Axonius 6.0 Ongoing Adapter and Enforcement Action Updates
  • 28 Sep 2023
  • 8 Minutes to read
  • Dark
    Light
  • PDF

Axonius 6.0 Ongoing Adapter and Enforcement Action Updates

  • Dark
    Light
  • PDF

Article Summary

The following includes new Adapters and Enforcement Actions and ongoing updates to Adapters and Enforcement Actions as they are added to Axonius 6.0

New Adapters

The following new adapters were added:

  • 1Password
    • 1Password is a password manager providing a place for users to store various passwords, software licenses, and other sensitive information in a virtual vault. (Fetches: Users)
  • AKAssets
    • Akamai AKAssets provides data on users, components and applications. (Fetches: Devices, Users)
  • CDW
    • CDW is a multi-brand technology solutions provider. (Fetches: SaaS data)
  • Cradlepoint
    • Cradlepoint develops cloud-managed wireless edge networking equipment. (Fetches: Devices)
  • Dell Boomi
    • Dell Boomi’s iPaaS platform enables businesses to discover, manage, and orchestrate data while connecting applications, processes, and people. (Fetches: Devices)
  • HYCU
    • HYCU is a SaaS-based data management product including data protection, migration and disaster recovery. (Fetches: Devices)
  • IBM License Metric Tool
    • IBM License Metric Tool (ILMT) helps manage license allocation services on supported systems. (Fetches: Devices)
  • Intel EMA
    • Intel® Endpoint Management Assistant (Intel® EMA) software provides the ability to remotely and securely manage Intel® Active Management Technology (Intel® AMT) devices beyond the firewall, via the cloud, on known Wi-Fi networks. (Fetches: Devices)
  • Ivanti for Patch Management
    • Ivanti Neurons for Patch Management continuously senses, discovers, and remediates security threats. (Fetches: Devices)
  • Proofpoint PoD
    • Proofpoint on Demand (PoD) Email Security classifies types of email, while detecting and blocking threats. (Fetches: Devices)
  • RingCentral
    • RingCentral provides cloud-based communication and collaboration products and services including phone, messaging, video meetings, and contact center. (Fetches: Devices and Users)
  • SAP SuccessFactors
    • SAP SuccessFactors manages various aspects of HR operations, including recruitment, employee performance, HR analytics, payroll, and learning. (Fetches: Users)
  • SnapComms
    • SnapComms is an internal communications software solution. (Fetches: Users)
  • Statseeker
    • Statseeker is a network performance monitoring solution. (Fetches: Devices)
  • Tenable Identity Exposure (formerly Tenable.ad)
    • Tenable Identity Exposure (formerly Tenable.ad) provides real-time security monitoring for Microsoft Active Directory (AD) infrastructures. (Fetches: Users)
  • Trustwave
    • Trustwave is a managed security services provider focused on managed detection and response. (Fetches: Users)

Updated Adapters

The following adapters were enhanced:

  • AlgoSec Firewall Analyzer - By default this adapter fetches users. Added the option to not fetch users.

  • Apple Business Manager - Added the option to fetch profiles.

  • AWS

    • Show verbose notifications about connection failures setting was removed.
    • Added option to fech information about Redshift Clusters.
    • Added option to fetch Auto Scaling Groups and Policies.
    • Added an option to fetch information about Elastic Cache Replication Groups as an asset.
  • Axonius Network Discovery

    • Added capability to enter a comma separated list of hosts to exclude from the scan.
    • Added capability to enter a comma separated list of ports to exclude from the scan.
  • The name of the adapter called BloxOne was changed to BloxOne DDI

  • BlueCat Enterprise DNS - Added the capability to enter statuses that the adapter will not fetch.

  • Cisco SD-WAN - Added a client configuration option to enter an API rate limit

  • ConnectSecure - Added an option to fetch vulnerabilities.

  • Crowdstrike Falcon

    • Added an option to enrich each device with the USB control policy to which the device belongs.
    • Added an option to fetch CrowdStrike incidents.
  • CrowdStrike Falcon Identity Protection (formerly Preempt) - Added option to filter by a comma separated list of domains.

  • CSV - Added the option to set that all entities (devices and users) fetched by this adapter have their Last Seen set to the time the entity was fetched (fetch_time).

  • Elasticsearch - Added the option to set that all devices fetched by this adapter have their Last Seen set to the time the device was fetched (fetch_time).

  • Dell TechDirect - Added the capability to upload a file with service tags which can be used in the file.

  • Dell VPLEX

    • Added the following advanced settings
      • Option to fetch AMP devices.
        * Option to fetch cluster witness devices.
      • Option to fetch storage array devices.
      • Option to fetch version devices.
  • eMass - Added the option to add a passphrase for the private key file.

  • ExtraHop Reveal(x) - Added the option to not fetch devices without an IPV4 IP address

  • FlexNet Manager Suite Cloud

    • Added support for SaaS Management
    • Added capability to fetch licenses
  • FortiNAC Do not fetch devices without a MAC Address and Do not fetch devices without a Hostname are now two separate settings.

  • icinga - Added x.509 authentication.

  • JamfPro - Added a 'Fetch Users' option which is selected by default. This can be cleared to not fetch users.

  • JSON - Added the option to set that all entities (devices and users) fetched by this adapter have their Last Seen set to the time the entity was fetched (fetch_time).

  • Lacework - This adapter now fetches users.

  • Mandiant

    • Added the option to enrich the devices with ‘technologies’ data associated with the device.
    • Added the option to enrich the devices with ‘issues’ data associated with the device.
  • Micro Focus Universal CMDB - Added the capability to enter a list of query names to be fetched.

  • Microsoft Active Directory (AD)

    • Show verbose notifications about connection failures setting was removed.
  • Microsoft Azure Active Directory (Azure AD)

    • Added an option to fetch extra custom user flow attributes to be added dynamically to the User’s assets data.
    • Added an option to fetch group app. roles
  • Mimecast

    • Added ability to select the relevant Base URL in the 'Host Name or IP Address' field.
    • It is now possible to enter more than one internal domain separated by commas (without any spaces).
  • Monday - Added an option to fetch boards.

  • New Relic - Added an option to enrich the device with applications data.

  • Ninja One (RMM) - Added a 'Fetch Users' option which is selected by default. This can be cleared to not fetch users.

  • Oracle Cloud - Added Auto Scaling Groups as a service to fetch as a device.

  • PRTG Network Monitor - Added the option to fetch sysinfo for each device.

  • Pure Storage Pure1 - Added the option to enrich each device with its volumes and volume snapshots.

  • Qualys Cloud Platform - Added possbility to add a concurrency limit (the maximum number of requests to send in one go) to access the Qualys API.

  • Red Hat Automation Controller (Ansible Tower)

    • Added the option to use the value of another field as the hostname value.
    • Added the option to use the value of the Description field in the Host Name field if the description field exists.
  • Salesforce

    • Added an option to fetch tabs.
    • Added an option get the admin role from the profile name.
  • Secureworks Taegis XDR - Added the option to add the DataSource data to each asset

  • SecureW2 JoinNow - Added capabiilty to set a value for the chunk size of the async requests.

  • ServiceNow

    • Added an option to use the VM Object ID to identify AWS Cloud IDs.
    • Added an option to populate the fields “upstream“ and “downstream“ for devices.
    • Default value for “Entries fetched per page“ is now 500.
  • Sharepoint - This adapter now fetches users.

  • Tailscale - Added the option to fetch users

  • Talon - Tenant ID no longer required for configuration.

  • Tenable.io

    • Added the option to fetch cloud resources from the Tenable.cs module.
    • Added the option to use the API v2 instead of API v3 to fetch web application vulnerabilities
  • Tenable.sc

    • Added option to only parse the OS Identification field from the output of the Plugin-11936
    • Added an option to fetch Tenable.sc alerts as a new asset in the Alerts/Incidents category.
    • Added an option to fetch OS Serial information from plugins 131568, 35351, 24270.
  • Tenable Nessus - Added an option to only fetch scans with the status ‘enabled’.

    • Thycotic Secret Server
    • Added option to fetch Vaults
    • Added option to fetch Rules
    • Added option to fetch Permissions
  • Twistlock - Added option to configure a Tenant Project Name from which to fetch.

  • UpGuard CyberRisk - Added the option to enrich the devices with risks data

  • Veeam - Added the option to fetch information about Virtual Machines.

  • Windows Management Instrumentation (WMI)

    • For both the adapter and the Enforcement action added:
      • Option to fetch information from the Remote Desktop Client Access Licensing Server.
      • Option to fetch software licensing product information from each host.
  • Workday - Added the option to fetch only the most recent records for each worker.

  • ZenDesk

    • Added the option to fetch EC Action ticket updates.
    • Added the capability to select Zendesk roles to fetch.



For more details:

New Enforcement Actions

The following Enforcement Actions were added:

Updated Enforcement Actions

The following Enforcement Actions were updated:



Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.