Overview
This article brings together the most frequently asked questions about using Hyver across key areas such as findings, mitigation graphs, exposure quantification, integrations, reporting, and more. It’s designed to help you navigate Hyver with clarity and confidence — whether you're just getting started or diving deeper into platform features.
You’ll find step-by-step guidance, best practices, and explanations behind how Hyver calculates, prioritizes, and visualizes cyber risk, so you can make informed security decisions.
Account & Access
Regaining 2FA Access
If you’ve lost access to your 2FA code (for example, if your device with the authenticator app is unavailable), there are two recovery options:
Contact your administrator to reset your 2FA and provide a new recovery code.
Use your stored recovery code from a previous 2FA setup to register again.
See also: [Unable to Access Your 2FA Code]
Creating & Managing Findings
What is a Finding in Hyver?
A finding (type: vulnerability) is a validated security weakness that can be mitigated to reduce organizational risk — e.g., Insecure DMARC Configuration. It’s associated with remediation assets, which are the vulnerable elements requiring action.
Hyver also supports Potential findings (unvalidated or suspected weaknesses) and Capability findings (connections in attack paths, not vulnerabilities themselves).
Who Can Create Findings?
Company/engagement-level admins
Editors with Findings & Graph initiator permission
How to Create a Finding
Click the Findings icon in the left menu.
Click the + button at the top of the Findings page.
Create from a template or from scratch (+ Blank finding).
You can input findings from red teams, pen testing, and external vendors — all into one centralized view.
Why Use Hyver for Findings?
Centralized management of internal and external findings
Unified prioritization logic
Direct integration with mitigation plans
Access to CYE’s expert-crafted template library
Templates: What & Why
Hyver’s finding templates library includes standardized vulnerability templates curated by CYE’s red team. They include:
Finding name and description
Severity, business impact, and probability
Mitigation steps (with drag-and-drop order)
Estimated cost & effort
Classification under NIST, MITRE, etc.
Templates simplify and streamline finding creation and support consistency across teams.
Best Practices for Template Use
Start with specific, validated findings (e.g., open CVE)
Add supporting evidence when possible
Reference established frameworks (e.g., OWASP)
Align team workflows with Hyver’s structure
Create abstract findings only after specific gaps are addressed
Editing & Versioning Findings
Editing a Finding
You can:
Edit directly in the right pane or via Edit finding in the kebab menu
Bulk edit multiple findings via the top menu
Finding Versions
Hyver automatically creates a new version when a rediscovered finding differs from its original form (e.g., changed description or severity).
You can create versions manually using the + New version option
Only the original version is undeletable
Modifying Templates
You can override a finding’s template:
Full override: updates all content (except evidence, tags)
Template ID override: updates only the reference ID
Deletion
You can delete any user-created finding
Findings created by Hyver or CYE cannot be deleted
Permissions & Visibility
Permissions Model
Viewer: Can view and export
Editor: Viewer rights + edit attributes, share
Administrator (restricted mode only): Full control
Sharing Modes
Restricted members: Limit access to select users
Anyone with permission: Share with all engagement members
Graph Edit Access
Admins and users with Findings & Graph initiator permission can edit the mitigation graph.
Remediation Assets
A remediation asset is a vulnerable system component tied to a finding.
Multiple assets can relate to one finding
All must be fixed to mark the finding as resolved
To add one:
Right-click the finding or edge → Add remediation asset
Or, use the icon in the right pane
Exposure Quantification
What is Exposure?
Exposure = Likelihood of Breach × Cost of Breach
It represents the expected financial loss from potential cyberattacks.
Exposure Reduction
Per finding: Value of risk reduction when a single finding is mitigated
Per plan: Combined risk reduction across multiple findings
How It’s Calculated
Uses likelihood to business-critical assets (BCAs)
Uses CoB (Cost of Breach)
Simulates impact if each finding is fixed
Values update when findings are reopened or status changes
Prioritization Logic
Hyver recommends prioritizing based on exposure value, but will recalculate as fixes are made.
Why Exposure Totals May Differ
Exposure is not a simple sum — it accounts for complex interdependencies across findings and attack paths.
Mitigation Graph & Attack Routes
What is the Mitigation Graph?
A visual model of all attack routes to BCAs, enabling simulation and planning of risk-reducing actions.
Drawing Attack Routes
Use Edit Graph mode. Only admins or authorized editors can make changes.
Business assets and threats can be dragged into the graph
Middle position: one input/output
Aggregated: multiple inputs
Capability Findings
Show attack path connections, not vulnerabilities. Used to illustrate system permissions or roles.
Maturity Model
Maturity Score Differences
Current Hyver scores use the NIST CSF framework, replacing CYE’s older model.
Scoring Requirements
At least 50% of NIST subcategories must be scored per category
For overall score: 60% (CSF 1.1) or 67% (CSF 2.0) functions must be scored
Factors That Influence Scores
Fixed findings
Technology maturity (level 3 baseline)
Manual inputs
Integration depth
Benchmarking is derived from CYE’s customer database and research.
Integrations
Azure Integration
Requires Global Reader (tenant) + Reader (subscriptions)
Collects configuration (not content)
Activity is non-intrusive
Runs hourly
MSFT APIs ensure no performance impact
AWS Integration
Uses ARN role with read permissions
Looks for misconfigurations in buckets, EC2, RDS, etc.
Also non-intrusive, via AWS APIs
Runs hourly, controlled via engagement
Importing Findings
Importing via CSV
Format: CSV only
Max size: 50MB
Mapped headers must match Hyver’s fixed fields
Imported findings impact exposure and maturity
Multi-Company Setup
Parent dashboard aggregates exposure/maturity KPIs from subsidiaries
Subsidiary data updates are reflected instantly
Viewing vulnerabilities/plans requires explicit member access
Shared systems across subsidiaries may skew aggregate scoring
Reports
Report Generator
Create tailored PDFs with KPIs: exposure, CoB, maturity, etc.
Use out-of-the-box or customized templates
Future: Scheduled reports and email delivery
Exposure V2, CoB V2, and Likelihood V2
Exposure V2
Calculates exposure using all findings — manual, imported, integrated — for holistic risk visibility.
CoB V2
Based on Maturity, not questionnaire
Uses real-world data and validated historical incidents
Maturity impacts CoB dynamically
Likelihood V2
All findings impact exposure
Includes findings off the attack graph
Prioritization is weighted by risk relevance
Wrap-up / Next Steps
This FAQ is your go-to reference for working confidently with Hyver. From managing findings to understanding exposure quantification and integrating with cloud environments, we’ve covered the platform's most important concepts and common questions.
Feel free to bookmark this guide or explore specific features in more detail — whatever helps you work more effectively with Hyver.