Clusters are grouped in the sidebar, under your organization. Under your organization's name, you'll find:
brand, sector and region
Assets
Attack Surface
Supply Chain
Data
People
There are two reasons for us to break it down this way:
It helps our AI-stack understand what is what in your organization (Filezilla is an asset and not a threat, for example).
It helps to keep things organized and gives you a clean User Interface.
Other than that, there is no real difference. That's why you shouldn't overthink this: if you are creating new Company Clusters and you're not sure if something is a Supplier or part of your attack-surface, then both are good options. Just pick one, it's fine.
When you go through the , you will (a cluster with 'company' classification), one for your country (a cluster with 'region' classification) and/or one for your sector (a cluster with 'sector' classification). Those will be grouped under brand, sector and region.
You can create new Threat Clusters via the sidebar and the workbench, but they both lead to the Cluster Creation page.
You can create clusters manually, by populating and uploading our excel template, by uploading a csv-file, or by using an integration. Every one of them is easy.
Go to 'add new clusters' in the sidebar.
When you're ready, click 'submit'
Peter works at a Financial Institution and wants to add the 'Society for Worldwide Financial Telecommunication' (SWIFT) as an asset, and WordPress as an attack-surface element. For the first row, he provides 'Society for Worldwide Financial Telecommunication' as Asset Name, sets the Criticality to 'Severe', sets Asset Type to 'Asset' and provides 'SWIFT' as a keyword.
In the second row, he sets WordPress as the Asset Name, sets criticality to Low, provides 'attack surface' as Asset Type, and leaves Keyword empty.
Using the Excel Spreadsheet is quicker and easier. You'll provide the same information as on the website, but it is much easier to copy-paste information from other documentation you might have internally. It will also allow you to share the spreadsheet with your colleagues, who might want to monitor for the same things.
Go to 'add new clusters' in the sidebar.
Click on 'Upload Excel Spreadsheet'
Download the template excel spreadsheet
Fill in the excel spreadsheet following the same steps as with the 'manual' example above
Save and upload your excel spreadsheet
The manual-upload page will appear, but it will be populated with the data from your excel spreadsheet.
Click on 'submit'
You can't use your own excel-spreadsheet, or change the lay-out or design of the template. The filename doesn't matter, but Liberty91 expects to receive the excel-template's lay-out to create new clusters.
Adding clusters with a CSV-file is a convenient way of creating new clusters in bulk. Our users use this feature when they export a list of vendors or assets from another tool, for example. Just make sure the format is correct.
Go to 'add new clusters' in the sidebar.
Click on the 'Upload CSV-file' button
Upload your CSV-file
Company Cluster cards are extremely useful for asset owners and vulnerability managers. Consider this Card for FileZilla:
By creating the card, Liberty91 attempts to find relevant reports and events, and based on those, it will generate an accurate, up-to-date. abd relevant threat assessment for this asset. Asset Owners, Vulnerability Managers and even CISO's use this type of alerting all the time to drive patching and reducing cyber risk.
These are clusters sometimes created by us, which we think you might find useful. If there is another critical vulnerability in Ivanti, for example, or a new conflict breaking out with a cyber-component, we might create one for you to simply copy-paste. We'll let you know if there are new featured clusters available.
Here you can bulk-add new clusters to your profile. Provide the name of the assets, suppliers, et cetera. Also provide their (ie: how important they are to you), the type of asset, and optional keywords.
