CISO Assistant
  • 👋Welcome to CISO Assistant
  • Guide
    • Installation
    • Understanding decoupling
    • General tips
    • Journeys
    • 🏗️Creating your first perimeter
    • ✅Creating your first Audit
    • 📊Creating your first risk assessment
    • 🔎Overview
    • 🧰Extra tools
    • 🌐External resources
    • Understand mapping
    • Glossary
    • Data import wizard
  • Features highlight
    • Controls autosuggestion
    • Multi-level support
    • Flash mode
    • Evidences from clipboard
    • Library upgrade
    • Mapping explorer
    • SSO
      • Microsoft Entra ID
      • Okta
      • Keycloak
      • Google Workplace
    • Setting up Multi-Factor Authentication (MFA)
  • Model
    • 📁Organization
      • Add and manage users
      • User Groups
    • ⚙️Context
    • 🏛️Governance
    • 💣Risk
    • 📋Compliance
  • Deployment
    • Prerequisites
    • Local
    • Remote/Virtualization
    • Deploy on a VPS
    • Frequent questions
    • Setting up mailer
    • Updating your local instance
    • Helm Chart
    • Special cases
    • Upgrading a library
  • ✨Customization
    • Getting your custom framework
    • CIS Controls
    • Changing the language
  • Contributing
    • Internationalization
      • Translating the interface
    • Submit a library
  • Academy
    • Overview
    • Third Parties Risk Management
    • Etude EBIOS RM
Powered by GitBook

Community

  • Github
  • Discord

intuitem

  • Home
  • SaaS trial

© intuitem, 2018-2024

On this page

Was this helpful?

Export as PDF
  1. Deployment

Remote/Virtualization

Experimenting CISO Assistant through remote server or hypervisor

PreviousLocalNextDeploy on a VPS

Last updated 2 months ago

Was this helpful?

New: Use the config builder at the config folder of the repo for an interactive and reliable experience.

Let's say that you want to setup or experiment with CISO Assistant on a Network or Virtualized environment (eg. Hypervisor) on a remote host, for instance, to use with multiple users:

  • Install a recent version of Docker on your remote server

  • Given that we are using TLS with Caddy, we need to have DNS entries and not IPs

  • The workstations need to be able to reach the remote using an FQDN (DNS entry). If not you can add an entry on your /etc/hosts. Keep track of the remote server DNS as you'll put it on the next step, let's say the remote is cool-vm for instance

  • Clone the repo, but don't run anything yet. Edit the docker-compose.yml file as follows: (red is for deletion and green for addition); your diff should look like:

  • Five lines need to be edited. Save the file and move to the next step

If you're getting SSL_ERROR_INTERNAL ERROR_ALERT (Can be different on other browsers) blocking you from continuing, make sure that you've made the 5 changes above.

The tls internal (equivalent to -i in CLI mode) parameter of Caddy can present some security issues and is not recommended for production and internet exposure. You should consider proper certificates for that.

You're all set, and you can simply run:

./docker-compose.sh

Your CISO Assistant can be reached now from https://cool-vm:8443, and you can skip the SSL warning for the self-signed certificate.