Security Tools

The security tools script allows you to manage security settings.

The security tools script is located in the /opt/cybereason/support_tools folder and is called The following table describes the available security tools:



How to execute

Manage consul access

Block access to Consul from all IP addresses except Cybereason Server IPs. This tool does not apply to Cybereason application components.

Block: python3 /opt/cybereason/support_tools/ -p <>

Unblock: python3 /opt/cybereason/support_tools/ -p <> -u

Where represents the first two octets in the IP address of the Cybereason Servers. Note: If the Cybereason Servers are deployed on different networks, run the script once for each Network Address.

Manage TLS

Enable/disable secure communication between sensor and server (TLS version 1.2 and higher).

Enable: /usr/local/bin/ansible-playbook /opt/cybereason/support_tools/pb_control_disabled_tls_versions.yml -e "action=enable"

Disable: /usr/local/bin/ansible-playbook /opt/cybereason/support_tools/pb_control_disabled_tls_versions.yml -e "action=disable"

Manage Management UI access

Allow/prevent access to the On-Prem Management Server UI via browser. From 21.2.525 and higher - see Management UI Hardening Script.

Block: python3 /opt/cybereason/support_tools/

Unblock: python3 /opt/cybereason/support_tools/ -u