- 05 Sep 2024
- 54 Minutes to read
- Print
- DarkLight
- PDF
Axonius 6.1 Ongoing Adapter and Enforcement Action Updates
- Updated on 05 Sep 2024
- 54 Minutes to read
- Print
- DarkLight
- PDF
The following includes new Adapters and Enforcement Actions and ongoing updates to Adapters and Enforcement Actions as they are added to Axonius 6.1
- View full information about new and updated features in Axonius 6.1
New Adapters
The following new adapters were added:
- 1Password Account Management
- 1Password is a password manager providing a place for users to store various passwords, software licenses, and other sensitive information in a virtual vault. (Fetches: Activities) (6.1.21.0)
- 3Play Media
- 3Play Media offers video accessibility services through transcription, captioning, and audio description. (Fetches: Users) (6.1.1.0)
- Abnormal Security
- Abnormal Security is an email security provider that helps companies protect against targeted email attacks. (Fetches: Users) (6.1.8.0)
- A Cloud Guru
- A Cloud Guru is an online learning platform that specializes in teaching cloud computing and related technologies. (Fetches: Users) (6.1.0.0)
- Acronis
- Acronis is a backup solution providing data protection and recovery for servers and endpoints. (Fetches: Devices) (6.1.12.0)
- Action1
- Action1 is a cloud-based platform that automates patch management and vulnerability remediation. (Fetches: Devices) (6.1.5.1)
- Active Directory Certificate Service (AD CS)
- Active Directory Certificate Services (AD CS) is a Windows Server feature that allows you to build and manage PKI certificates used in software security systems. (Fetches: Certificates) (6.1.26.0)
- Active Directory Federation Service (AD FS)
- Active Directory Federation Service (AD FS) is a software component developed by Microsoft that provides users with single sign-on and identity access. (Fetches: Groups, User Extensions) (6.1.21.2)
- Airship
- Airship is a platform offering end-to-end solutions for mobile app engagement and customer lifecycle management. (Fetches: Devices) (6.1.3.2)
- Akamai CDN Cloud
- Akamai CDN Cloud is a content delivery network that accelerates web and video content delivery globally. (Fetches: Users) (6.1.12.0)
- Alemba Service Manager
- Alemba is an ITIL-aligned IT Service Management (ITSM) platform focusing on request fulfillment. (Fetches: Devices) (6.1.31.0)
- Amplitude
- Amplitude is a digital analytics platform that tracks and analyzes user behavior across various platforms. (Fetches: Users) (6.1.1.0)
- Anecdotes
- Anecdotes is a compliance management platform. (Fetches: Devices) (6.1.0.2)
- Apple App Store Connect
- Apple App Store Connect is a platform for developers to manage, release, and report on their iOS apps. (Fetches: Devices) (6.1.0.3)
- AppViewX CERT+
- AppViewX's CERT+ provides end–to–end lifecycle management for x.509 digital certificates across complex networks. (Fetches: Certificates) (6.1.29.0)
- Aqua Security (SaaS)
- Aqua Security provides container and cloud native cybersecurity for teams using Docker, Kubernetes, serverless, and other cloud native technologies. (Fetches: Devices, Users) (6.1.20.1)
- Arnica.io
- Arnica.io is a cloud-based security platform that scans APIs to identify vulnerabilities. (Fetches: Devices) (6.1.14.0)
- Atlassian Access
- Atlassian Access is an identity and access management solution for controlling user access to applications and resources. (Fetches: Users) (6.1.11.2)
- Atlassian Confluence
- Atlassian Confluence provides information on Confluence entities, like pages and blog posts, spaces, users, groups, and more. (Fetches: Users) (6.1.1.0)
- AttackForge
- AttackForge is a collaborative platform for managing penetration testing projects, centralizing vulnerability data and reporting. (Fetches: Devices, Vulnerabilities, SaaS applications) (6.1.30.0)
- Automatos
- Automatos is a platform that delivers solutions to surmount challenges in IT asset management. (Fetches: Devices) (6.1.17.0)
- Azure DevOps (On-Prem)
- Azure DevOps (On-Prem) is a Microsoft product that provides version control, reporting, requirements management, project management, automated builds, testing and release management capabilities. (Fetches: Users, Groups) (6.1.10.4)
- Beeline
- Beeline is a cloud-based system for managing and procuring employees and services. (Fetches: Users) (6.1.18.0)
- Black Duck
- Black Duck is a software composition analysis tool for managing open source risks. (Fetches: Application Resources) (6.1.26.0)
- Brinqa
- Brinqa is a cyber risk management platform that helps businesses identify and remediate vulnerabilities. (Fetches: Users) (6.1.3.0)
- Cadency
- Cadency is a financial management platform that automates and controls the record-to-report process. (Fetches: Users) (6.1.30.0)
- Censys ASM
- Censys ASM is a tool designed to provide attack surface management by identifying and monitoring threats and exposures. (Fetches: Devices, Activities, Certificates, Application Resources) (6.1.23.1)
- CaptivateIQ
- CaptivateIQ is a commission management platform that automates sales compensation and incentive calculations. (Fetches: Users) (6.1.30.0)
- Cervello
- Cervello is a railway cybersecurity platform that monitors, protects, and manages rail operations. (Fetches: Devices) (6.1.19.0)
- Checkmarx One
- Checkmarx One is an application security platform that provides static and dynamic application security testing. (Fetches: Vulnerabilities, SaaS Applications, Application Services) (6.1.28.0)
- Cisco Adaptive Security Appliance (ASA)
- Cisco Adaptive Security Appliance (ASA) Software is the core operating system for the Cisco ASA Family, delivering firewall capabilities for ASA devices in an array of form factors. (Fetches: Devices, Users) (6.1.19.0)
- Cisco Common Service Platform Collector (CSPC)
- The Cisco Common Service Platform Collector (CSPC) is an SNMP-based tool that discovers and collects information from the Cisco devices installed on companies' networks. (Fetches: Devices) (6.1.6.0)
- Citrix Application Delivery Management (ADM)
- Citrix Application Delivery Management (ADM) is a platform enabling automation, orchestration, management, and analytics across hybrid multi-cloud environments. (Fetches: Devices) (6.1.7.0)
- Claroty Cloud
- Claroty Cloud is a cyber-physical security (CPS) platform for IoT security. (Fetches: Devices) (6.0.18.8)
- Cornerstone
- Cornerstone is an AI-powered talent management software that helps businesses to recruit, train, and manage their employees. (Fetches: Users) (6.1.27.0)
- CSV - Networks
- CSV - Networks imports information about networks from a CSV file. You can use this adapter to fetch a bulk list of network segments. (6.1.31.0)
- CSV - URLs
- CSV - URLs imports information about URLs from a CSV file. (6.1.31.0)
- CyberArk Privilege Cloud
- CyberArk Privilege Cloud is a privileged access management (PAM) solution for securing, managing, and monitoring privileged accounts. (Fetches: Users) (6.1.12.0)
- CyberGRX (Global Risk Exchange)
- CyberGRX (Global Risk Exchange) is a collaborative risk exchange platform for managing third-party cyber risk assessments. (Fetches: Devices) (6.1.10.0)
- Cynerio
- Cynerio is a healthcare IoT security platform that identifies, monitors, and secures connected medical devices. (Fetches: Devices, Vulnerabilities) (6.1.18.0)
- Dazz
- Dazz provides automated remediation processes for applications, code, clouds, and infrastructure. (Fetches: Devices, Vulnerabilities, SaaS Applications) (6.1.26.0)
- Dell Unisphere for PowerMax
- Dell Unisphere for PowerMax is a management tool for administering and monitoring PowerMax storage arrays. (Fetches: Devices) (6.1.15.0)
- DeviceTotal
- DeviceTotal is an agentless attack surface management solution. (Fetches: Devices) (6.1.8.0)
- Dialpad
- Dialpad is a cloud-based communication and collaboration platform for voice, video, and messaging. (Fetches: Users) (6.1.10.7)
- Digi
- Digi provides IoT solutions including hardware, software, and services for connecting and managing IoT devices and networks. (Fetches: Devices) (6.1.14.0)
- DNSFilter
- DNSFilter is a cloud-based web content filtering solution that protects users from accessing malicious or inappropriate websites. (Fetches: Devices) (6.1.17.0)
- Docker Engine
- Docker Engine is an open-source containerization technology that helps development teams build and manage applications. (Fetches: Devices) (6.1.5.0)
- EasyRedir
- EasyRedir is a URL redirection management platform that creates, analyzes, and manages redirects while automatically provisioning and renewing SSL certificates. (Fetches: Devices) (6.1.29.0)
- EcoStruxure IT Advisor
- EcoStruxure IT Advisor is asset and planning software that facilitates OpEx management. (Fetches: Devices) (6.1.10.0)
- Efecte
- Efecte is an IT service management (ITSM) and collaboration platform with a focus on SaaS security and configuration management. (Fetches: Devices) (6.1.4.0)
- Everbridge
- Everbridge is an emergency notification and critical event management platform for communicating during incidents or crises. (Fetches: Users) (6.1.17.0)
- Exabeam Cloud
- Exabeam Cloud is a cloud-based Security Information and Event Management (SIEM) solution. (Fetches: Devices) (6.1.12.0)
- FileWave
- FileWave offers unified device management for all devices, platforms, and environments. (Fetches: Devices) (6.1.17.0)
- FireMon Asset Manager
- FireMon Asset Manager is a network visibility solution for cyber situational awareness and compliance monitoring. (Fetches: Devices) (6.1.6.0)
- FortiCloud
- FortiCloud is a cloud-based platform offering compliance, security and management services for Fortinet solutions. (Fetches: Devices) (6.1.8.0)
- Fortify On Demand
- Fortify On Demand delivers application security as a service, providing security testing and vulnerability management. (Fetches: Devices, Users) (6.1.17.0)
- Foxpass
- Foxpass is an Identity and Access Management (IAM) solution that centralizes and automates access control for servers and applications. (Fetches: Users) (6.1.27.0)
- Freshdesk
- Freshdesk is a cloud-based customer support platform that was founded with the mission of enabling companies of all sizes to provide great customer service. (Fetches: Users) (6.1.30.0)
- Gainsight PX
- Gainsight PX is a product experience platform that helps businesses understand and improve user engagement with their software products. (Fetches: Users) (6.1.20.1)
- Generic SCIM
- Generic SCIM, or the System for Cross-domain Identity Management, is a protocol for automating the exchange of user identity information between identity domains and IT systems. (Fetches: Users, Groups) (6.1.28.0)
- Google Tag Manager
- Google Tag Manager is a tag management system for web pages that allows marketers and developers to manage and deploy marketing tags and other code snippets on their websites. (Fetches: Users) (6.1.16.0)
- Harness
- Harness is a self-service CI/CD platform that allows engineers and DevOps to build, test, deploy, and verify software. (Fetches: Users) (6.1.30.0)
- Honeywell Cyber Watch
- Honeywell Cyber Watch is a cybersecurity software that identifies and manages OT cyber threats, providing insights into vulnerabilities, configuration issues, and compliance gaps. (Fetches: Devices) (6.1.30.0)
- HPE GreenLake for Compute Ops Management
- HPE GreenLake for Compute Ops Management is a cloud-based management platform for automating and optimizing compute operations. (Fetches: Devices) (6.1.20.1)
- IBM Turbonomic
- IBM Turbonomic is a performance and cost optimization platform for public, private, and hybrid cloud. (Fetches: Users) (6.1.11.0)
- Intel 471
- Intel 471 provides cyber threat intelligence to assess, identify, and manage potential risks. (Fetches: Devices, Vulnerabilities, SaaS Data) (6.1.25.0)
- Intigriti
- Intigriti is a platform for security testing that assesses risk to prioritize remediation. (Fetches: Devices, Vulnerabilities) (6.1.22.2)
- IONIX (formerly Cyberpion)
- IONIX (formerly Cyberpion) is a SaaS-based external attack surface management solution. (Fetches: Devices) (6.1.20.1)
- IPDB (BT Diamond IP IPControl)
- BT Diamond IP IPControl (IPDB) is IP address management (IPAM) software designed to manage and allocate IP addresses in enterprise networks. (Fetches: Devices) (6.1.14.0)
- JDisc Discovery
- JDisc Discovery is a network inventory and documentation tool that helps identify and manage IT assets and networks. (Fetches: Devices) (6.1.26.0)
- JetBrains
- JetBrains is an integrated development environment (IDE) for software development that provides a suite of tools and features to help developers write, test, and deploy code. (Fetches: Licenses) (6.1.19.0)
- JFrog Xray
- JFrog Xray is a software composition analysis (SCA) tool that scans software artifacts for security vulnerabilities, open source license compliance, and software quality. (Fetches: Devices) (6.1.10.0)
- Jira Service Management (Service Desk) Fetch Tickets
- Jira Service Management (Service Desk) is a project management tool that helps software development teams plan, track, and release software. (Fetches: Tickets) (6.1.16.0)
- Lattice
- Lattice is a people management platform that allows human resources teams to engage employees and measure performance. (Fetches: Users) (6.1.13.0)
- LeanIX
- LeanIX is a cloud-based software platform that helps companies manage and optimize their IT infrastructure and applications. (Fetches: Devices) (6.1.6.4)
- Lexsynergy
- Lexsynergy is a domain management platform that helps organizations manage and protect their domain assets. (Fetches: Devices) (6.1.28.0)
- LMNTRIX
- LMNTRIX offers a security-as-a-service platform that provides threat detection and response capabilities. (Fetches: Devices) (6.1.26.0)
- LogicGate
- LogicGate provides a governance, risk, and compliance (GRC) platform. (Fetches: Users) (6.1.17.0)
- Mandiant Threat Intelligence
- Mandiant is a cybersecurity platform offering threat intelligence, incident response, and security consulting services to detect and mitigate advanced cyber threats. (Fetches: Users) (6.1.30.0)
- Manifestly
- Manifestly is a checklist, workflow, and SOP platform for managing recurring team tasks. (Fetches: Users) (6.1.30.0)
- Meta Business
- Meta Business is a customer relationship management (CRM) and advertising platform for management of customer data, marketing campaigns, and advertising efforts across Meta's social media platforms. (Fetches: Users) (6.1.18.0)
- Microsoft Power BI
- Microsoft Power BI is a business analytics tool for visualizing and sharing data insights across an organization. (Fetches: Users, Groups, Compute Services) (6.1.17.7)
- Microsoft Teams
- Microsoft Teams is a workspace for real-time collaboration and communication, meetings, file and app sharing. (Fetches: Devices) (6.1.11.0)
- Mimecast - V2
- Mimecast provides a mail management system designed to protect email, ensure access and simplify the tasks of managing email. (Fetches: Users) (6.1.1.0)
- Nautobot
- Nautobot is a network documentation and automation platform for managing network resources. (Fetches: Devices) (6.1.8.2)
- NetApp Centralized Employee Directory
- NetApp Centralized Employee Directory (CED) enables retrieval of job and contact information on NetApp employees and contractors. (Fetches: Users) (6.1.28.0)
- Netreo
- Netreo is an IT infrastructure monitoring platform. (Fetches: Devices) (6.1.5.1)
- Nexthink Query Language (NQL)
- Nexthink Query Language (NQL) is a programming language developed by Nexthink for querying data from its platform. (Fetches: Devices, Users) (6.1.3.2)
- Nozomi Vantage
- Nozomi Vantage is a SaaS platform for global network monitoring and protection. (Fetches: Devices) (6.1.21.0)
- Onapsis
- Onapsis cybersecurity solutions automate the monitoring and protection of SAP and Oracle applications. (Fetches: Devices) (6.1.11.0)
- Oracle Identity and Access Management (IAM)
- Oracle Identity and Access Management (IAM) is a software suite that enables enterprises to manage and automate user identities. (Fetches: Users) (6.1.10.0)
- Paycom
- Paycom is a programmatic interface for managing user roles and permissions. (Fetches: Users) (6.1.17.0)
- PDQ Connect
- PDQ Connect is a remote desktop and server management tool that allows IT administrators to remotely access and manage Windows computers and servers. (Fetches: Devices) (6.1.17.0)'
- PingID Enterprise
- PingID Enterprise is a cloud-based multi-factor authentication (MFA) platform that supports enterprise solutions for software applications. (Fetches: Devices, Users) (6.1.30.0)
- PolarNG
- PolarNG is ICE’s comprehensive asset management database. (Fetches: Devices, Software) (6.1.30.0)
- PowerDNS
- PowerDNS is an open-source DNS server program, offering both authoritative and recursive DNS services. (Fetches: Devices) (6.1.1.3)
- Proxyclick
- Proxyclick App is a visitor management system that helps companies digitize the check-in process for employees, contractors, and visitors. (Fetches: Users) (6.1.0.3)
- Qualys VMDR OT
- Qualys VMDR OT is a cloud-based platform for asset inventory and vulnerability management of critical industrial infrastructure. (Fetches: Devices) (6.1.5.0)
- Qualys WAS
- Qualys WAS is a web application scanning tool for identifying vulnerabilities in web applications. (Fetches: Vulnerabilities, SaaS Applications, Application Services) (6.1.22.0)
- Rapid7 Insight AppSec
- Rapid7 Insight AppSec performs black-box security testing to identify vulnerabilities, triage vulnerabilities, prioritize actions, and remediate application risk. (Fetches: Devices) (6.1.18.0)
- RemotePC
- RemotePC is a tool for remote access and control of computers and devices. (Fetches: Devices, Users) (6.1.5.2)
- Responsive
- Responsive is a strategic response management and RFP software platform. (Fetches: Users) (6.1.30.0)
- Restorepoint
- Restorepoint is a platform that automates network configuration backup, recovery, change auditing, and compliance analysis for multiple vendors. (Fetches: Devices) (6.1.31.0)
- Revivn
- Revivn is a SaaS platform that facilitates the repurposing of unused and outdated IT hardware for underserved communities. (Fetches: Devices) (6.1.30.0)
- Safenames
- Safenames is a domain management and brand protection service that supports companies in managing their domain portfolios, safeguarding trademarks, and ensuring online compliance. (Fetches: Devices) (6.1.30.0)
- SafeNet Trusted Access
- SafeNet Trusted Access is a cloud-based access management solution that provides secure access to applications and data. (Fetches: Users) (6.1.30.0)
- Safe Security
- Safe Security is a platform that provides real-time cyber risk quantification and management. (Fetches: Devices, Users) (6.1.24.0)
- Securonix SNYPR
- Securonix SNYPR is a platform for security analytics, using machine learning to detect and respond to threats. (Fetches: Devices, Users) (6.1.25.0)
- Silverfort
- Silverfort is a unified identity protection platform that integrates with IAM solutions to provide secure access to company resources. (Fetches: Users) (6.1.25.4)
- SolarWinds Pingdom
- SolarWinds Pingdom is a website and server monitoring tool that helps organizations track the uptime, performance, and availability of their web-based applications and services. (Fetches: Users) (6.1.16.0)
- SPEKTRA
- NTT SPEKTRA (Sentient Platform for Network Transformation) is a managed network services platform. (Fetches: Devices) (6.1.0.2)
- Spirent Velocity
- Spirent Velocity is a software deployment and release management tool used for automating application deployments. (Fetches: Devices) (6.1.17.6)
- Tangoe Managed Mobility Services (MMS)
- Tangoe Managed Mobility Services (MMS) provides end-to-end mobile lifecycle management. (Fetches: Devices, Users) (6.1.6.0)
- Trace3 LAMP
- Trace3 Technology Lifecycle Management Platform (LAMP) is an IT Asset Management (ITAM) platform. (Fetches: Devices) (6.1.4.2)
- Twilio
- Twilio is a customer engagement platform that offers programmable communication solutions. (Fetches: Accounts/Tenants) (6.1.30.0)
- UnifiedFX PhoneView
- UnifiedFX PhoneView is a Cisco Preferred Solutions Partner which offers Cisco Phone Management Software. (Fetches: Devices) (6.0.18.8)
- Veritas NetBackup
- Veritas NetBackup is an enterprise backup solution offering data management, automation, artificial intelligence, and elastic architecture. (Fetches: Devices) (6.1.2.2)
- Verkada
- Verkada is a cloud-based security platform offering video surveillance, access control, and environmental sensors. (Fetches: Devices, Users) (6.1.19.0)
- Windows Server Update Services (WSUS) SQL
- Windows Server Update Services (WSUS) - SQL, previously Software Update Services (SUS), enables administrators to manage the distribution of updates and hotfixes released for Microsoft products. (Devices) (6.1.1.0)
- Wrike
- Wrike is software designed to help teams plan, organize, manage, and track tasks and projects. (Users) (6.1.18.0)
- Zscaler Client Connector
- Zscaler Client Connector enables secure access to business applications from any device. (Fetches: Devices) (6.0.18.8)
Updated Adapters
The following adapters were enhanced:
- Abnormal Security - Email Domain was added to connection parameters. (6.1.14.0)
- Absolute - Added the option to fetch only the latest installed app version of devices. (6.1.13.0)
- Adobe - Added support for fetching licenses along with other SaaS data. (6.1.5.0)
- Adobe Acrobat Sign
- Added the option to fetch full data per user. (6.1.5.0)
- Added the capability to enter a comma-separated list of users to filter with specified user statuses. (6.1.5.0)
- Airlock Digital
- Added the option to fetch information about group policies. (6.1.3.0)
- Port was added to connection parameters. (6.1.27.0)
- Aruba ClearPass - Added the option to set endpoint devices as network infrastructure devices. (6.1.1.5)
- AssetPanda
- Added the option to parse the invoice number. (6.1.8.0)
- Added the option to parse the PO number. (6.1.8.0)
- Added the option to parse the employee status field. (6.1.8.0)
- Added the option to fetch employee group assets as users. (6.1.28.0)
- This adapter now supports API version 3.1. (6.1.29.0)
- Atlassian (Formerly Atlassian Jira Software) - Added the capability to enter the number of users per a single request. (6.1.27.5)
- AWS
- Added the option to split subnets of a VPC network into individual assets. (6.1.3.0)
- Added the option to fetch CloudFormation Stacks as assets. (6.1.4.0)
- Added the option to fetch AWS step functions as assets. (6.1.4.0)
- Added the option to fetch AWS Service Catalogs as assets. (6.1.4.0)
- Added the option to fetch CloudWatch Alarms as assets. (6.1.4.0)
- Added the option to fetch the Kinesis Data analytics as devices. (6.1.5.0)
- Added the option to fetch Lightsail instances as devices. (6.1.23.0)
- Added the option to fetch Direct Connect data assets associated with Network Services. (6.1.6.0)
- Amazon Route 53 DNS records can now be fetched as Network Service assets (6.1.11.0)
- SSM Parameters Store are now fetched as Configuration assets. (6.1.19.3)
- Added the option to fetch Elastic Beanstalk environments as assets. (6.1.26.0)
- Axonius Network Discovery
- Added the capability to configure how to fetch certificates, either in normal fetch, background fetch or not all. (6.1.10.0)
- Added the capability to configure custom ports to scan. (6.1.17.0)
- Axonius Users - Added the capability to enter a number of days to retrieve all activity logs for that user in that time range. (6.0.0.1)
- Azure DevOps
- Added the option to fetch the Git Repositories from the projects in Azure DevOps. (6.1.8.0)
- Added the option to fetch Git Commits from a specified day count. (6.1.25.0)
- Added the option to fetch users' projects. (6.1.25.0)
- BambooHR
- Added the capability to enter the name of the LOA employee table to fetch from. (6.1.0.0)
- It is now possible to fetch data from more than one table. (6.1.10.0)
- BigFix Compliance Analytics (formerly SCA)
- Added the capability to enter a comma-separated list of checklist IDs to fetch from. (6.1.8.0)
- Added the capability to only fetch devices and enrichments that were last seen X days ago. (6.1.27.0)
- Added the capability to set the number of entities returned per page request. (6.1.27.0)
- Added the option to fetch vulnerabilities. (6.1.27.0)
- Bitbucket - Added the option to use OAuth2 client credentials to authenticate Bitbucket API V2. (6.1.28.0)
- BitSight Security Ratings - Added the option to fetch company assets. (6.1.8.0)
- BloodHound - Added support for SaaS instances of BloodHound. (6.1.5.0)
- BlueCat Enterprise DNS - Added proxy values (HTTPS Proxy, HTTPS Proxy User Name, and HTTPS Proxy Password) to the adapter connections. (6.1.25.2)
- Censys
- Added the capability to upload a CSV file with a list of subnets to be used for fetching data from Censys. (6.1.24.0)
- Added the option to select the version number of the Censys API. (6.1.24.0)
- Checkmarx SAST - This adapter now fetches users. (6.1.28.0)
- Cisco DNA Center
- Added the option to fetch additional devices from the default “Client Detail” report. (6.1.4.0)
- Users can now configure the “Client Detail” report by name. (6.1.5.2)
- Cisco Firepower Management Center - Added the option to fetch firewall rules as assets. (6.1.23.1)
- Cisco Identity Services Engine (ISE) - Added the option to add authentication status data for each fetched endpoint. (6.1.15.0)
- Cisco Intersight
- Added the option to fetch chassis devices as assets. (6.1.12.0)
- Added the option to fetch SAN switches as assets. (6.1.12.0)
- Added the option to override the available name in the SAN Switch API response using the MDS prefix along with the Network Policy Name. (6.1.20.1)
- Cisco Meraki
- Added the option to fetch firewall rules. (6.1.19.0)
- Added the option to fetch additional data for Cisco Meraki MDM devices. (6.1.23.3)
- Cloudflare DNS - Added the option to fetch certificates. (6.1.13.0)
- Cloudflare Zero Trust
- Added the option to add subdomain data for each device. (6.1.5.0)
- Added the option to add policy data for each user. (6.1.5.0)
- Code42 Incyder - Added the option to ignore devices fetched from Code42 with the values “Deactivated” or “Blocked” in the status field. (6.1.4.0)
- Cribl - Port was added to connection parameters. (6.1.27.0)
- CrowdStrike Falcon
- Added the option to enable the parsing of vulnerability descriptions (disabled by default). (6.0.19.3)
- Added the capability to avoid duplicate devices. (6.1.16.0)
- Added the capability to set the amount of requests per second. (6.1.21.0)
- This adapter now fetches application settings. This is optional and can be disabled. (6.1.24.0)
- Added the capability to specify a list of group names to be excluded. (6.1.28.0)
- Added the option to fetch configuration assessments for the device. (6.1.30.0)
- CrowdStrike Falcon Discover
- Added the capability to only fetch applications used in the selected amount of days. (6.1.1.2)
- Added the option to configure a pattern to apply to an interface alias in order to identify a historical IP address and record it separately from current IP addresses. (6.1.2.0)
- Added the capability to filter devices by their discoverer count field. (6.1.6.0)
- Added enhanced device search settings. (6.1.17.0)
- CrowdStrike Falcon Identity Protection (Preempt)
- Added the option to rename risk factors. (6.1.9.0)
- Added the option to exclude devices with the risk factor type of 'UNMANAGED_HOST'. (6.1.11.0)
- CrowdStrike Kubernetes Protection - This adapter now fetches compute services and containers. (6.1.18.0)
- CSV -
- Added the option to allow the system to support assets with empty fields. If an asset was created with a field that contained a value, when the CSV file subsequently contains an empty field with the same name, the device or user asset will display that field without a value in it. (6.1.15.2)
- Added an option to explicitly parse double quotes as escaping, to prevent errors that might occur by incorrect dynamic parsing of double quotes. (6.1.24.0)
- Added an option to set content key in JSON when fetching the CSV file via URL. (6.1.8.5)
- Added support for Base64 encoding type. (6.1.8.5)
- Added an option to import a databases file containing a list of databases as assets. (6.1.28.0)
- CyberArk Alero
- Tenant ID and Service Account JSON were added to connection parameters. (6.1.4.0)
- API Key was removed from connection parameters. (6.1.4.0)
- CyberArk Idaptive - Added the option to fetch user roles and user groups. (6.1.20.1)
- CyberArk Privileged Account Security
- Added the option to fetch the activities for each account. (6.1.0.0)
- Added the option to fetch additional data about each account. (6.1.0.0)
- Added support for OAuth2 authentication. (6.1.4.0)
- Added the option to parse the domain value as an associated device. (6.1.10.0)
- CyCognito Platform
- Added the option to fetch domains. (6.1.12.0)
- Added the option to fetch vulnerabilities. (6.1.16.0)
- Darktrace - Added the capability to select the types of devices to fetch. (6.1.5.0)
- Databricks - This adapter now fetches users. (6.1.14.0)
- Dell OpenManage Enterprise
- Added the option to fetch warranties of each device. (6.1.11.0)
- This adapter now fetches users. (6.1.20.1)
- Added the option to fetch the compliance statuses of each device and the components of the device. (6.1.21.0)
- Dell TechDirect - Service Tag CSV Column Header was added to connection parameters. (6.1.28.0)
- DigiCert CertCentral
- This adapter now fetches certificates as assets. (6.1.19.0)
- Added the capability to create either certificate assets, device assets, or both assets. (6.1.19.0)
- Added the option to fetch order certificate notes. (6.1.19.0)
- Druva Cloud Platform - Added the option to fetch the Microsoft 365 apps status configured to backup as an Application asset type. (6.1.16.0)
- Duo Beyond
- Added the option to not fetch phones as devices. (6.1.10.0)
- Added the option to fetch users with the Telephony Logs by phone number. (6.1.14.0)
- Added the capability to specify the amount of days back to look for credit usage logs. (6.1.17.0)
- Dynatrace - Added the option to categorize devices under different asset types. (6.1.12.0)
- Eagle Eye Networks - Added the option to enrich the device with extra device information. (6.1.4.0)
- EfficientIP SOLIDserver DDI - Added the option to fetch DHCP scopes, ranges, leases, and statics as devices. (6.1.24.0)
- Entrust - This adapter now fetches certificates. (6.1.10.0)
- Eracent - Added the option to use the field "LanName" instead of "DnsName" for the Hostname field. (6.1.24.0)
- F5 BIG-IP iControl - This adapter now fetches compute services. (6.1.24.2)
- FireMon Security Manager - Added the option to try to parse SyslogMatch Names as IP addresses or serial numbers. (6.1.9.0)
- FleetDM - Added the option to use a different custom API path. (6.1.23.1)
- FlexNet Manager Suite Cloud - Added the option to fetch Software Technopedia fields. (6.1.22.0)
- Forcepoint ONE - This adapter now fetches users, software, activities, and SaaS applications.
- Foreman - Added the option to fetch the APT security updates count. (6.1.15.0)
- ForeScout CounterACT - Added the option to map ForeScout script results to device fields. (6.1.18.0)
- FortiClient EMS
- Added support for cloud version of FortiClient EMS. (6.1.9.0)
- This adapter now supports API versions higher than 6.4. (6.1.28.0)
- Fortinet FortiGate - Added the option to fetch VPN SSL sessions as Devices. (6.1.0.0)
- Forward Networks
- Added the option to use the networks API to fetch devices. (6.1.13.0)
- Added the option to fetch vulnerabilities. (6.1.16.0)
- Freshservice - Added the option to fetch device relationships from Freshservice. (6.1.7.0)
- GitHub -
- Added the option to fetch commit history for each repository, if available. (6.1.28.0)
- For GitHub Enterprise users, added the option to enter a Custom Login URL as a connection parameter. (6.1.28.0)
- GoDaddy
- Added support for the GoDaddy v2 API. (6.1.2.0)
- Added support for certificates as assets. (6.1.10.0)
- Google Cloud Platform (GCP)
- Added the option to fetch all Google Cloud Compute Disk Images, Snapshots and Templates. (6.1.2.0)
- Added the option to split subnets of a VPC network into individual assets. (6.1.5.0)
- Added the option to fetch only compute devices that are turned on. (6.1.11.0)
- Added the option to fetch Serverless Functions from the 'Cloud Functions' service. (6.1.21.0)
- Added the option to fetch APIs from Apigee. (6.1.30.0)
- Google Workspace
- Added an advanced setting to populate the asset name with the value of the Annotation ID (when the value exists) instead of using the value in the Name field. (6.1.2.2)
- Added proxy values (Proxy address, Proxy port, Proxy username, and Proxy password) to the adapter connections. (6.1.6.4)
- Added the option to use the host name as the asset name, when the host name exists. (6.1.9.1)
- The 'Fetch User Audit Logs' advanced setting was changed to 'Number of days for Audit Log data.' Users can enter the number of days before the last successful fetch to retrieve audit logs for. (6.1.16.2)
- Added the option to fetch group permissions as group dynamic fields. (6.1.23.0)
- Guardicore - Added the option to fetch full agent information for a device. (6.1.7.0)
- Halcyon - This adapter now fetches users. (6.1.19.0)
- Have I Been Pwned - Added the capability to retrieve all breached accounts associated with a domain. (6.1.9.0)
- IBM Guardium - Added the option to fetch data sources. (6.1.24.0)
- Imperva Data Activity Monitoring (DAM)
- Added the option to fetch DAS assessment results. (6.1.22.0)
- Added the option to use the database name for the asset name. (6.1.22.0)
- Infoblox DDI
- Added the option to fetch DNS CNAME records. (6.1.5.0)
- Added the option to fetch DHCP address ranges. (6.1.7.0)
- Added the option to fetch Infoblox networks as assets. (6.1.11.0)
- Added the option to fetch shared A records from Infoblox. (6.1.12.0)
- Intigriti
- Authorization Code was replaced with Refresh Token in connection parameters. (6.1.28.0)
- Redirect URLs and Scopes were removed from connection parameters. (6.1.29.0)
- Ivanti Endpoint Security
- Added the capability to select an API version. (6.1.16.1)
- Username and Password for API v2 were added to connection parameters. (6.1.22.0)
- Jamf Pro - This adapter now fetches users. (6.1.24.0)
- JetBrains - Added the option to use API Key authentication for this adapter. (6.1.27.0)
- JFrog Artifactory
- Added the option to use a user name and password for authentication. (6.1.15.0)
- Added the option to not fetch users. (6.1.15.0)
- Jira Service Management - Added the option to use the "Updated" field as "Last Seen". (6.1.21.2)
- Jira Service Management (Service Desk) Fetch Tickets - Added the capability to use custom schema entries to add JSON text to show in basic view. (6.1.22.1)
- JSON - JSONL format is now supported. (6.1.16.0)
- Juniper Junos Space - Added the option to fetch users. (6.1.12.0)
- Kandji - Added the option to fetch devices not yet enrolled. (6.1.7.0)
- Keyfactor
- This adapter now fetches users. (6.1.24.0)
- Added permissions that are required in order to use the endpoint 'GET SSH Users'. (6.1.24.0)
- Added the option to fetch certificates from collections the customer has in Keyfactor. (6.1.24.0)
- KnowBe4 - Added the option to remove fields without value from the latest fetch. (6.1.19.0)
- Kolide K2 - Added the capability to enrich Kolide devices using a custom report that will be fetched from
api/v0/reporting/queries/{query_id}
. (6.1.14.0) - Lakeside SysTrack - Added the option to fetch the local member inventory for each system. (6.1.4.0)
- Landscape
- Added the option to fetch devices with packages installed on Linux laptops covered by Landscape. (6.1.20.1)
- Added the option to parse the title to Last Used Users and the hostname to Asset Name. (6.1.20.1)
- Added support for API v2. (6.1.25.0)
- Added the option to fetch devices with snaps installed on Linux laptops covered by Landscape (API v2 only). (6.1.25.0)
- Lansweeper Cloud - Added the option to fetch vulnerabilities. (6.1.23.0)
- Linux SSH Scan now supports Solaris. (6.1.6.0)
- LogicMonitor - Added the capability to enter fields from
autoProperties
field in the device's JSON to dynamically parse them into queryable fields (both common and specific). (6.1.18.0) - LogRhythm - Added the capability to enter a record status with which to ignore devices. (6.1.23.0)
- Lookout Mobile Endpoint Security
- Added the option to use the version 2 of the API, which uses only the API key (without a username or password). (6.1.7.0)
- Added the option to fetch vulnerabilities from
/mra/api/v2/os-vulns/android
and/mra/api/v2/os-vulns/ios
and add them to devices with the same OS version. (6.1.23.0)
- ManageEngine Endpoint (Desktop) Central and Patch Manager Plus
- Added the option to fetch vulnerability data (6.1.11.2)
- Added the option to fetch data from
/inventory/scancomputers
endpoint. (6.1.21.0) - Added the capability to set the number of assets to manage per page. (6.1.26.0)
- ManageEngine OpUtils
- Added the option to fetch assets asynchronously. (6.1.8.2)
- Added the option to ignore devices without IP to DNS values. (6.1.8.2)
- Mandiant
- Added the option to fetch entities last seen by the number of days specified. (6.1.5.0)
- Added the option to use
last_seen_after:configured_scan_count
query to fetch only active entities. (6.1.5.0) - Added the option to add more details to the information fetched per each entity. (6.1.5.0)
- MarkMonitor - Added the option to remove user fetch functionality. (6.1.8.0)
- McAfee ePolicy Orchestrator (ePO)
- Added the capability to enter values to the list of query IDs to enrich each device. (6.1.6.0)
- Added the option to fetch COAMS data. (6.1.7.0)
- Added the option to change software names using regular expressions. (6.1.17.0)
- Medigate - Added the option to fetch vulnerabilities. (6.1.26.0)
- Microsoft Active Directory (AD)
- Added the option to fetch data from Active Directory Sites. (6.1.8.0)
- Added the capability to enter a custom host map. (6.1.12.0)
- Microsoft Azure
- Tenants added to list of Azure services to fetch as assets. (6.1.11.0)
- This adapter now supports the asset type ‘Certificate’. (6.1.13.0)
- Certificates From Key Vaults added to list of Azure services to fetch as assets. (6.1.13.0)
- Secrets From Key Vaults added to list of Azure services to fetch as assets. (6.1.13.0)
- NetApp Accounts and NetApp Volumes added to list of Azure services to fetch as assets. (6.1.20.1)
- Added the capability to get the billing data per service. (6.1.20.1)
- Management Groups added to list of Azure services to fetch as assets. (6.1.28.0)
- Microsoft Cloud App Security
- Added the option to ignore Microsoft Cloud App Security users that do not have a domain field. (6.1.4.0)
- Added the option to ignore external users. (6.1.10.0)
- Added the option to select which fetching method to use to fetch user entities: normal, background, or none. (6.1.28.5)
- Microsoft Defender for Endpoint (Microsoft Defender ATP)
- Added the option to only fetch devices with hostname values. (6.1.5.0)
- Added the option to fetch vulnerability changes from Microsoft Defender for Endpoint. (6.1.21.0)
- Added the option to fetch only users that match the description of interactive in the MDE documentation. (6.1.23.0)
- Added the capability to enter one or more regex strings that can be used to identify users apart from other accounts. (6.1.23.0)
- Added the option to consider only the latest hostname field data received by Microsoft Defender for Endpoint to avoid duplicating hostnames. (6.1.28.1)
- Microsoft Endpoint Configuration Manager (MECM)
- Added the option to parse historical compliance status information to the Current Compliance Status field. (6.0.18.8)
- Added the option to parse the latest compliance status information to the Current Compliance field. (6.0.18.8)
- Added support for SSL. (6.1.8.0)
- Added the option to fetch software reported as uninstalled by SCCM. (6.1.9.1)
- Added the option to fetch "Unknown" software update compliance statuses. (6.1.19.0)
- The previous settings for fetching software update compliance statuses were merged into a single, new advanced setting that allows you to select up to 4 statuses to fetch. (6.1.26.0)
- Microsoft Entra ID (Azure AD) and Microsoft Intune
- The name of the 'Microsoft Azure AD and Microsoft Intune' adapter was changed to Microsoft Entra ID (Azure AD) and Microsoft Intune in line with changes by Microsoft. (6.1.1.0)
- Added the option to fetch autopilot device identities from Intune. (6.1.4.0)
- Added the option to disable fetch of groups and to list groups not to fetch. (6.1.7.0)
- Added the option to fetch administrative units as groups. (6.1.1.0) (available till 6.1.19.3)
- The option to fetch group app roles is now available to Cyber-Security Asset Management, not just SaaS Management. (6.1.11.0)
- Added the option to enrich mobile devices from Intune with application data. (6.1.1.0)
- Added the option to fetch role eligibility schedule instances of groups. (6.1.13.0)
- Added the option to fetch mailbox settings for each user and populate the field 'Has Mailbox' in Entra ID users. (6.1.17.0)
- Administrative Units are now fetched as Organizational Units by default. (6.1.19.3)
- Added the option to fetch legal hold information as accounts. (6.1.21.0)
- Added the option to fetch conditional access policies. (6.1.23.0)
- Added the option to fetch device configuration policy settings for Bitlocker and save them as configurations in Axonius. (6.1.26.0)
- Microsoft Power BI - Changed the authentication method for the adapter to be exclusively OAuth authentication. (6.1.24.0)
- Microsoft SCOM - Added support for SSL. (6.1.9.0)
- Mist - This adapter now fetches users (note that only admin users are fetched). (6.1.14.0)
- MongoDB - Added support for TLS (Transport Layer Security). (6.1.19.0)
- NetBrain - NetBrain Domain Name and NetBrain Tenant Name were added to the connection parameters. (6.1.4.0)
- Netdisco - Added the option to insert multiple subnets to be used in IP the Inventory Report. (6.1.31.0)
- Netskope - Added permissions for endpoints that are required in order to use API V2. (6.1.3.0)
- NTT Application Security - The name of the 'WhiteHat' adapter was changed to NTT Application Security.
- Nucleus Security - Added the capability to enter a list of project IDs to specify which projects you want to fetch from. (6.1.15.0)
- Okta
- Added the option to specify a list of data fields to exclude from the fetch. (6.1.10.0)
- Added the option to fetch security logs based on security.request.blocked and security.threat.detected events. (6.1.7.0)
- Added the option to fetch user information to populate in the relevant device-specific fields. (6.1.7.0)
- Added the option to fetch general Okta admin settings. (6.1.21.0)
- OneLogin
- Added the 'SSO Provider' option. (6.1.6.0)
- Added the option to enable rate limit override settings. (6.1.16.0)
- Added the option to not fetch SaaS Management-related entities. (6.1.16.0)
- Oracle Cloud - Added the capability to enter a comma-separated list of tag keys to be saved as fields. (6.1.8.0)
- Oracle Enterprise Manager - Added the capability to enter a comma-separated list of devices with specified type names to be fetched. (6.1.4.2)
- Oracle Fusion HCM Cloud - Added the capability to enter a list of sensitive fields to be included. (6.1.24.0)
- Orca Cloud Visibility Platform
- Added the option to parse all Orca tags as fields. (6.1.6.0)
- Added the option to fetch Orca types as specific asset types. (6.1.16.0)
- Added additional Orca types to fetch as specific asset types. (6.1.21.0)
- Palo Alto Networks Cortex XDR - Added the option to fetch the device serial number. (6.1.14.0)
- Palo Alto Networks Cortex Xpanse
- Added the option to categorize devices into different asset categories using their asset type. (6.1.11.0)
- Added the option to fetch vulnerabilities. (6.1.16.0)
- Palo Alto Networks IoT Security (Zingbox) - Added the option to fetch vulnerabilities. (6.1.10.0)
- Palo Alto Networks Panorama
- Added the option to connect NAT firewall rules (public to private IPs only) with Network assets. (6.1.6.0)
- Added the option to connect Access firewall rules (from untrust sources) with Network assets. (6.1.6.0)
- Added the option to fetch the one-day-old VPN login logs to parse users of type
LOGIN LOG
. (6.1.17.0)
- Palo Alto Networks Prisma Access
- Added the option to fetch Global Protect connected users. (6.1.16.0)
- Palo Alto Networks Prisma Cloud
- Added the capability to select how many days of alerts to fetch into devices. (6.1.7.0)
- Added the option to add the
heuristicSearch: true
parameter to the request. (6.1.8.0) - Added the capability to enter a comma-separated list of account names to fetch from. (6.1.12.0)
- Added the option to not include resource JSON. (6.1.12.0)
- Added the option to fetch from cloud types only. (6.1.16.0)
- Added the capability to enter Prisma Cloud types to fetch data as the specified asset type, instead of as devices. (6.1.21.0)
- PaperCut - API Health Token added to connection parameters. (6.1.3.1)
- PeopleHR - Added the option to fetch users that left. (6.1.18.0)
- phpIPAM - This adapter now fetches networks. (6.1.22.0)
- PingIDM (formerly ForgeRock) - The name of the 'ForgeRock' adapter was changed to PingIDM (formerly ForgeRock). (6.1.25.0)
- Promisec Endpoint Manager
- Added the capability to select the number of days back that the adapter fetches records from Promisec. (6.1.16.0)
- Added the capability to select which enrichments to perform. (6.1.19.0)
- Proofpoint Endpoint DLP - Added the option to use the latest version of the API. (6.1.2.0)
- PRTG Network Monitor - Added support for API Token. (6.1.14.0)
- Qualys Cloud Platform
- Added the option to fetch Web Applications. (6.1.5.0)
- Added the capability to enter Qualys tags to skip device ingestion. (6.1.11.0)
- Added the capability to edit the tickets, detections, and knowledge base advanced settings. (6.1.18.0)
Rapid7 InsightCloudSec - Added the option to fetch Insight findings. (6.1.11.1)
Rapid7 InsightIDR - Added the option to use the FQDN as a Host Name for devices. (6.1.1.2)
Rapid7 Nexpose and InsightVM - Added the capability to specify the wait time between retries when receiving errors. (6.1.19.0)
- Added the option to utilize complex queries to fetch data from the database. (6.1.6.0)
- Added the capability to fetch only devices and corresponding information if they were seen by Rapid7 Nexpose Warehouse in the number of days set. This allows the system to pull a recent history of the devices rather than the entire system history every fetch. (6.1.6.0)
Red Hat Automation Controller (Ansible Tower)
- Added the option to enable using the device name for the asset ID. (6.1.10.0)
- Added support for API Token. (6.1.12.0)
Red Hat Insights - Added the option to use API authentication for this adapter. (6.1.4.0)
RedSeal - Added the option to fetch metrics data. (6.1.14.0)
SailPoint IdentityIQ - Added the capability to specify the size of the chunk size per async request batch. (6.1.20.1)
- Added the capability to enter a list of private attributes to include with the users. (6.1.13.0)
- Added the option to fetch only users that satisfy the core filters. (6.1.19.0)
- This adapter now fetches rules. (6.1.23.0)
- Added the option to fetch entitlements of accounts and access profiles. (6.1.26.0)
- Added the option to fetch new audit logs: URI and Lightning URI events. (6.1.3.2)
- Added the option to use the
http://login.salesforce.com
URL for login in instead ofsub-domain.salesforce.com
. (6.1.14.0)
SAP Concur 4.x - Refresh Token is now used in the adapter connection instead of Company ID and Company Auth Token. (6.0.10.2)
Schneider Electric EcoStruxure IT Advisor - The name of the 'EcoStruxure IT Advisor' adapter was changed to Schneider Electric EcoStruxure IT Advisor.
- Added the option to ingest all ScienceLogic custom fields. (6.1.14.0)
- Added the capability to enter a list of additional fields to parse from the raw data. (6.1.23.0)
Sectigo - This adapter now fetches certificates. (6.1.22.0)
Secureworks Taegis XDR (Red Cloak TDR) - Added the capability to enter a list of tags to filter. (6.1.7.0)
- Added the option to remove old tags that are no longer being fetched from SentinelOne. (6.1.6.0)
- Added the option to fetch only the version with the most recent installed date for each software.(6.1.8.0)
- Added the option to fetch only the latest installed app. (6.1.9.0)
- Added the option to ignore vulnerabilities of software detected as an ubuntu package. (6.1.10.0)
- Added the option to ignore public IPs from the externalIp field. (6.1.27.0)
- Singularity Data Lake (SDL) API Key was added to connection parameters. (6.1.29.0)
- Added the option to to enable fetch from the Skylight query. (6.1.29.0)
- Added the option to fetch active extensions. (6.1.3.2)
- Added the ability to fetch the Application Settings SaaS Data from Script Action, Email Filter, and Antivirus settings. (6.1.5.3)
- Added the option to extract the correct software name and version when the field fetched by ServiceNow does not contain this correctly. (6.1.8.0)
- Added the option to fetch active model lifecycle information from the cmdb_hardware_model_lifecycle table and parse it as a list object named “Model Lifecycle”. (6.1.12.0)
- Added the option to fetch Application Services as assets. (6.1.19.0)
- Added the option to append device model to OS strings, when specified strings are in the Model field in ServiceNow. (6.1.20.1)
- Added the capability to enter a list of tables to fetch Business Application from. (6.1.24.4)
- Added the option to fetch field values and populate them into the Enforcement Action field mapping lists. (6.1.5.3)
- Added the option to retrieve data by accessing resources with an APIgee connection. (6.1.28.4)
- Added the option to fetch sites as Application Resource assets instead of devices. (6.1.5.0)
- Added the option to fetch site permissions.(6.1.10.7)
- Added the capability to enter names of lists to fetch sites from. (6.1.17.0)
- Added the option to define a list of additional ticket tables to fetch tickets from. (6.1.23.0)
Skybox Firewall Assurance - This adapter now fetches firewall rules as assets. (6.1.25.0)
Slack - Added the option to fetch user groups. (6.1.27.0)
Snyk - Added the option to enrich the organization name in devices. (6.1.20.1)
SolarWinds Network Performance Monitor
- Added the option to select the IPAM devices to fetch according to their status. (6.1.3.2)
- Added the option to fetch stack members. (6.1.13.0)
- Added the option to fetch dependencies information. (6.1.15.0)
- Added the option to fetch subnet info from IPAM by the node IP. (6.1.17.0)
- Added the capability to specify a comma-separated list of additional SolarWinds custom fields to fetch. (6.1.28.0)
Sophos Endpoint Protection - Added support for the Sophos Central APIs and the Sophos Endpoint API. This included updating the connection screen to use Client ID and Client Secret and adding Required Permissions. (6.1.9.3)
SQL Server -Added an option to allow the system to support assets with empty fields. If an asset was created with a field that contained a value, when the SQL file subsequently contains an empty field with the same name, the device or user asset will display that field without a value in it. (6.1.17.0)
Stairwell - Added the option to parse the hostname and serial number if there are spaces surrounding the hyphen in the asset name for macOS devices. (6.1.11.0)
SUSE Manager - Added Advanced Settings allowing to enrich the fetched devices with additional data on system groups, extra packages, or currency stores. (6.1.29.0)
SymphonyAI Summit - Added support for fetching tickets. (6.1.14.5)
Sysdig - Added the option to select the type of client (Monitor or Secure). (6.1.15.4)
- Added the option to round the
Total RAM (GB)
field to the closest power of 2. (6.1.20.1) - Added the option to deduplicate devices. (6.1.22.0)
- Added the option to round the
Tanium Client Status - Added the option to deduplicate devices. (6.1.23.0)
Tanium Comply - Added the option to fetch installed software. (6.1.11.0)
Tanium Discover - Added the option to deduplicate devices. (6.1.16.0)
Tenable.asm - Added the capability to enter a list of tags to filter. (6.1.3.0)
Tenable Identity Exposure (formerly Tenable.ad) - API Secret no longer required for configuration. (6.1.1.0)
- Added the option to use the most recent CVSS version as the CVSS Score. (6.1.12.0)
- Added the capability to enter a value to restrict compliance findings to those that were updated or indexed into Tenable Vulnerability Management after X days. (6.1.22.0)
- Added the option to skip devices with IP in the hostname. (6.1.24.0)
- Added the option to include open ports in the asset export. (6.1.27.0)
- Added the capability to enter a colon-separated list of tags values to be filtered out and not ingested. (6.1.29.0)
- Added the capability to enter the agent groups to be filtered out and not ingested. (6.1.29.0)
- Added the capability to enter a value to restrict compliance findings to those that were last seen in X days. (6.1.29.0)
- Added the option to fetch extensions from Firefox and Chrome on Windows and macOS (96533, 133180, 96534). (6.1.29.0)
- Added the option to fetch devices from mobile repositories. (6.0.19.4)
- Added the option to use CVE dates for the device last seen calculation. (6.1.9.0)
- Added the capability to enter a number of days to only fetch vulnerabilities from that number of days back. (6.1.15.0)
- Added the capability to specify the maximum number of devices that the adapter will keep in memory at the same time. (6.1.17.0)
- This adapter now works with version 3 of the API. (6.1.26.0)
- Added the option to fetch only verified secrets. (6.1.28.0)
- This adapter now fetches containers as assets. This must be activated in Advanced Settings in order to work. (6.1.26.0)
UpGuard CyberRisk - Added the option to not fetch users. (6.1.15.0)
Velociraptor - Added the option to use FQDN as the hostname. (6.1.12.0)
- Added the option to fetch agents. (6.1.22.0)
- Added the option to not parse the manufacturer serial. (6.1.25.0)
Veracode - Added the option to use the first hostname found in the findings as the hostname for the device. (6.1.11.2)
VMware NSX - Added the option to enrich devices with firewall rules. (6.1.18.0)
VMware NSX Advanced Load Balancer
- The name of the 'Avi Networks' adapter was changed to VMware NSX Advanced Load Balancer. (6.1.16.0)
- Added the option to parse devices as load balancers. (6.1.22.0)
- Added the Tenant Name parameter for API Key authentication (Relevant for API version v36.0 only). (6.1.20.1)
- Added an option to authenticate via the Client ID and Device Mode parameters. (6.1.29.0)
VMware Workspace ONE (AirWatch) - Added the option to fetch Smart Groups. (6.1.2.3)
Vulcan - Added the option to fetch vulnerabilities. (6.1.1.4)
Vulcan Cyber - The name of the 'Vulcan' adapter was changed to Vulcan Cyber. (6.1.31.0)
- Added the option to fetch additional device attributes from the endpoint WhatsUp Gold Device_FindAttributes API. (6.1.7.0)
- Added the option to fetch device credentials from the endpoint WhatsUp Gold Device_Credentials API. (6.1.7.0)
- Added the capability to enter a number of months to fetch data on the state of the device as well as the uptime of the device's power supply from the endpoint WhatsUp Gold DeviceReport_DeviceStateChangeReport API. (6.1.7.0)
Web Server Information - Added the capability to perform an SSL scan using Qualys. To use this capability, you need to enter a Qualys SSL Labs API v4 registered email. (6.1.29.0)
WhiteHat - Added the capability to set the number of assets to fetch in the API response from the WhiteHat API. (6.1.4.0)
- Added the capability to filter vulnerabilities by detection method. (6.1.9.3)
- Added the option to fetch installed software. (6.1.11.0)
- Added the option to fetch network exposures from Wiz. (6.1.19.0)
Wiz Reports - Additional fields are now supported for the Hosted Technology report. (6.1.12.1)
- Added the option to create users only from the custom report data. (6.1.1.0)
- Added the option to include custom organization data. (6.1.3.3)
- Added the option to fetch application settings. (6.1.3.3)
- Tenant Login URL, Read Only Admin Username/Password, and 2FA Secret Key added to connection parameters. (6.1.3.3)
- Added the option to fetch only application settings. (6.1.6.0)
- Added the option to fetch user assets. (6.1.17.0)
- Added the option to include cost center data under organization data. (6.1.24.0)
Zabbix - Added the option to set hostnames from the relevant item in the inventory section that has a hostname. (6.1.9.0)
- Added the option to fetch Users, All Tickets, or both Users and Tickets. (6.1.14.5)
- Added the option to use the user email as the ticket assignee name. (6.1.22.1)
- Added the capability to enter the maximum rate of requests per hour by Axonius to the Zscaler server. (6.1.11.0)
ZeroFox - Added the option to use API Key authentication for this adapter. (6.1.9.0)
Zerto ZVM - Added the option to fetch only protected VMs. (6.1.9.0)
Zoom - Added the option to fetch application settings and licenses for accounts with Axonius SaaS Management. (6.1.11.0)
- Added a default value for Host name or IP address. (6.1.1.5)
- Added the capability to enter the maximum rate of requests per hour by Axonius to the Zscaler server. (6.1.14.0)
- Added the option to include devices that have the Linux operating system on the device fetch. (6.1.3.2)
- Added the option to not fetch SaaS application users. (6.1.4.0)
- Added the option to not fetch SaaS applications not assigned to any user. (6.1.25.4)
- Added the option to fetch all applications even if they are not in the Axonius SaaS Applications Repository. (6.1.25.4)
- Added the capability to filter out applications by name and category. (6.1.25.4)
Zscaler ZDX - Added the capability to enter the maximum rate of requests per hour by Axonius to the Zscaler server. (6.1.11.0)
Zscaler ZDX - Added the capability to enter the maximum rate of requests per hour by Axonius to the Zscaler server. (6.1.11.0)
Zscaler Web Security - Adde the option to filter fetched devices by their registration status. (6.1.30.0)
For more details:
- Explore the entire list of supported and integrated adapters.
New Enforcement Actions
The following Enforcement Actions were added:
- 1Password - Suspend User - Deactivates users in 1Password. (6.1.6.5)
- Append to Comment - OneLogin - Adds comment fields and appends text to existing comments. (6.1.5.0)
- Active Directory - Create Users - Creates new users in Microsoft Active Directory. (6.1.5.0)
- Airtable - Create User - Creates new users in Airtable Enterprise. (6.1.17.0)
- Airtable - Suspend User - Disables users in Airtable Enterprise. (6.1.17.0)
- Airtable - Add or Remove User from Group - Assigns users to groups in Airtable Enterprise. (6.1.17.0)
- AssetSonar - Update Asset - Updates assets in AssetSonar. (6.1.17.0)
- BeyondTrust BeyondInsight - Send Block Policy to S3 - Sends a block policy, in XML format, to a specific path on an SSH server using S3. (6.1.11.2)
- Change Policy - VMware Carbon Black App Control - Changes the VMware Carbon Black Cloud (Carbon Black CB Defense) policy assigned to each asset. (6.1.6.0)
- Check Point Infinity - Tag Devices that are Publicly Exposed by a FW/NAT Rule - Tags internal devices that are exposed to the public. (6.1.15.0)
- Cisco Identity Services Engine (ISE) - Apply Policy to Devices - Applies policies to devices. (6.1.0.3)
- Claroty xDome - User Actions - Performs the selected user action: Set Labels, Set Assignees, Set Notes. (6.1.4.0)
Medigate by Claroty - User Actions - Performs the selected user action: Set Labels, Set Assignees, Set Notes. (6.1.14.0)
Create new case - Automates Case creation, creating an ongoing Case on assets resulting from the query, and optionally on added query results only. (6.1.13.0)
CrowdStrike Falcon - RTR Run Command - Runs an RTR command on CroudStrike Falcon. (6.1.20.1)
Freshservice - Add or Remove User from Group - Adds or removes users from groups. (6.1.22.0)
Google Workspace - Activate User - Activates the Google Workspace account for each asset that matches the parameters of the selected query or selected assets. (6.1.9.0)
Google Workspace - Suspend User - Deactivates the Google Workspace account for each asset that matches the parameters of the selected query or selected assets. (6.1.9.0)
Google Workspace - Update User - Updates the information in the Google Workspace account for each asset that matches the parameters of the selected query or selected assets. (6.1.9.0)
Ivanti Security Controls - Add Machine to Machine Group (6.1.21.0)
Ivanti Security Controls - Patch Group - Adds CVEs to the Patch Group or updates the Patch Group CVEs from Vulnerabilities that match the results of the query or selected Vulnerabilities. (6.1.8.0)
Tag Halcyon Device - Tags devices in Halcyon.
Halcyon - Delete Device - Deletes devices from Halcyon.
Halcyon - Set Device Mode - changes the mode of the agent installed on the device between Learning and Blocking. (6.1.27.0)
Kandji - Delete User - Deletes users from Kandji. (6.1.17.0)
Keeper - Delete Users - Deletes users in Keeper. (6.1.9.0)
Microsoft Entra ID (formerly Azure AD) - Activate User - Activates a user in Entra ID. (6.1.9.0)
Microsoft Entra ID (formerly Azure AD) - Suspend User - Deactivates a user in Entra ID. (6.1.9.0)
Microsoft Entra ID (formerly Azure AD - Add or Remove License to/from Users (6.1.13.0)
Nessus - Add IPs to Scan - Adds IP addresses to a Tenable Nessus scan. (6.1.11.0)
Nessus - Delete Account - Deletes a user account from Tenable Nessus. (6.1.16.0)
Nessus - Add Agent to Agent Group - Adds an agent to an agent group in Tenable Nessus. (6.1.16.0)
Okta - Create User (6.1.5.0)
Okta - Create Group (6.1.5.0)
Okta - Update Group (6.1.5.0)
Okta - Delete Group (6.1.5.0)
Okta - Update User (6.1.5.0)
Okta - Create Role (6.1.5.0)
Okta - Update Role (6.1.5.0)
Okta - Delete Role (6.1.5.0)
Palo Alto Network Cortex Xpanse - Tag Assets - Adds tags to Internet assets. (6.1.27.0)
Palo Alto Networks IoT Security - Tag assets - Adds tags to assets in IoT Security.
PANW Cortex XDR - Add or Remove Tag to/from Assets - Adds or removes tags from assets.
PDQ Connect - Deploy Package - Deploys missing software/packages to devices in PDQ Connect. (6.1.21.0)
Recorded Future - Enrich CVE Data - Enriches vulnerabilities on your system with information from RecordedFuture, a threat intelligence tool that helps identify the vulnerabilities that pose an actual risk to an organization, adding context and data to CVE scoring. (6.1.27.0)
Red Hat Ansible Tower - Run Command - Runs a Red Hat Ansible Tower command.
SailPoint IdentityNow - Create Certification Campaign - Creates a certification campaign for users who have a specified, new manager. (6.1.29.0)
Salesforce - Activate User - Activates a Salesforce user. (6.1.9.0)
Salesforce - Create User - Creates a Salesforce user. (6.1.9.0)
Salesforce - Suspend User - Suspends a Salesforce user. (6.1.9.0)
Salesforce - Update User - Updates a Salesforce user. (6.1.9.0)
Create User - SAP Concur 4 - Creates a SAP Concur 4.x user. (6.1.10.0)
Update User - SAP Concur 4 - Updates a SAP Concur 4.x user. (6.1.10.0)
Secureworks Taegis XDR - Add/Remove Tag - Adds or removes tags on Secureworks Taegis XDR assets. (6.1.24.0)
ServiceNow - Request Catalog Item - Orders a service cart item from the service catalog. (6.1.16.0)
ServiceNow - Create User - Creates a ServiceNow user. (6.1.10.0)
ServiceNow - Update User - Updates a ServiceNow user. (6.1.10.0)
ServiceNow - Activate User - Activates a ServiceNow user. (6.1.10.0)
ServiceNow - Suspend User - Deactivates a ServiceNow user. (6.1.10.0)
Send Assets Data - Snowflake Data Warehouse - Pushes CSV files containing asset data into their Snowflake data lake. (6.1.14.2)
SentinelOne - Change Asset Site - Changes the site for assets in SentinelOne. (6.1.18.0)
SentinelOne - Change Asset Group - Changes the asset group for assets in SentinelOne. (6.1.18.0)
SolarWinds Web Help Desk - Create Ticket - Creates one ticket in SolarWinds Web Help Desk. (6.1.22.0)
SymphonyAI Summit - Create Ticket - Creates one ticket in SymphonyAI Summit. (6.1.10.7)
SymphonyAI Summit - Create Ticket per Entity - Creates a ticket in SymphonyAI Summit for each entity retrieved from the saved query supplied as a trigger. (6.1.10.7)
SymphonyAI Summit - Create or Update CMDB Assets - Creates and updates CMDB assets in SymphonyAI Summit. (6.1.19.3)
Tanium - Add or Remove Tag to/from Assets - Manages tags on Tanium assets. (6.1.27.0)
TeamDynamix - Create or Update Asset - Creates and updates assets in TeamDynamix. (6.1.7.0)
Update Zendesk Tickets - Enables updating tickets, which have specific ticket IDs. (6.1.9.1)
VMware CB Cloud - Quarantine/Unquarantine Assets - Quarantines or unquarantines assets in VMware CB Cloud.
VulnCheck - Enriches vulnerabilities on your system with information from VulnCheck, a tool providing vulnerability intelligence to predict avenues of attack. (6.1.27.0)
Wiz - Add Tags to Assets - Correlates and adds tags to assets in Wiz. (6.1.5.0)
Workday - Activate User - Activates a user in Workday. (6.1.9.0)
Workday - Suspend User - Suspends a user in Workday. (6.1.9.0)
Wrike - Create or Update Task - Creates a new task from the results retrieved from a saved query, or updates an existing task. (6.1.28.0)
Zendesk - Create Custom Object per Asset - Creates a custom object per asset in Zendesk for each asset that matches the parameters of the selected query or assets selected in one of the asset tables. (6.1.0.0)
Zendesk - Assign Group to Users - Assigns a group to a Zendesk user.
Zendesk - Create User - Creates a user in Zendesk.
- Zendesk - Delete User - Deletes a user in Zendesk.
Zoom - Delete User - Deletes a user in Zoom. (6.1.17.0)
Zoom - Create user - Creates a user in Zoom. (6.1.17.0)
Zoom - Update User Group - Updates a user group in Zoom. (6.1.17.0)
Updated Enforcement Actions
The following Enforcement Actions were updated:
- Axonius - Add Custom Data to Assets - Added the option to remove from entities not in the query results only the field values added to the Multiple Values field (for assets in the query) using this Enforcement Action and not the entire field. (6.1.26)
- Axonius - Send Email to Assets - Added the fields From to customize the sender email address and Reply-To to enable sending an email reply to an email address other than the sender email address.(6.1.9.0)
- Axonius - Send Email per Asset - Added the fields From to customize the sender email address and Reply-To to enable sending an email reply to an email address other than the sender email address.(6.1.9.0)
- Axonius - Deploy Files and Run Shell Command on Windows Assets - Added the field Replace command variables with Axonius fields that allows values from assets to be used in the Windows command. (6.1.2.0)
- AWS - Send CSV to S3 - Updated the Export Method field. (6.1.3.2)
- BeyondTrust BeyondInsight - Send Block Policy to S3 - Added the Get installed software from CSV adapter only option (enabled by default). When enabled, the XML file only includes software titles from the CSV adapter connection. Otherwise, the XML file includes software titles from the specified adapter connections. (6.1.124)
- BeyondTrust BeyondInsight - Send Block Policy to SCP - Added the Get installed software from CSV adapter only option (enabled by default). When enabled, the XML file only includes software titles from the CSV adapter connection. Otherwise, the XML file includes software titles from the specified adapter connections. (6.1.124)
- CrowdStrike Falcon - Run Script - Replaced the Script ID field with the Script parameters field. (6.1.8.0)
- CSV - Send to SCP - Updated the Export Method field. (6.1.3.2)
- CSV - Send to Share - Updated the Export Method field. (6.1.3.2)
- CSV - Send to SFTP - Updated the Export Method field. (6.1.3.2)
- Exabeam - Update Context Table - Added the key and Value fields to specify which values are populated into the Exabeam Context table.
- Microsoft Azure AD - Enforcement Actions renamed to Entra ID to reflect the name change in Microsoft. (6.1.1.0)
- Entra ID (Azure AD) - Forward Email Rule - Added the ability to remove an email address from the rule. (6.1.1.2)
- Updated the Freshservice Enforcement Actions with a note regarding case sensitivity of field names in Freshservice.
- Google Workspace - Add Users
- It is possible to use the Enforcement Action to create a single Google Workspace user from scratch, in addition to the already existing method of creating single/multiple assets from existing assets (Clone operation). (6.1.6.0)
- The Google Workspace Users have new fields - First Name, Last Name, Email, and Username. (6.1.6.0)
- There is a new option to auto-generate passwords, in addition to the already existing manually entered passwords. (6.1.6.0)
- Google Workspace - Add Users to Group - Added ability to create a single Google Workspace user from scratch with new fields (First Name, Last Name, Email, and Username) and auto-generate passwords. (6.1.1.7)
- GSuite Enforcement Actions Renamed to Google Workspace (6.1.1.3)
- The following Enforcement Actions were renamed from GSuite to Google Workspace:
- Google Workspace - Add Users
- Google Workspace - Add Users to Group
- Google Workspace - Change Users OU
- Google Workspace - Delete Extension
- Google Workspace - Remove Users
- Google Workspace - Remove Users From Group
- Google Workspace - Reset Users Logon Cookies
- Google Workspace - Role Assignments Actions
- Google Workspace - Send Message
- The following Enforcement Actions were renamed from GSuite to Google Workspace:
- HTTPS Log Server - Send Log Message - Added a note that a value for "Authorization Header" must be provided because this value is not picked up from the System Setting page. (6.1.30.0)
- Ivanti - Update Assets - Added the Do not map default Axonius fields option.
- Jira Service Management - Create Ticket and Jira Service Management - Create Ticket per Asset - Changed the name of these Enforcement actions from "Issue" to "Ticket". (6.1.3.0)
- Jira Service Management - Create Insight Asset per Asset - Documentation was updated: field mapping is now in the Required Fields section. (6.1.17.0)
- Jira Software - Create User - Creates a new user in Jira. (6.1.11.2)
- Jira Software - Delete User - Deletes a user from Jira. (6.1.11.2)
- Lenovo - Enrich Asset Data - Added the Avoid parsing Asset Name option to leave the Asset Name and Host Name fields in Lenovo blank.
- McAfee ePolicy Orchestrator (ePO) - Add or Remove Tag to/from Assets - Added the ability to add or remove multiple tags at the same time.
- Microsoft Azure DevOps - Create Task - Added the ability to use custom fields.
- Microsoft Entra ID (formerly Azure AD) - Add or Remove License to/from Users - Updated the description of the License IDs field.
- Microsoft Teams - Send Message - Updated the method of adding a new incoming webhook to a Microsoft Teams channel. (6.1.28.2)
- PagerDuty - Create Incident:
- Added 'Requester Email' field. (6.1.3.2)
- Added note about where Service and Priority IDs can be obtained. (6.1.30.0)
- Qualys - Add Tags to Host Asset - Added the Use all Qualys IDs field.
- Qualys - Remove Tags from Host Asset - Added the Use all Qualys IDs field.
- Qualys - Add IP Addresses to User Subscription - Add the field Use stored credentials from the Qualys Cloud Platform adapter. (6.1.19.0)
- SentinelOne - Add or Remove Tag to/from Assets - Added required permissions information.
- ServiceNow - Create Incident - Added the ability to link this new task to another table. (6.1.5.3)
- ServiceNow - Create Incident per Asset (6.1.5.3)
- If Fetch dynamic dropdown values is enabled for the adapter connection, Placeholder text fields will be a list populated with the available values from ServiceNow.
- Added the abiltiy to link this new task to another table.
- ServiceNow - Disable or Remove Assets - Added a note that the Suspend action is available only for user assets. (6.1.30.0)
- Update ServiceNow Tickets and ServiceNow - Update Assets and ServiceNow - Create Assets (6.1.5.3)
- When Fetch dynamic dropdown values is enabled for the adapter connection, Placeholder text fields will be a list populated with the available values from ServiceNow.
- Splunk - Create and Update Assets - Added the KV Store Collection Name field. The Map Axonius fields to adapter fields is now required to run the Enforcement Action. (6.1.15.0)
- TeamDynamix - Create Ticket - Added the option to link the related assets to the ticket in TeamDynamix.
- Tenable.io - Add IP Addresses to Scan -
- Added the ability to schedule a scan. (6.1.7.0)
- Added the ability to only use private IP addresses. (6.1.7.0)
- Tenable.sc (SecurityCenter) - Add IP Addresses to Assets
- Added the ability to restrict the adapter connection. (6.1.13.0)
- Added the ability to create a new scan with the asset. (6.1.23.0)
- Zendesk - Create Ticket -
- Added the ability to add any field to the ticket with the Additional Fields field. (6.1.0.2)
- Adde the ability to populate the Form field in the new Zendesk ticket. (6.1.11.0)
- Zendesk - Create Ticket Per Entity - Added the ability to add any field to the ticket with the Additional Fields field. (6.1.0.2)
- SharePoint - Send CSV - Required Permissions, APIs, and Required Ports were added to the documentation. Added instructions for when SharePoint Password Manager is enabled. (6.1.20.1)
- Web Server Information - Enrich Asset Data - Added that a comma-delimited list of ports can be used. (6.1.30.0)