What's New in Axonius 2.10

Watch the “What’s New in Axonius 2.10 ” video, or read the product release notes below.

Adapters

New Adapters

The following new adapters have been added in this release:

1. Icinga - An open-source computer system and network monitoring application. It monitors data centers and clouds availability and performance, gives access to data and raises alerts.
2. Medigate - A medical device security platform that protects connected medical devices on health care provider networks, allowing inventory management and facilitating detection and prevention capabilities.
3. PacketFence - A free open source network access control (NAC) solution that provides the following features: registration, detection of abnormal network activities, proactive vulnerability scans, isolation of problematic devices, remediation through a captive portal, 802.1X, wireless integration and User-Agent / DHCP fingerprinting.
4. Specops Inventory - Collects and reports information on hardware, software, registry, user settings, operating system, security data, and Active Directory data.

For more details, see the entire list of supported and integrated adapters.

Updated Adapters

The following Adapters have been enhanced:

• Amazon Web Services (AWS) (advanced settings) – Multiple enhancements:

  • Added a new Fetch Information about S3 checkbox to the AWS Configuration tab in the Advanced Settings for this adapter.
    • If enabled, this checkbox will have all connections for this adapter to collect information about S3 Buckets in addition to the other instance types.
    • The information collected for each S3 Bucket instance will include ACL’s, location, and public status.
  • Added a new Fetch Information about IAM Users checkbox to the AWS Configuration tab in the Advanced Settings for this adapter.
    • If enabled, this checkbox will have all connections for this adapter to collect information about IAM users.
    • The information collected for each IAM user will include attached groups, attached policies and access keys

  
  

• BlueCat Enterprise DNS (connection configuration) - This adapter now supports connecting directly to the database for BlueCat.
  
  

• CrowdStrike Falcon (advanced settings) - Added a new Get Devices Policies checkbox to the CrowdStrike Configuration tab in the Advanced Settings for this adapter.

  • If enabled, this checkbox will have all connections for this adapter to collect prevention policies associated with devices.
    
    

• CSV Serials (connection configuration) – Added multiple new fields to the Add Server dialog for this adapter. If supplied, these new fields allow you to fetch a CSV file from an Amazon S3 bucket.

  • Added a new S3 Bucket Name field. This new field lets you specify the name of the bucket to get the CSV file.
  • Added a new S3 Object Location field. This new field lets you specify the object location - the file path.
  • Added new S3 Access Key ID and S3 Secret Access Key fields. These new fields let you specify the credentials to access the S3 bucket. You can leave both of these fields empty to use the IAM Role that is attached to the Axonius EC2 instance.
    
    

• Cybereason Deep Detect & Respond (advanced settings) - Added a new Custom Tags Whitelist field to the Cybereason Configuration tab in the Advanced Settings for this adapter.

  • This new field lets you specify a comma-separated list of Cybereason tags.
  • If supplied, all connections for this adapter will only collect devices tagged in Cybereason with the tags provided in this list.
    
    

• Microsoft SQL Server Adapter (connection configuration) - Added a new Server Tag field to the Add Server dialog for this adapter.

  • This new field lets you specify a value that will be set in a Server Tag field for all assets collected from a specific connection for this adapter.
    
    

• Shodan (connection configuration) - Added a new Query Search field to the Add Server dialog for this adapter.

  • This new field lets you specify a search query using Shodan's search query syntax.
  • If supplied, a connection for this adapter will only collect devices that are returned from this query.
    
    

• ServiceNow (advanced settings) - Added a new Exclude Devices Without IP, MAC and Serial Number checkbox to the ServiceNow Configuration tab in the Advanced Settings for this adapter.

  • If enabled, all connections for this adapter will only collect information on devices if they have an IP address, MAC address, or serial number.
    
    

Enforcement Center Updates

The following updates have been made to the Axonius Security Policy Enforcement Center:

Updated Actions

The following Actions have been enhanced:

• Run Linux Shell Command - Added multiple new fields to the Add Action dialog for this action. These fields let you upload files to a Linux device and then to execute those files.
  • Added a new Files to Deploy control. This control lets you choose a file to be uploaded. Multiple files can be provided and existing files are overridden.
  • Added a new Upload Path field. This field lets you specify the path to upload the files on the Linux device. If not populated, the files are uploaded to "/tmp" folder.
  • Added a new Delete Files After Execution checkbox. If enabled, the files will be deleted after executing the specified command line.
  • Added a new Upload Files Permissions field. This field lets you specify the permissions given to the uploaded files. This Defaults to "777".
    
    
• Enrich User Data with Have I Been Pwned - Added a new Alternative Email Suffix field to the Add Action dialog for this action.
  • If provided, all email addresses processed by this action will be processed with the original email suffix as well as the provided alternative email suffix.
  • This field is useful for organizations that utilize more than one email suffix.

• Send to HTTPS Log System - Added a new Authorization Header field to the Add Action dialog for this adapter.
  • This field is required if the HTTPS log system requires user authentication.
  • If provided, the value will be supplied in the headers of HTTPS requests sent to the log system.

• Send Slack Message - The message sent to Slack will now include the first five results of the Saved Query.

Device and User Interface Updates

The following updates have been made to device and user-related capabilities in Axonius:

• Devices and Users Tables Updates

  • Devices and Users Tables Edit Columns - Modified the Edit Columns screen:
    
    
    • Modified Available Columns list. This list lets you select the columns to be included in the table.
    • Added Displayed Columns list. This lists displays the columns that are included in the table. This list can be reordered by dragging and dropping a column. The order of the columns in this list will be also reflected in CSV exports.
    • Added Add >> and <<Remove buttons. These buttons allow you to move columns to and from the Available Columns list and the **Displayed Columns **list.
    • Added a Reset button. This button sets the Displayed Columns list to the default view.

  

  • Saving Queries for Predefined Views - Queries can now be saved with the columns in the Displayed Columns even when no query expression has been defined. These saved queries can then be loaded and used as a template for building new saved queries with the predefined columns and column filters.
    
    
  • Microsoft Active Directory (AD) adapter: Added a Last Used Users AD Display Name data field.
    • This field will reflect the Microsoft Active Directory (AD) Display Name associated with a specific device.
    • The value of this field is (for most AD implementations) a user's first name followed by their last name.

Administrator Settings Interface Updates

• Global Settings - Added a new subsection named Static Analysis Settings with a Fetch software vulnerabilities even when the vendor name is unknown checkbox.
  • If enabled, Axonius will fetch vulnerabilities even if the software vendor name is unknown.
  • If not enabled, Axonius will only fetch vulnerabilities if they include both software and vendor names.
  • This checkbox is not enabled by default.
    
    

General UX Enhancements

• Visualization of Boolean Fields - Modified the visualization of boolean fields. "X" and "V" values to make the values clearer.
  • "X" has been replaced with “No” for False.
  • "V" has been replaced with "Yes" for True.