SecureEndpoint
Request Demo
Documentation

Everything You Need
to Get Started.

Guides, references, and tutorials for deploying and operating Secure Endpoint across your environment.

Start Here

Choose your path.

Quick Start
Deploy your first scan and see results in under 10 minutes. Start here if you're new.
🖥️
Remediation Dashboard
Full reference for the EOL detection dashboard — scans, findings, reports, and settings.
🔒
PHANTOM Messaging
Deploy and configure PHANTOM's encrypted channels for your security team.
🔌
API Reference
Full REST API documentation with endpoints, parameters, and code examples.
Getting Started
Remediation Dashboard
PHANTOM
Integrations
Quick Start
Deploy in 10 Minutes
This guide walks you through your first scan from installation to results. By the end you'll have a full EOL inventory of your network and your first set of findings ready for review.
Before you beginEnsure you have admin credentials for the network range you're scanning and a Secure Endpoint account. Don't have one? Request a demo to get set up.
  • 01
    Install the Agent
    Download the Secure Endpoint agent from your dashboard. Supported on Windows, Linux, and macOS. The agent handles network discovery and asset fingerprinting — no additional tooling required.
  • 02
    Define Your Scope
    Enter the CIDR range you want to scan (e.g. 10.0.0.0/8). You can also import an existing asset list from CSV or connect directly to your CMDB.
  • 03
    Run Your First Scan
    Kick off the initial discovery scan from the dashboard. The first full scan of a Class A network typically completes in 8–12 minutes. You'll see results populate in real time.
  • 04
    Review Findings
    Navigate to the Findings tab to see your results, sorted by severity. Critical findings (CVSS 9.0+) are pinned at the top with one-click ticket creation.
  • 05
    Export Your First Report
    Click "Generate Report" to produce a regulator-ready PDF with an executive summary, full findings list, and remediation timeline. Takes under 30 seconds.
System Requirements
The Secure Endpoint agent is lightweight by design. It's built to run on the same infrastructure it's scanning without adding meaningful load.
Agent Requirements
OS         Windows 10+, Server 2016+, Ubuntu 18.04+, RHEL 7+, macOS 12+
CPU        2 cores minimum (4 recommended for large networks)
RAM        2 GB minimum (4 GB recommended)
Disk       500 MB for agent + scan cache
Network    Outbound HTTPS (443) to api.secureendpoint.io
Ports      Read access to target subnet (ICMP + TCP 22, 135, 445, 3389)
Remediation Dashboard
The dashboard is the central hub for all EOL detection, remediation tracking, and reporting. It's designed for daily use by security engineers and for executive presentations to the board or regulators.
Key Sections
Executive Summary — High-level KPIs including total findings by severity, remediation velocity, and projected ROI of closing open findings. Designed to copy-paste into board decks.
Findings — The full list of detected EOL/EOS software, sortable and filterable by severity, software type, affected endpoint count, and remediation status.
Assets — Your full endpoint inventory with per-asset risk scores, OS and software manifests, and scan history.
Reports — One-click generation of regulatory audit reports in PDF format. Templates available for FFIEC, SOX, and PCI-DSS frameworks.
Running Scans
Scans can be triggered manually from the dashboard, scheduled on a recurring basis, or initiated programmatically via the API. We recommend scheduling a full scan daily and a targeted scan on any new assets as they're provisioned.
TipUse the --delta flag on CLI scans to only re-scan assets that have changed since the last run. This reduces scan time by up to 80% on stable networks.
CLI — Schedule a Daily Scan
se-agent schedule \
  --cron "0 3 * * *" \
  --scope 10.0.0.0/8 \
  --severity critical,high \
  --notify slack,email
PHANTOM Secure Messaging
PHANTOM provides end-to-end encrypted communication channels for security teams. It's purpose-built for incident response scenarios where sensitive remediation details need to be discussed without risk of interception or logging.
Initial Setup & Key Exchange
Each PHANTOM user generates a local keypair on first login. Private keys never leave the device. The initial key exchange uses a Diffie-Hellman handshake over a verified channel — no trust in the server required.
WarningIf a device is lost or compromised, immediately revoke its key from the PHANTOM admin panel. Old keys cannot decrypt new messages once rotated.
Creating Channels
Channels can be created for standing teams (e.g. "IR Team", "CISO Briefings") or spun up ad-hoc for specific incidents. Each channel has an independent encryption key. Self-destruct timers can be set from 1 hour to 30 days.
ServiceNow Integration
The ServiceNow integration allows Secure Endpoint to automatically create, update, and close incidents in your ServiceNow instance based on EOL findings and remediation status.
Configuration — settings.yaml
integrations:
  servicenow:
    instance: your-instance.service-now.com
    username: se_integration_user
    password: ${{SNOW_PASSWORD}}
    assignment_group: Security Operations
    priority_map:
      critical: 1
      high:     2
      medium:   3
      low:      4
NoteUse a dedicated integration service account in ServiceNow with the itil role. Do not use admin credentials for the integration user.
FIS IBS Core Banking Integration
The FIS IBS integration extends Secure Endpoint's asset discovery to include core banking infrastructure components managed through FIS. This surfaces EOL risk in assets that standard network scans may miss due to segmentation or access restrictions.
Once configured, FIS assets appear in your main inventory alongside standard endpoints, with a source: fis_ibs tag for filtering. All findings tied to FIS assets are automatically included in FFIEC-mapped compliance reports.
PrerequisiteYou'll need FIS IBS API credentials from your FIS account manager. Request read-only API access scoped to the Asset Management module.