Overview
This article walks you through the setup process for using Hyver. It covers the core steps you need to complete before you can start assessing cyber risk, discovering assets, or creating mitigation plans. These actions lay the groundwork for effective exposure management.
Before you begin, check out Before You Start for helpful context and system requirements.
1. Set up user access and authentication
Log in with the credentials provided by CYE.
Set up SSO if possible — this is strongly recommended.
Two-factor authentication (2FA) is enforced by default.
To invite others, go to Settings > Members and Groups.
See also: [Registration and Login for Hyver]
2. Configure your company profile
Add your company’s basic information such as name, sector, and other identifiers.
Go to Settings > Company Profile to get started.
See also: [Company Profile]
3. Define threat sources
Identify the types of attackers relevant to your organization — such as external actors or insiders. These will appear automatically in every engagement’s Mitigation Graph.
Go to Settings > Threat Sources.
See also: [Defining Threat Sources]
4. Add your business assets
List and describe the business assets you want to protect — like customer data, employee records, or intellectual property. You can also assign cost and importance levels to each asset.
Go to Settings > Business Assets.
See also: [Business Assets]
5. Input Cost of Breach data
Complete the Cost of Breach (CoB) questionnaire. This allows Hyver to calculate the potential financial impact of a breach.
Click Cost of Breach from the left navigation menu.
See also: [Inputting Cost of Breach Data]
6. Complete your cybersecurity maturity assessment
Use the NIST Cybersecurity Framework (CSF) 2.0 as your guide. You'll rate your organization's performance across cybersecurity categories, which Hyver maps to relevant findings, processes, and technologies.
See also: [Maturity Assessment]
7. Define and activate your first engagements
7a. Create an Asset Discovery engagement
Typically activated by your CYE account manager.
Scans for external-facing assets and catalogs them.
See also: [Activate Asset Discovery Engagement]
Learn more: [Managing Assets]
7b. Activate an Internet Perimeter engagement
Usually handled by CYE.
Identifies vulnerabilities exposed to the internet and recommends mitigation.
See also: [Activate Internet Perimeter Engagement]
7c. (Optional) Define Cloud Engagements
Set up integrations for automatic cloud assessments.
See also: [Defining Cloud Engagements]
8. Configure platform settings
Only Admin users can change these. Go to Settings to customize:
Notification preferences
Integration settings
Findings prioritization
Company profile
See also: [Configuring Hyver Settings]
9. (Optional) Set up integrations
Connect Hyver with systems like Jira and ServiceNow for ticketing and task management.
See also: [Hyver Integrations]
10. Start using Hyver
Once your data is in, you can:
Review and edit findings — Go to Findings
Explore the Mitigation Graph — Go to Mitigation Graph
Build mitigation plans — Go to Mitigation Plans
Monitor progress — Visit the Risk Dashboard
See also:
Important notes
Some engagements (e.g. Asset Discovery) can only be activated by CYE.
Business assets and threat sources must be defined for full platform functionality.
CoB calculations and maturity scoring rely on accurate input during onboarding.
Wrap-up / Next Steps
You don’t have to do everything at once — go at the pace that works for your team. Start with the core setup steps, then expand into deeper risk analysis and planning as you get more comfortable with the platform.