Skip to main content

Creating an Engagement in Hyver

Step-by-step guide to creating a new engagement and configuring its scope and access.

Updated over 2 months ago

Overview

This article explains how to create a new engagement in Hyver — from defining the engagement type to setting its schedule and scope. You'll also learn who can create engagements and how permissions work.

You'll need Administrator or Power User access to perform this task.

1. Start a new engagement

  • Click the Engagements icon in the left-hand navigation bar to open the Engagement Board:

  • Click + New Engagement at the top of the page.

This opens the engagement creation wizard:

2. Define engagement basics

  • Engagement name: Enter a name (e.g., customer name + purpose).

  • Engagement type: Select from the dropdown. This determines the purpose and behavior of the assessment. Your available types depend on your organization's license with CYE:

Common engagement types

Here are a few examples:

  • Application — Evaluates a website’s security posture.

  • Architecture — Focuses on hardening your security architecture.

  • Asset Discovery — Discovers and catalogs IT assets. (Activated by CYE)

  • Attack Surface — Identifies internet-facing assets exposed to external threats.

  • AWS / Azure — Tracks misconfigurations in your cloud environment (requires a predefined integration).

  • Baseline — Comprehensive organizational security assessment.

  • CTI — Investigates threat actors and leaked data.

  • DFIR — Digital Forensics and Incident Response services.

  • General / Red Team / VIP / Internet Perimeter — Manual or specialized services. (Some types must be activated by CYE)

📌 Note: Engagement type cannot be changed after creation.

3. Set the schedule and description

  • Schedule time: Choose Only Once, Monthly, Quarterly, or Every 6 Months.

  • Start / End dates: Define when the assessment begins and ends.

  • Short description (optional): Add a quick summary.

  • Customer restrictions (optional): Add any limitations or instructions for the CYE team.

Click Next to continue.

4. Configure the scope

The next step varies based on the engagement type you selected.

For example:

  • Application: You’ll be asked to provide the application’s URL:

  • Internet Perimeter: You’ll define domains, IPs, and subnets — either by importing a CSV or adding them manually. Up to 600 entries can be included (If the definition of more than 600 domains and IPs are required, then contact the CYE operations team):

To import a CSV:

  • The file should contain a single column with no header.

  • Acceptable formats include IPs, ranges (e.g., 11.11.11.11-11.11.11.12), domains (example.com), and subnets (11.11.11.0/5):

  • Choose Import as In Scope or Out of Scope, upload the file, and Hyver will classify the entries.

To add manually:

  • Use the Domain, IP, or Subnet fields.

  • Select whether each entry is In Scope or Out of Scope.

📌 Note: Internal assets like corporate workstations may not appear in automatically scanned assessments like Asset Discovery. These require specific engagement types for internal visibility.

5. Assign access

In Hyver, all users have visibility into all assets across the platform — this is intentional and by design. Asset access is not restricted by engagement or user role, because shared visibility ensures consistent analysis, reporting, and decision-making. It’s important to understand that asset data is centralized so teams can collaborate effectively, without segmentation or blind spots.

  • Select users and groups who should have access to this engagement.

  • You can also include newly invited users (marked as "pending activation").

  • Only assigned members can see findings, assets, and other assessment results.

Click Done to finish:

6. Review and access your engagement

Once created, the engagement appears on the Engagement Board with a Pending status.

Click View My New Engagement to open and review the details:

Important notes

  • Only Administrators or Power Users can create engagements.

  • Engagement types like Asset Discovery, Internet Perimeter, and Cloud assessments must be activated by CYE.

  • Users who create and activate an engagement are automatically assigned the Administrator role for that engagement.

Wrap-up / Next Steps

Creating an engagement is the first step in defining how your organization will be assessed. Once it’s set up, you can activate it and begin adding findings.

Feel free to revisit and edit the details later — or move on and set up the next engagement in your queue.

Related Articles
Getting Started with Hyver
Defining Engagements
Activate Asset Discovery Engagement
Understanding Engagements in Hyver
Activating an Engagement in Hyver
Did this answer your question?