Security
Setting up Multi-Factor Authentication (MFA) in the Security Tab
Multi-Factor Authentication
Securin offers three MFA techniques: email, authenticator application, and backup codes.
Email
The email method sends an authentication One-Time Password (OTP) to the email address associated with your account. By default, the email address used during signup is used for this purpose.
The Email with the OTP
If you have set up email as your preferred and only MFA method, you cannot remove the email address unless you set up another method.
Disabled "Remove" Option
Authenticator Application
The authenticator application enables you to receive secret codes to log in to your Securin ASM platform.
Setting up the Authenticator App
- Install an authenticator application (e.g., Google Authenticator, OAuth App, Microsoft Authenticator, etc.) on your handheld device .
- Scan the QR code on your account or enter the secret key in the authenticator application.
Setting up Backup Codes
- Enter the OTP received in the authenticator application's setup page and click Verify.
- Set the authenticator application as the preferred mode of MFA by clicking Set as Preferred.
Authenticator Application Options
- To remove or change the authenticator application's account, use the corresponding options provided.
- If you want to remove the authenticator application's account, click Remove in the right corner.
Remove the Application Setup
- If you want to change the authenticator application's account, click Change.
Change Settings in the Authenticator Application
- In the dialogue box that opens, click Yes to confirm.
The Confirmation Message to Change Settings in the Authenticator Application
- You will be shown another QR code and the secret key to help you set up a new account.
Backup Codes
Backup codes allow you to access your locked-out accounts or can be used for MFA as well.
- Click View in the right corner.
View Backup Codes
- Your backup codes will be displayed. Download and save them in a secure location.
Backup Codes
- If you suspect the codes are compromised, click Regenerate to get a new set of codes.
API Token
In the Security tab, you can also create a non-expiring API token for the Securin ASM platform. API tokens provide authentication for cloud applications, circumventing the need for two-step verification and single sign-on (SSO). These tokens also facilitate the retrieval of data from the instance using REST APIs.
API Token
Confirm API Code Generation
Generated Token
To regenerate the token, click the Regenerate button.
Regenerate Token
Related Articles
AWS Connector Setup
AWS Cloud Discovery Connector The following steps apply only for AWS Cloud Discovery. Enter the Connector Name and Description (optional). Select the Group from the dropdown, and from the Services dropdown, select AWS Cloud Discovery. Download the ...Frequently Asked Questions - Single Login
1. As a customer using both ASM and VI products, what happens to my Multi-Factor Authentication (MFA) setup if I have two different MFA setups for VI and ASM? The MFA Setup done previously in ASM will take precedence and work for the Single Login ...Integrations
The Integrations tab offers a powerful feature that allows you to integrate the Securin platform with data from other scanners, as well as connect to ticketing systems and cloud services. This integration enables you to view all data, combined with ...ASM Release Notes
Release 24.11.1 [November 14, 2024] New Filters - Seed and Seed Asset Type Allows users to filter the list views according to the seed and all its child assets. Applies to asset, exposure, and technology stack list view. The new filters are: Seed ...Setting up SAML for Microsoft Azure Tool
The Security Assertion Markup Language (SAML) feature allows a user to access all of their SaaS applications by entering their login credentials once on a single page. There are several benefits to it: It improves the security posture as there is ...