- 11 May 2022
- 1 Minute to read
- Print
- DarkLight
- PDF
Attivo BOTSink
- Updated on 11 May 2022
- 1 Minute to read
- Print
- DarkLight
- PDF
Attivo BOTSink offers deception decoy technology and threat detection.
Types of Assets Fetched
This adapter fetches the following types of assets:
- Devices
Parameters
Host Name or IP Address (required) - The hostname or IP address of the Attivo BOTSink server.
User Name and Password (required) - The credentials for a user account that has the Required Permissions to fetch assets.
Verify SSL (required, default: false) - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
HTTPS Proxy (optional, default: empty) - Connect the adapter to a proxy instead of directly connecting it to the domain.
HTTPS Proxy User Name (optional, default: empty) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
HTTPS Proxy Password (optional, default: empty) - The password to use when connecting to the server using the HTTPS Proxy.
To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
APIs
Axonius uses the Attivo BOTsink Manager REST APIs.
Required Ports
Axonius must be able to communicate with the REST APIs via the following port:
- Port 443
Required Permissions
The value supplied in User Name must have REST API permissions to fetch assets.
To create a user with only API access:
- From Attivo BOTsink, click Administration and navigate to User Accounts > Configuration. The Configure Users page is displayed.
- Click the Add button. The User Add page is displayed.
- From the Access Type dropdown, select REST API.
- Enter the details in the remaining fields and click Save.
Supported From Version
Supported from Axonius version 4.5