Docs: User Guide - Home - Update content to reflect current XFD capabilities

[jennythompson8675309]

💡 Summary

Update https://docs.crossfeed.cyber.dhs.gov/

Motivation and context

At this time, the xfd application does not allow custom scanning, but the platform will allow CyHy customers to review results of WAS and VS reports.

Implementation notes

1. We recommend changing the first paragraph in the "About Crossfeed" section to read: Crossfeed is a web application with a self-service portal that collects and visualizes attack surface data from diverse sources to provide information about organizational assets. The tool continuously enumerates and monitors an organization’s public-facing attack surface in order to discover assets and flag potential security flaws.

2. We recommend changing the text under the "Analyze your entire inventory of public-facing sites" highlight to read: Crossfeed can discover all related subdomains from an organization’s root domain and help users understand if certain websites or webpages are unintentionally exposed. Crossfeed may even discover assets that users are not tracking as part of their inventory.

3. We recommend changing the text under the "Manage and triage your vulnerabilities" highlight to read: Users can view detailed information about CVEs on the Vulnerabilities page, including detection history, affected products, and additional references.

4. We recommend changing the title of the "Control Automated Scans on Your Assets" highlight to "Review Results of Recent Scans," and we recommend changing the text in this highlight to: Users who are enrolled in active scanning services offered by CISA will be able to review the results of these scans in Crossfeed as soon as the information is available, rather than waiting for a weekly report.

[jennythompson8675309]

Please also change this page to reflect the recent rebranding of this resource as "the CyHy Dashboard."

Updated version of request:

1. We recommend changing the first paragraph in the "About Crossfeed" section to read: The Cyber Hygiene (CyHy) Dashboard is a web application with that collects and visualizes attack surface data from diverse sources to provide information about organizational assets. The tool continuously enumerates and monitors an organization’s public-facing attack surface in order to discover assets and flag potential security flaws. Please also change the title of this section to "About the CyHy Dashboard"

2. We recommend changing the text under the "Analyze your entire inventory of public-facing sites" highlight to read: The CyHy Dashboard can discover all related subdomains from an organization’s root domain and help users understand if certain websites or webpages are unintentionally exposed. The web application may even discover assets that users are not tracking as part of their inventory.

3. We recommend changing the text under the "Manage and triage your vulnerabilities" highlight to read: Users can view detailed information about CVEs on the Vulnerabilities page, including detection history, affected products, and additional references.

4. We recommend changing the title of the "Control Automated Scans on Your Assets" highlight to "Review Results of Recent Scans," and we recommend changing the text in this highlight to: Users who are enrolled in active scanning services offered by CISA will be able to review the results of these scans in the CyHy Dashboard as soon as the information is available, rather than waiting for a weekly report.

[schmelz21]

This is OBE. Scope has changed and no requirements were derived for the initial portion of this task.