# Cyber Crucible On-Boarding Process

# On-boarding Process

<div id="bkmrk-created-by-mark-weid"><div class="aui-page-panel"><div id="bkmrk--2"><div id="bkmrk--3"></div></div><div class="view"><div class="page-metadata">Created by <span class="author"> Mark Weideman</span>, last modified on May 15, 2024</div><div class="wiki-content group"><div class="toc-macro rbtoc1779133376552">- [Group Management](#bkmrk-group-management)
- [Setting up Agent Security Alerts](#bkmrk-setting-up-agent-sec)
- [Agent Installation Planning Best Practices](#bkmrk-agent-installation-p)
- [Installing the Agent](#bkmrk-installing-the-agent)
- [Update Strategies for Groups and Agents](#bkmrk-update-strategies-fo)
- [How to Investigate the Root Cause of an Extortion Response](#bkmrk-how-to-investigate-t)
- [Tailored Behaviors](#bkmrk-tailored-behaviors)
- [Rest Integration](#bkmrk-rest-integration)

</div></div></div></div></div># Group Management

Before installing agents, users may want to prepare by setting up their groups. Follow the Group Management instructions [here](https://knowledgebase.cybercrucible.com/books/group-management).

# Setting up Agent Security Alerts

Users may setup email notifications for security events including ransomware activities, abnormal identity accesses, and offline agents. Instructions can be found [here](https://knowledgebase.cybercrucible.com/books/security-email-notifications).

# Agent Installation Planning Best Practices

Some environments have similar user, application, and system behavior and configuration throughout their business. Others have specialized groups that behave differently, such as a sales team versus a division of software engineers.

Deployment and configuration is so fast that taking a couple minutes to plan an installation to a subset of desktops or servers that share the same business behaviors or applications will allow you to assess if any applications need to be accounted for.

Additionally, it is highly common to find Cyber Crucible discover previously unknown (and unauthorized) management software and VPNs, unauthorized admin scripts, mis-configured software, or even infections during initial rollout.

# Installing the Agent

When you are ready to install your agents, instructions can be found [here](https://knowledgebase.cybercrucible.com/books/how-to-install-cyber-crucible) and [here](https://cybercrucible.atlassian.net/wiki/x/AQDDCw)

# Update Strategies for Groups and Agents

To manage the update strategies for groups and agents, follow the instructions [here](https://cybercrucible.atlassian.net/wiki/spaces/CYB/pages/29130753/How+can+I+manage+update+strategies+for+groups+and+agents).

# How to Investigate the Root Cause of an Extortion Response

The Extortion Response page can be found under the Operations tab in the sidebar. The instructions on how to investigate the root cause of an alert can be found [here](https://cybercrucible.atlassian.net/wiki/spaces/CYB/pages/4948043/How+can+I+investigate+the+root+cause+of+an+alert).

# Tailored Behaviors

Instructions on creating tailored behaviors can be found [here](https://knowledgebase.cybercrucible.com/books/application-whitelisting).

# Rest Integration

Some users may wish to integrate with our rest server. The Rest Integration page with documentation can be found on our [website](https://dashboard.cybercrucible.com/login) under the Administration tab in the sidebar.

<div id="bkmrk-"><div class="aui-page-panel" id="bkmrk-created-by-mark-weid-1"><div class="view" id="bkmrk-created-by-mark-weid-2"><div class="wiki-content group" id="bkmrk-%2F%2A%3C%21%5Bcdata%5B%2A%2F-div.rb"></div></div></div><div id="bkmrk--4"></div></div>