First steps with Autobahn

Building a secure foundation together with Autobahn

Welcome to Autobahn!

Whether you're an IT administrator, a security professional, or just beginning your journey in cybersecurity, Autobahn empowers you to take control of your organization’s security.

This guide will walk you through the initial setup process, including preparing and launching your first scan, and interpreting the results to gain valuable insights into your security posture. You're not just getting started - you’re laying the foundation for a stronger, more resilient organization.

Your first steps

  1. Invite your team members 
  2. Prepare your assets
  3. Whitelist our scanner IPs
  4. Install an internal probe
  5. Run your first scan
  6. Integrate additional data sources
  7. Analyse the results

1. Invite your team members 

Creating a team is essential for effectively managing assets and coordinating the remediation process - especially in larger organizations where collaboration is key.

The primary goal of inviting team members is to assign Workouts - actionable remediation guides - to the right people. This is especially important for asset owners, who are directly responsible for fixing issues on the systems they manage. By assigning Workouts to those closest to the problem, you ensure faster resolution, clearer accountability, and a more efficient remediation process. 

When inviting team members, it’s important to define what each person should have access to. This determines the role you assign:

Administrator
  • Full access to the platform
  • Can initiate scans, invite users, and manage settings
  • Ideal for overseeing the entire vulnerability management lifecycle

General User

  • Access limited to WorkoutsAssets, and Issues
  • Sees only the items explicitly assigned to them
  • Best suited for team members focused on remediation tasks

For detailed instructions on managing roles and permissions, refer to this article.

Even if not all team members are invited to Autobahn, they can still be part of the remediation process. You can create tickets directly from Workouts and send them to your organization’s ticketing systems - such as Jira, ServiceNow, or Serviceware - or forward them via email as standard messages. This requires relevant integration to be enabled. Please contact Customer Success Team if you have any questions: support@autobahn-security.com.

2. Prepare your assets 

Having well-organized asset data is foundational to effective cybersecurity and vulnerability remediation. It ensures that vulnerabilities are accurately mapped to the systems they affect, enabling faster, more targeted responses. Without clear asset ownership and categorization, critical issues can be overlooked or delayed, increasing risk and reducing the efficiency of your remediation efforts.

Specifying criticality, owner, and tags is therefore highly recommended.

Tagging your assets is a simple yet powerful way to manage them more effectively. With well-organized tags, you can:

  • Easily filter Workouts based on relevant criteria
  • Build custom dashboards tailored to your needs
  • Control what gets sent to ticketing systems, ensuring the right teams see the right issues

You can adopt any tagging scheme that fits your organization. Common examples include:

  • Location (e.g., Berlin, New York)
  • Team (e.g., Frontend, DevOps)
  • Operating System (e.g., Windows, Linux)
  • Network (e.g., Internal, DMZ)

Tags can be applied when uploading assets before the first scan. If you're using integrations with third-party tools, any existing tags will be automatically carried over, keeping your asset organization consistent across platforms.

3. Whitelist our scanner IPs

Whitelisting creates an exception for our scanner IPs, allowing them to scan your organization's network(s) without being blocked and ensuring visibility over all your assets.

  • If you want to run internal scans, whitelisting is mandatory.
  • For external scans, while not required, whitelisting allows for maximizing scan coverage and uncovering more potential vulnerabilities.

Without whitelisting, scans operate from a hacker’s perspective - limited in scope and visibility. This may result in fewer findings. Whitelisting allows our scanners to detect all reachable devices, services, and vulnerabilities, helping you proactively address issues before they can be exploited.

Find the full list of IPs here.

4. Install an internal probe

The internal probe acts as your Autobahn sensor within your organization's network(s), collecting valuable security data. If your license includes internal scans, you will receive an activation code from your Customer Success Manager. The installation guide is available here.

5. Run your first scan

When launching your first scan, a few common questions may come to mind:

  • How should I structure my scans?
    Should you create one comprehensive scan or split them by location, environment, or team? While it depends on your setup, we generally recommend creating multiple scans. This provides greater granularity, making it easier to manage results and assign ownership.

  • Do I have full reachability for internal scans?
    If you've completed the necessary whitelisting steps, your scan should have full access to the internal assets. It's important to verify this to ensure accurate results.

You can find a step-by-step guide for creating your first scan here.

Scans typically take a minimum of two hours to complete, depending on the size and complexity of your target scope. You can monitor progress under Scanning / All Scans, and you’ll receive an email notification once the scan is finished.

We also recommend assigning your scan to the appropriate team member. This ensures clear ownership from the start and enables a smooth remediation workflow.

Assignment follows an automated inheritance hierarchy: Scan => Asset => Issue => Workout

This means that when you assign a scan, the assignment is automatically inherited by the assets it discovers, the issues found on those assets, and the resulting Workouts. Starting with scan assignment helps establish accountability early and reduces manual effort later in the process.

6. Integrate additional data sources

Autobahn offers more than just infrastructure scanning. It provides a comprehensive view of your organization’s security posture. By integrating with a wide range of vulnerability scanners, cloud providers, and the results of penetration tests or red team exercises, Autobahn helps you centralize and contextualize your security data, delivering actionable insights in the form of Cyber Fitness Workouts.

You can seamlessly incorporate vulnerability data from tools like Microsoft Defender for Endpoint, Cisco, Nessus, Rapid7 or Tenable, alongside Autobahn’s own scan results. It also supports direct integration with major cloud platforms such as AWS, Azure, and Google Cloud Platform, enabling you to pull in assets and run targeted scans effortlessly. Additionally, you can manually upload findings from pentests to enrich your security insights.

This unified approach empowers your team to monitor, analyze, and respond to vulnerabilities across your entire digital landscape.

For detailed instructions on setting up these integrations, refer to the user guides in this section of Autobahn's Knowledge Base.

7. Analyze the results

Your first scan is now finished, and it's time to dig into your data. You can get a first glimpse into your organization's security posture from your Cyber Fitness Dashboard.

Dashboard_exampleThe Dashboard gives you an overview of your organization's overall security posture and your next best actions by showcasing:

  • Cyber Fitness Workouts sorted by their impact on your organization’s cyber-health, so you can prioritize your actions.
  • Your organization’s current Hackability Score over time which gives you a glimpse of how your cyber posture improved (or deteriorated). If you've done only one scan or data fetch, you'll see a single data point.

  • Number of open and closed issues detected on your organization’s assets, grouped by their status and severity. Please note that the Low severity issues are not included in this view as they do not contribute to the Hackability Score.
  • List of most hackable assets (or in other words, most at-risk assets) sorted by the number of issues and their criticality, so you and your team can promptly secure assets based on how prone they are to attacks.

You can also create custom dashboards to provide separate views per subsidiary, business unit or technology type, by selecting certain assets, asset tags or scans. You can make these dashboards visible only to yourself, or share with your organization's Admins.

What is considered a good Hackability Score? While we always recommend lowering it as much as possible, getting the Hackability Score of zero is unattainable.

We use the following score ratings:

  • Unsatisfactory: > 70
  • Needs improvement: 26 – 69
  • Satisfactory: 10 – 25
  • World class: < 10

Now you know where to start

The ultimate goal is to lower your Hackability Score. To do that, complete the Workouts in the order displayed on the Dashboard, fixing issues on all the affected assets. Ensure ownership of all assets and issues to keep the Workouts assigned - what’s owned, gets done.

Let's start working on remediation.