====== Screener Web UI Overview ====== ===== Login Screen ===== Just a beautiful Login Screen. Nothing interesting, keep looking, stranger. If it is required to reset password, please use the [[screener_first_time_configuration_script|first time configuration script]]. {{ :login_screener.png?400 |}} ===== Dashboard ===== A brief overview of the events related to incident reports. \\ It is possible to know the top 10 reported domains, top 10 reporters, and so on. {{ :dashboard_1_scr.png?600 |}} {{ :dashboard_2_scr.png?600 |}} ===== Incidents ===== The incidents can be: \\ * Sorted by user's convenience * Reported as an abuse * Exported to CSV * Deleted * Status can be changed * Resolution can be changed {{ :incidents_screener.png?600 |}} ===== Simulations ===== The page that helps to review phishing simulations performed by LUCY. {{ :simulations_screener.png?600 |}} ===== Settings ===== ==== General Settings ==== Shows the version of the product, Workstation ID. It is possible to change the Timezone, set the Dangerous Threshold Value, and allows not to record phishing simulations. {{ :general_settings.png?600 |}} ==== Users ==== Nothing special, just a user management page.\\ It is possible to add, change, or remove a user. \\ The same words but more [[screener_users|here]]. {{ :users.png?600 |}} ==== Yara Dictionaries ==== More [[screener_yara_dictionaries|here]]. {{ :yara_dictionaries.png?600 |}} ==== Yara Rules ==== More [[screener_yara_dictionaries|here]]. {{ :yara_rules.png?600 |}} ==== Custom Rules ==== A webpage that allows configuring [[screener_custom_rules|Custom Rules]] for score assigned to an incident. {{ :custom_rules.png?600 |}} ==== Analyzer Score ==== TBD {{ :analyzer_score_screener.png?600 |}} ==== Mail Templates ==== Within this section, user can add, edit and store mail templates for incident notifications, abuse emails and Autoresponder. There are already several pre-defined templates that Screener uses by default. {{ :mail_templates_screener.png?600 |}} A new template can be created by clicking the **+Add** button. Fill in the **Name** and the **Subject** of the email then choose **Template Type** from the according drop-down. The email body can be either configured inside the built-in editor or uploaded in HTML format (the **Upload HTML** button). {{ :new_mail_template_screener.png?600 |}} Mail template types are **Auto Responder** (the response that user receives after submitting report), **Incident Expiration** (notification reminder) and **Abuse** (email sent to hosting providers of phishing domains). All three types support unique variables that allow personalizing emails. **Abuse** variables: - %domain% - %email% - %time% **Incident Expiration** variables: - %expCount% (number of expired reports) **Auto Responder** variables: - %subject% - %sender% - %score% - %domainScore% - %headerAuthenticationScore% - %regexScore% - %spamAssassinScore% - %yaraScore% ==== Mail Settings ==== TBD {{ :mail_settings_direct.png?600 |}} {{ :mail_settings_smtp.png?600 |}} ==== Abuse Settings ==== TBD {{ :abuse_settings.png?600 |}} ==== Autoresponder Settings ==== TBD {{ :autoresponder_settings_screener.png?600 |}} ==== Simulation Reporter Settings ==== TBD {{ :simulation_reporter_settings.png?600 |}} ==== Incident Expiration Reporter Settings ==== TBD {{ :iers.png?600 |}} ==== SSL ==== Menu to configure the [[screener_domain_ssl_configuration|SSL]]. {{ :upload_ssl_screener.png?600 |}} ==== Logs ==== This web page allows downloading Screener logs. In the drop-down list there are 2 options: * Screener app logs * Nginx (Web Server) logs. It is possible to download both. {{ :screener_logs.png?600 |}} ===== Plugins ===== This add-in gives your users a safe way to forward suspected Emails with only one click and have them analyzed automatically in Screener. The tool empowers users to proactively participate in an organization’s security program and makes it easy for your employees to report any suspicious email they receive. ==== O365 ==== The Outlook 365 button works the same as the Outlook client – just for the web-based Outlook access 365. For its work, it is necessary to have a network connection between LUCY and O365 server in case if you use a web browser as a client, and a network connection between Screener and user's workstation in case if a desktop client is used. The XML is the file that needs to be installed for O365. More [[screener_o365_plugin|here]]. {{ :o365_1_scr.png?600 |}} {{ :o365_2_scr.png?600 |}} ==== MSI ==== Menu to configure the MSI plugin. \\ Detailed overview [[screener_msi_plugin|here]]. {{ :msi_settings.png?600 |}} {{ :msi_settings_2.png?600 |}}