- 24 Mar 2022
- 3 Minutes to read
- Print
- DarkLight
- PDF
What's New in Axonius 2.7
- Updated on 24 Mar 2022
- 3 Minutes to read
- Print
- DarkLight
- PDF
Adapters
New Adapters
The following new adapters have been added in this release:
- CyCognito CyCAST Platform - An automated, cloud-based security testing service that simulates attackers' reconnaissance techniques to find organizations' security blind spots.
- Have I Been Pwned - A website to check if email accounts have been compromised in a data breach.
- JumpCloud - A Directory-as-a-Service (DaaS) solution to authenticate, authorize, and manage users, devices, and applications via a common directory in the cloud.
For more details, see the entire list of supported and integrated adapters.
Adapter Configuration Enhancements
The following enhancements have been made to existing adapters in this release:
- Amazon Web Services (AWS): Fetch Elastic Load Balancers (ELB) IP using current DNS (advanced settings) - You can configure to fetch the IP of each of the Elastic Load Balancers (ELB) using the current DNS server.
- Cisco Meraki: Exclude No VLAN Clients (connection configuration) - Exclude any fetched connected device that is not associated with any VLAN.
- Cylance PROTECT: Tenant Tag (connection configuration) - Automatically tag all devices discovered by the specified adapter server.
- Jamf Pro: Tenant Tag (connection configuration) - Automatically tag all devices discovered by the specified adapter server.
- Tenable.sc: Fetch Top N Installed Software (advanced settings) - Specify the number of the top most common installed software fetched from Tenable.sc.
- Tenable.sc: Fetch Vulnerabilities (advanced settings) - Choose whether to fetch devices' vulnerabilities from Tenable.sc.
Axonius Dashboard
The following updates have been made to the Axonius Dashboard:
- Viewing and editing an existing dashboard panel configuration - Now hover over any custom panel to view and edit its configuration.
- Device Manufacturer Serial added to the Axonius asset search - Search devices by the device manufacturer's serial number and view it in the asset search results.
Enforcement Center Updates
The following updates have been made to the Axonius Security Policy Enforcement Center:
- Run Windows Shell Command - Upload and deploy multiple files on the target device.
- Create Tenable.io Asset - A new enforcement action has been added. Create Tenable.io assets for each of the query result devices.
- Enrich Device Data with Censys - Enrich each of the query result devices with additional data from Censys, including: ports open to the world, address information (country, region, city), ASN and more.
The data enrichment is done per device based on its public IP address (IPv4) or its domain name.
- Enrich User Data with Have I been pwned - Enrich user data with breaches, pastes and pwned passwords identified by the 'Have I Been Pwned' (HIBP) website.
- Send CSV to Amazon S3 - Choose to use the EC2 instance (Axonius installed on) attached to the IAM role instead of using the AWS Access Key ID and AWS Access Key Secret credentials supplied.
- Choose Instance - In all enforcement actions which are related to a specific adater (for example, "Add IPs to Tenable.sc Asset"), if you are using multi-nodes, choose the Axonius node to use to interact with the adapter when executing the enforcement action.
Device and User Related Updates
The following updates have been made to the Axonius devices and users entities related capabilities:
The Query Wizard button and the Saved Queries button have been repositioned and refreshed
Device General Data - Firewall Rules table - View in a table format, list firewall rules that defines allowed or denied traffic to and from virtual machines.
Device General Data - Open Ports table - List of ports open to the world, including the access protocol and the service name.
Device Data Fetch Enhancements - View and query newly added data from the following adapters:
- Jamf Pro - list of certificates installed on the device.
- Tenable Nessus - additional vulnerability related data.
- Microsoft System Center Configuration Manager (SCCM) - device Trusted Platform Module (TPM) data.
- Cisco Meraki - device public IPs.
Reports
The following updates have been made to the Axonius reports:
- Including specific dashboard spaces in the report - If you select to include dashboard charts in your reports, you have the ability to select which dashboard spaces to include.
- Attaching CSV with queries results to email - If you decide to schedule a report email, you can also select to attach a CSV file with the entire saved query results for each of the saved queries you have listed.
Additional Updates
- Adapter Advanced Settings – All Adapter Configuration tab settings have been rephrased, so you can now easily configure the advanced settings for required adapters.
- Various bugs fixes