What's New in Axonius 2.12
  • 24 Mar 2022
  • 6 Minutes to read
  • Dark
    Light
  • PDF

What's New in Axonius 2.12

  • Dark
    Light
  • PDF

Article summary

Adapters

New Adapters

The following new adapters have been added in this release:

  1. Nutanix AHV - A hypervisor included with the Enterprise Cloud OS. AHV delivers flexible migrations, security hardening, automated data protection and disaster recovery, and analytics.
  2. Preempt - Lets organizations reduce user risk on their attack surface and preempt threats in real-time with conditional access. It continuously analyzes, adapts and responds to threats based on identity, behavior, and risk to resolve insider threats and targeted attacks.

For more details, see the entire list of supported and integrated adapters.

Updated Adapters

The following Adapters have been enhanced:

  • Amazon Web Services (AWS) (Advanced Settings) - Added a new Fetch information about Lambdas checkbox to the AWS Configuration tab in the Advanced Settings for this adapter.

    • If enabled, all connections for this adapter will also fetch information on AWS Lambdas.
    • The default value for this checkbox is False.

  • CA Service Management (Advanced Settings) - Added a new CA CMDB Asset Lifecycle Status Whitelist field to the CA Service Management Configuration tab in the Advanced Settings for this adapter.

    • This new field lets you specify a comma-separated list of asset lifecycle statuses.
    • If supplied, all connections for this adapter will only collect devices whose status is any of the comma-separated list of CA asset lifecycle statuses that have been defined in this field.
    • The default value for this field is empty.

  • G Suite by Google - Multiple enhancements:

    • The Google Mobile Management adapter has been renamed to G Suite by Google to make it clear that it is not limited to just Google Mobile Management.
    • This adapter has been enhanced to fetch additional data for user assets:
      • Multi-factor authentication status
      • Phone numbers
      • Recovery phone
      • Organizational unit
      • User creation date
      • OAuth application list

  • Google Cloud Platform (GCP) - The Google Cloud Platform (GCP) adapter has been enhanced to fetch user assets and their defined roles in addition to device assets.

  • Microsoft System Center Configuration Manager (SCCM) (Advanced Settings) - Added a new Machine Domain Whitelist field to the Microsoft System Center Configuration Manager (SCCM) Configuration tab in the Advanced Settings for this adapter.

    • This new field lets you specify a comma-separated list of domains.
    • If supplied, all connections for this adapter will only collect devices from domains provided in this list.
    • The default value for this field is empty.

  • Qualys Cloud Platform (Advanced Settings) - Multiple enhancements:

    • Added a new Intervals between Retries in Seconds field to the Qualys Configuration tab in the Advanced Settings for this adapter.
      • This field controls how many seconds all connections for this adapter will wait in between each retry when the Qualys API returns a reponse with an error.
      • The default value for this field is 3.
    • Added a new Number of Retries field to the Qualys Configuration tab in the Advanced Settings for this adapter.
      • This field controls how many times all connections for this adapter will retry a request when the Qualys API returns a response with an error.
      • The default value for this field is 3.

  • ServiceNow (Advanced Settings) - Added a new Exclude VMs Tables checkbox to the ServiceNow Configuration tab in the Advanced Settings for this adapter.

    • If enabled, all connections for this adapter will not collect device assets from tables in ServiceNow that are related to Virtual Machines.
    • The default for this checkbox is False.

  • Tanium (Connection Configuration) - Added a new Fetch Tanium Discover Devices checkbox to the Add Connection dialog for this adapter.

    • If enabled and the Discover module is available in the Tanium platform, the newly created connection for this adapter will fetch all assets that have been found by the Discover module.
    • The default value for this checkbox is False.

  • Web Server Information (Connection Configuration) - Added a new Web Server Port field to the Add Connection dialog for this adapter.

    • This new field lets you specify the port to connect to in order to fetch the web server information.
    • The default value for this field is 443.

Dashboard Updates

The following updates have been made to the Axonius Dashboard:

  • System Lifecycle Panel – Added a tooltip for the Fetch Devices and Fetch Scanners discovery phases.
    • This new tooltip lets you identify the fetch status for each adapter that is pending.
    • Possible statuses are: Fetching or Not Started.
      image.png

Enforcement Center Updates

The following updates have been made to the Axonius Security Policy Enforcement Center:

Updated Actions

The following Actions have been enhanced:

  • Enrich Device Data with Web Server Information - Added a new Web Server Port field to the Add Action dialog for this action.

    • This new field lets you specify the port to connect to when fetching web server information.
    • The default value for this field is 443.

  • Create ServiceNow Computer - Added a new CMDB CI Table Name field to the Add Action dialog for this action.

    • This new field controls the table that the CI will be created in.
    • The default value for this field is cmdb_ci_computer.

  • Create ServiceNow Incident - Multiple enhancements:

    • Added a new Add Query Name to Incident Short Description checkbox to the Add Action dialog for this action.
      • If enabled, the name of the saved query defined as the trigger for the enforcement set will be appended to the short description of the created incident.
      • The default value for this checkbox is False.
    • Added a new Category field to the Add Action dialog for this action.
      • This new field allows you to define a category for the created incident.
      • The default value for this field is empty.
    • Added a new Subcategory field to the Add Action dialog for this action.
      • This new field allows you to define a category for the created incident.
      • The default value for this field is empty.

  • Create ServiceNow Incident per Entity - Multiple enhancements:

    • Added a new Category field to the Add Action dialog for this action.
      • This new field allows you to define a category for the created incident.
      • The default value for this field is empty.
    • Added a new Subcategory field to the Add Action dialog for this action.
      • This new field allows you to define a category for the created incident.
      • The default value for this field is empty.

Device and User Tables Interface Updates

The following updates have been made to device and user tables related capabilities in Axonius:

  • First Fetch Time - Added a new First Fetch Time field to all devices and users.

    • This new field reflects the timestamp when Axonius fetched the asset for the first time.

  • "In" Function - Added the ability to query for multiple values in the Query Wizard with a new In function

    • The new function will be available for all field types that supported the Equals function.
    • The user will be able to insert a comma-separated list of values to query for multiple values.
    • A single query expression using the new In function can now replace multiple query expressions using the Equals function with Or operands between them.

Reporting Updates

The following updates have been made to Axonius reports:

  • Report Email Configuration enhancements
    • Added a new Custom Message field to the Report Configuration screen.
      • This new field lets you specify a message that will be added to the report email body.
      • The custom message is limited to 200 chars.
    • Modified the Email Recurrence section in the Report Configuration screen.
      • This modified section now lets you select the day and time the report will be sent.
        image.png


Administrator Settings Interface Updates

The following updates have been made to administrator settings in Axonius:

  • GUI Settings Tab - Added a new setting titled Default number of query results displayed per page

    • This new setting lets you select the default number of results displayed per page in the Devices screen and the Users screen.

  • Global Settings tab - Added a new Correlate CSV Adapter only if Full Hostnames are Equal setting to the Correlation Settings section.

    • If enabled, Axonius only correlates assets from a CSV adapter connection if the full hostname in the CSV matches the full hostname of an asset in Axonius.

Was this article helpful?