Hyver Platform – Frequently Asked Questions | Cye Platform Knowledge Center

Overview

This article brings together the most frequently asked questions about using Hyver across key areas such as findings, mitigation graphs, exposure quantification, integrations, reporting, and more. It’s designed to help you navigate Hyver with clarity and confidence — whether you're just getting started or diving deeper into platform features.

You’ll find step-by-step guidance, best practices, and explanations behind how Hyver calculates, prioritizes, and visualizes cyber risk, so you can make informed security decisions.

Account & Access

Regaining 2FA Access

If you’ve lost access to your 2FA code (for example, if your device with the authenticator app is unavailable), there are two recovery options:

Contact your administrator to reset your 2FA and provide a new recovery code.
Use your stored recovery code from a previous 2FA setup to register again.

See also: [Unable to Access Your 2FA Code]

Creating & Managing Findings

What is a Finding in Hyver?

A finding (type: vulnerability) is a validated security weakness that can be mitigated to reduce organizational risk — e.g., Insecure DMARC Configuration. It’s associated with remediation assets, which are the vulnerable elements requiring action.

Hyver also supports Potential findings (unvalidated or suspected weaknesses) and Capability findings (connections in attack paths, not vulnerabilities themselves).

Who Can Create Findings?

Company/engagement-level admins
Editors with Findings & Graph initiator permission

How to Create a Finding

Click the Findings icon in the left menu.
Click the + button at the top of the Findings page.
Create from a template or from scratch (+ Blank finding).

Importing Findings

Importing via CSV

Format: CSV only
Max size: 50MB
Mapped headers must match Hyver’s fixed fields
Imported findings impact exposure and maturity

Why Use Hyver for Findings?

Centralized Risk Management: Consolidate findings from red teams, pen tests, and external vendors alongside automated platform data.
Unified Prioritization: Apply consistent risk logic across all internal and external security gaps.
Actionable Mitigation: Direct integration with mitigation plans for streamlined remediation.
Expert Templates: Access to CYE’s library of expert-crafted finding templates.

Editing & Versioning Findings

Editing a Finding

You can:

Edit directly in the right pane or via Edit finding in the kebab menu
Bulk edit multiple findings via the top menu

Finding Versions

Hyver automatically creates a new version when a rediscovered finding differs from its original form (e.g., changed description or severity).

You can create versions manually using the + New version option
Only the original version is undeletable

Modifying Templates

You can override a finding’s template:

Full override: updates all content (except evidence, tags)
Template ID override: updates only the reference ID

Deletion

You can delete any user-created finding
Findings created by Hyver or CYE cannot be deleted

Templates: What & Why

Hyver’s finding templates library includes standardized vulnerability templates curated by CYE’s red team. They include:

Finding name and description
Severity, business impact, and probability
Mitigation steps (with drag-and-drop order)
Estimated cost & effort
Classification under NIST, MITRE, etc.

Templates simplify and streamline finding creation, and support consistency across teams.

Best Practices for Template Use

Start with specific, validated findings (e.g., open CVE)
Add supporting evidence when possible
Reference established frameworks (e.g., OWASP)
Align team workflows with Hyver’s structure
Create abstract findings only after specific gaps are addressed

Permissions & Visibility

Engagement Roles - within specific engagements

Viewer: View and export only
Editor: Viewer rights + edit attributes, share
Administrator (restricted mode only): Full control

Sharing Modes - at the finding level within engagements

Restricted members: Limit access to select users
Anyone with permission: Share with all engagement members

Graph Edit Access - requires both engagement-level Editor role AND the special "Findings & Graph Initiator" permission

Admins and users with Findings & Graph initiator permission can edit the mitigation graph.

Remediation Assets

A remediation asset is a vulnerable system component tied to a finding.

Multiple assets can relate to one finding
All must be fixed to mark the finding as resolved

To add one:

Right-click the finding or edge → Add remediation asset
Or, use the icon in the right pane

Exposure Quantification

What is Exposure?

Exposure = Likelihood of Breach × Cost of Breach
It represents the expected financial loss from potential cyberattacks.

Exposure Reduction

Per finding: Value of risk reduction when a single finding is mitigated
Per plan: Combined risk reduction across multiple findings

How It’s Calculated

Uses likelihood to business-critical assets (BCAs)
Uses CoB (Cost of Breach)
Simulates impact if each finding is fixed
Values update when findings are reopened or status changes

Prioritization Logic

Hyver recommends prioritizing based on exposure value, but will recalculate as fixes are made.

Why Exposure Totals May Differ

Exposure is not a simple sum — it accounts for complex interdependencies across findings and attack paths.

Mitigation Graph & Attack Routes

What is the Mitigation Graph?

A visual model of all attack routes to BCAs, enabling simulation and planning of risk-reducing actions.

Drawing Attack Routes

Use Edit Graph mode. Only admins or authorized editors can make changes.

Business assets and threats can be dragged into the graph
Middle position: one input/output
Aggregated: multiple inputs

Capability Findings

Show attack path connections, not vulnerabilities. Used to illustrate system permissions or roles.

Maturity Model

Maturity Score Differences

Current Hyver scores use the NIST CSF framework, replacing CYE’s older model.

Scoring Requirements

At least 50% of NIST subcategories must be scored per category
For overall score: 60% (CSF 1.1) or 67% (CSF 2.0) functions must be scored

Factors That Influence Scores

Remediation progress on findings
Technology maturity (level 3 baseline)
Manual ratings
Integration depth

Benchmarking is derived from CYE’s customer database and research.

Integrations

Azure Integration

Requires Global Reader (tenant) + Reader (subscriptions)
Collects configuration (not content)
Activity is non-intrusive
Runs hourly
MSFT APIs ensure no performance impact

AWS Integration

Uses ARN role with read permissions
Looks for misconfigurations in buckets, EC2, RDS, etc.
Also non-intrusive, via AWS APIs
Runs hourly, controlled via engagement

Multi-Company Setup

Parent dashboard aggregates exposure/maturity KPIs from subsidiaries
Subsidiary data updates are reflected instantly
Viewing vulnerabilities/plans requires explicit member access
Shared systems across subsidiaries may skew aggregate scoring

Reports

Report Generator

Create tailored PDFs with KPIs: exposure, CoB, maturity, etc.
Use out-of-the-box or customized templates
Future: Scheduled reports and email delivery

Exposure V2, CoB V2, and Likelihood V2

Exposure V2

Calculates exposure using all findings — manual, imported, integrated — for holistic risk visibility.

CoB V2

Based on Maturity, not questionnaire
Uses real-world data and validated historical incidents
Maturity impacts CoB dynamically

Likelihood V2

All findings impact exposure
Includes findings off the attack graph
Prioritization is weighted by risk relevance

Wrap-up / Next Steps

This FAQ is your go-to reference for working confidently with Hyver. From managing findings to understanding exposure quantification and integrating with cloud environments, we’ve covered the platform's most important concepts and common questions.

Feel free to bookmark this guide or explore specific features in more detail — whatever helps you work more effectively with Hyver.

About Hyver

Hyver User Guide

Hyver Features Overview

Getting Started with Hyver

What’s New in Hyver – March 2025