Release Notes
Start typing to search…
Back to All

Axonius Release Notes 7.0.12

10 days ago

These Release Notes contain new features and enhancements added in version 7.0.12.

Exposures New Features and Enhancements

The following new features and enhancements were added to Exposures:

Risk Score Breakdown Display

After a Risk Score is calculated for an asset, its Asset Profile page now provides a detailed breakdown of the data comprising the Risk Score. This ensures a transparent calculation process and helps users to quickly detect any changes that need to be made to the Risk Score settings to get more accurate results.

The Risk Score breakdown details the asset types, adapter connections, field names, and field values that contributed to the calculation, and the weight (percentage) of each field in the calculation.

  • For Vulnerability Instances assets, Risk Score breakdown is displayed in a dedicated Asset Risk Score section.
  • For other asset types, Risk Score breakdown is displayed in the Asset Risk Score section if it was calculated per asset, and in a dedicated Vulnerability Risk Score section if it was calculated per vulnerability per asset. In the latter case, the Asset Profile page displays the Risk Score breakdowns of each vulnerability found on the asset.

Findings Center New Features and Enhancements

Duplicate Findings

It is now possible to duplicate any existing Finding directly from the Findings Center table, automatically creating a copy with the original Finding's full configuration. This enables quickly setting up similar Findings without having to start from scratch.

Cases New Features and Enhancements

Select Assignee only from Users with Access to Case Management

Up till now, any Axonius user could be assigned a case. Now, only users with access to Case Management can be assigned to a case.

Case-set Run History Breakdown for Troubleshooting

Case Set Run History page now shows each step with its own status for Investigation, including case creation, ticket creation, post creation actions, follow-up actions when an asset was resolved, when ticket status changed, etc. This enables users to troubleshoot Case Sets.

Adapter Pages and Adapter Interface New Features and Enhancements

The following updates were made to the common functionality across all adapters:

Adapter Interface

Adapters Fetch History - Basic Filter

A basic filter has been added to the Adapters Fetch History page to allow users to add any field as a filter.

Activity Log New Features and Enhancements

The maximum number of records that can be stored in the Activity Log has significantly increased. This means that users can track activities over a much longer period for enhanced auditing.

System Settings New Features and Enhancements

Contract Information The About page in **Settings **now displays information about add-ons and trials as well.

Action Center is Available when Adapter Connections Information is Hidden in a Data Scope

The Action Center is now available when adapter connection information is hidden in a data scope.

Adapter and Enforcement Action Updates

New Adapters

The following new adapters were added:

  • Akamai API Security
    • Akamai API Security is a solution that provides continuous API discovery, runtime threat detection, and active testing to protect APIs across environments. (Fetches: Domains & URLs)
  • Canva
    • Canva is a graphic design platform that offers tools for creating visual content. (Fetches: Users)
  • Omnissa Horizon Cloud Service Next Gen
    • Omnissa Horizon Cloud Service Next Gen is a cloud management solution that provides advanced infrastructure optimization and security features. (Fetches: Devices)
  • Qualys Certificate View CSV
    • Qualys Certificate View CSV is a certificate management solution that provides discovery, monitoring, and lifecycle management of digital certificates across distributed environments. (Fetches: Certificates)
  • WalkMe
    • WalkMe is a digital adoption platform that provides in-app guidance, user behavior tracking, and automation to enhance software usage and engagement. (Fetches: Devices, Users, SaaS Applications)

Adapter Updates

The following adapters were updated:

  • CIS-CAT Pro - Added the option to parse the latest benchmark from the value of the latest benchmark with a 'title_value' of 'Level 1 - Member Server'.
  • CSV, Custom Files and JSON - The File Name connection field in these adapters was renamed as File Identifier.
  • CyberArk Privileged Account Security - Added the option to ignore the logon domain and use only the domain taken from the 'Address' field.
  • F5 BIG-IP iControl - This adapter now fetches F5 Firewall Security Rules as Network/Firewall Rules.
  • Forward Networks - Added the capability to enter a custom NQE query for both devices and location.
  • IBM Guardium Data Protection - Added the option to set the default value to 1 for SHOW_ALIASES to show the FQDN in the online reports body parameter request.
  • MongoDB
    • Added the capability to enter a list of sensitive fields to exclude from the raw data.
    • Added the option to perform Device Custom Parsing and User Custom Parsing.
  • Oracle Fusion HCM Cloud - Added an option to authenticate the adapter using OAuth OneAPI.
  • Palo Alto Networks Cortex XDR - Added an option to run a query to fetch XDRC Devices.
  • Palo Alto Networks Prisma Cloud - Added the option to enrich assets with CVE vulnerabilities data.
  • Quest KACE Endpoint Systems Management Appliances - Added the option to fetch devices from the Assets endpoint.
  • Rubrik Security Cloud - Added the option to parse Asset Name and Host Name from Node Location.
  • SecurityScorecard - This adapter now fetches Device findings that contain vulnerability data as Vulnerable Software data.
  • SentinelOne
    • Added the option to enrich device data with different types of Deep Visibility events.
    • Added the option to fetch Firewall Rules for Devices.
  • Snow Atlas - Added the option to enrich devices and computers with custom fields.
  • Veeam - Added the option to fetch restore points for backups and backup objects.
  • VMware Carbon Black App Control (Carbon Black CB Protection) - Added an option to fetch Installed Software per Device.
  • Wiz - The following asset types, which were previously fetched as Users, are now fetched separately:
    • ACCESS_KEY - fetched as Secrets
    • ACCESS_ROLE - fetched as Roles
    • ACCESS_ROLE_PERMISSION - fetched as Permissions
    • GROUP - fetched as Groups
    • STORAGE_ACCOUNT - fetched as Accounts
  • Zscaler Client Connector - Added an option to authenticate the adapter using OAuth.

New Enforcement Actions

The following Enforcement Actions were added:

  • Nessus - Delete Agent - Delete agents from Tenable Nessus based on entity data.
  • Elastic Fleet - Update Tags - Manage tags on Elastic Fleet agents.
  • Automox - Update Server - Updates the server group of an Automox server.
  • Infoblox - Update Device with Network Data - Enriches the devices with network metadata.
  • Zscaler - Add or Remove URL to/from Category - Adds or removes URLs from Zscaler custom categories.
  • Elastic Fleet - Update Tags - Updates tags on Elastic Fleet agents.

Updated Enforcement Actions

The following Enforcement Actions were updated:

  • AWS - Send CSV to S3
    • Added the External Role ARN and Entry Point External ID parameters to the action's configuration.
    • Added the option to apply a strict Parquet schema when aggregating fields as arrays in a Parquet file.
  • GitHub - Create Issue - Added an option to disable the default Issue Body, which omits the Axonius-generated message from the Issue Body.
  • ServiceNow - Create Assets - Added the new Update exists related assets (Table API only) option. When enabled, this option uses the Asset unique key identifiers field to search for and update an existing asset, thereby preventing the creation of duplicates.