Axonius Release Notes 8.0.1

Release Date: November 9th 2025

These Release Notes contain new features and enhancements added in version 8.0.1.

Axonius Platform New Features and Enhancements

Assets Pages

The following features were added to all assets pages:

Copy Query Button

A new Copy Query button was added above the asset table. This replaces the Copy Link with Query button that was previously above the Query Wizard, but retains the same functionality.

Enforcements New Features and Enhancements

The following new features and enhancements were added to the Enforcements:

Dynamic Value Statement Updates

The following functions were added to the Dynamic Value statement functionality to provide more flexible filtering of complex, array-based fields:

filter_by_key_with_operator

This function filters an array of objects based on a specified condition and returns the matching objects.

• Description: This function iterates through every object in the specified complex field path. It checks each object against a condition defined by an operator applied to a specified field, and compares the result to a specified value. It returns a comma-separated list of the full objects that match the condition.
• Example: You can use this function to return all User objects where the status equals Active.
• Syntax: filter_by_key_with_operator ([adapter_complex_field_path], field_to_compare, operator, by_value)
• Parameters:
  • adapter_complex_field_path - The path to the complex field being filtered (must be an array of objects).
  • field_to_compare - The field within each object used for the comparison.
  • operator- The comparison operator to apply (e.g., contains, greater_than_regex).
  • by_value - The string or numeric value to compare against the result of applying the operator on field_to_compare.

filter_value_by_key_with_operator

This function allows for complex filtering and returns a specific value from the matched objects.

• Description: This function iterates through every object in the complex field. It checks each object against a condition defined by an operator applied to a specified field, and compares the result to a specified value. It then extracts the value from the designated field (field_to_pick) from each matched object and returns these collected values as a comma-separated list.
• Example: You can use this function to filter and return all User objects where the status equals Active.
• Syntax: filter_value_by_key_with_operator ([adapter_complex_field_path], field_to_compare, operator, by_value, field_to_pick)
• Parameters:
  • adapter_complex_field_path - The path to the complex field being filtered (an array of objects).
  • field_to_compare - The field within each object used for the comparison.
  • operator- The comparison operator to apply.
  • by_value - The value to compare against the result of applying the operator on field_to_compare.
  • field_to_pick - The field whose values are extracted and returned for all matched objects.

Workflows

New Events

The following Events were added:

• Email Message Response Event - Similar to Slack and Teams, email recipients can now trigger Workflow actions by clicking embedded buttons directly within an interactive notification email. When a user submits a response within 24 hours of receiving the interactive email, the Email Message Response event is triggered. Using an Event condition, the Workflow automatically proceeds based on the specific Response value the user submits.

Enhancements to Axonius Actions

The Axonius - Send Email action can now be used within a Workflow to send interactive emails. The action includes a new Create list of predefined responses field, where users configure the buttons that appear in the email. When a recipient clicks a response within 24 hours of receiving the interactive email, the system generates an Email Message Response event, which advances the Workflow based on the specific response button clicked.

Cases New Features and Enhancements

Add Actions Step of Create a Case Set Wizard

The Add Actions step of the Create a Case Set wizard has been enhanced with two new scenarios to automatically trigger Actions or Workflows after Case Set creation:

• When a case progress reaches 100% - When all assets initially included in the Case have been resolved and no longer match the Case criteria.
• When the due date of a case is in less than X days - When the Case due date is within a specified number of days (user selectable). You can configure different Actions and Workflows to run for different timeframes. For example:
  • Within five days of the due date, you can send a reminder notification to the assignee.
  • Within one day, you can escalate the Case to a manager.

Adapter and Enforcement Action Updates

New Adapters

The following new adapters were added:

• OpenAI
  • OpenAI is a research and deployment AI platform that provides large language and multimodal models such as GPT and Sora for generative and reasoning capabilities. (Fetches: Users)
• Empirical Security Enrichment
  • Empirical Security provides vulnerability intelligence and exploitation activity data to enhance CVE analysis and prioritization.
• Palo Alto Networks Cortex XSIAM
  • Palo Alto Networks Cortex XSIAM is an extended security intelligence and automation management platform that provides threat detection, investigation, and response capabilities across enterprise environments. (Fetches: Devices)
• ReliaQuest GreyMatter
  • ReliaQuest GreyMatter is a security operations platform that provides unified threat detection, investigation, and automated response across cloud, endpoint, and network telemetry. (Fetches: Devices, Alerts/Incidents)

Adapter Updates

The following adapters were updated:

• Abnormal Security - Added the option to configure fetching assets from a specified number of past days.
• Awake Security - Added the capability to configure the number of days for the Last Seen scan history.
• CrowdStrike Falcon - Added an option to fetch MITRE ATT&CK techniques.
• F5 Distributed Cloud - Added an option to enrich Firewalls and Load Balancers with additional data.
• Honeywell Cyber Watch - Added the option to enrich assets with vulnerability information.
• Microsoft Defender for Endpoint (Microsoft Defender ATP) - Added the option to fetch Secure Assessments configuration from the DeviceTvmSecureConfigurationAssessment table.
• Sailpoint IdentityNow - Added the option to use the first and last name from fetched attributes.
• SolarWinds Network Performance Monitor - Added the capability to parse the operating system data from vim.host Solarwinds Orion table.
• Trend Micro Deep Security - Added the capability to decide from what field to take the value for Device Serial.
• Verve Security Center - Added paginated device asset fetching capability. Vulnerability queries are now performed through both the direct connection and the Kibana proxy connection.
• Wiz - The minimum of the “Filter installed software older than X days“ setting was reduced to 0, which allows the adapter to not filter results.

New Enforcement Actions

The following Enforcement Actions were added:

• Axonius Deactivate Users - Deactivates users in Axonius
• Microsoft Cloud App Security - Enrich Extensions with App Governance Data - Enriches Exertions assets with data from App Governance.
• Salesforce - Update Ticket - Updates tickets in Salesforce.

Updated Enforcement Actions

The following Enforcement Actions were updated:

• Jira Service Management - Create Ticket per Asset - Added an option to group Vulnerability Instances by CVE ID, so that one ticket is created per CVE ID.
• Monday - Manage Users - Added support for the Monday 2025-10 API version.