- 24 Mar 2022
- 14 Minutes to read
- Print
- DarkLight
- PDF
What's New in Axonius 3.12
- Updated on 24 Mar 2022
- 14 Minutes to read
- Print
- DarkLight
- PDF
Release Date: December-18-2020
Adapters
New Adapters
The following new adapters have been added in this release:
- 1E Tachyon
- 1E Tachyon is a remote endpoint management solution built on a single agent for speed, visibility, and control of all endpoints.
- This adapter fetches the following types of assets: Devices.
- F-Secure Protection Service for Business (PSB)
- F-Secure Protection Service for Business (PSB) is a central management portal for managing VPN, mobile device management, software update management, workstation, and server security.
- This adapter fetches the following types of assets: Devices.
- Frontline VM
- Frontline VM, a Frontline.Cloud system, is a vulnerability management application that performs comprehensive security assessments and helps prioritize and track the results, making remediation more efficient and effective.
- This adapter fetches the following types of assets: Devices.
- Microsoft Lync
- Microsoft Lync provides instant messaging (IM), audio and video calls, Lync Meetings, availability (presence) information, and sharing capabilities.
- This adapter fetches the following types of assets: Users.
- RSA Archer
- RSA Archer is an integrated risk management platform for managing multiple dimensions of risk, including IT, operational, third-party, resiliency, and compliance risk.
- This adapter fetches the following types of assets: Devices and Users.
- ScopNET
- ScopNET provides an agent-free solution for the prevention of unauthorized access to corporate networks, integrating switches, routers and firewalls to detect alien devices.
- This adapter fetches the following types of assets: Devices.
- Sophos Central
- Sophos Central is a unified console that provides one place to manage Sophos products, including: endpoint, mobile, encryption, web, email, server, and wireless security.
- This adapter fetches the following types of assets: Devices.
- Windows DHCP Server
- Windows DHCP Server is a networking server used to lease IP addresses and manage other configuration information.
- This adapter fetches the following types of assets: Devices.
For more details, explore the entire list of supported and integrated adapters.
Updated Adapters
The following adapters have been enhanced:
- Adapter Page - Multiple enhancements:
- Added a new Actions menu on the top right of the Adapters table.
- The new Override Advanced Settings Values action enables you to override Adapter Advanced Settings values for all adapters or for adapters without configured connections.
Amazon Web Services (AWS) (Advanced Settings) - Added a new Add WAF to devices checkbox under the AWS Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to enrich devices with WAF information.
- If enabled, all connections for this adapter will enrich relevant devices with WAF information.
- If disabled, all connections for this adapter will enrich devices with WAF information.
- This new checkbox is required.
- The default value for this checkbox is False.
BitSight Security Ratings (Connection Configuration) - Added a new Company Name (leave empty to fetch data from parent company field in the Add Connection dialog for this adapter.
- This new field lets you specify a company name form data will be fetched.
- If supplied, only data associated with the specified company name will be fetched.
- If not supplied, data associated with the parent company and all its 'child' companies will be fetched.
- This new field is optional.
- The default value for this field is empty.
Cisco Meraki (Advanced Settings) - Added a new Fetch MDM devices checkbox under the Cisco Meraki Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch MDM devices from Google Workspace.
- If enabled, all connections for this adapter will fetch MDM devices.
- If disabled, all connections for this adapter will not fetch MDM devices.
- This new checkbox is required.
- The default value for this checkbox is True.
Google Cloud Platform (GCP) (Advanced Settings) - Added a new mail domain whitelist field under the GCP Configuration tab in the Advanced Settings for this adapter.
- This new field lets you specify a comma-separated list of email domains.
- If supplied, all connections for this adapter will only fetch users whose email domain is in the specified list.
- If not supplied, all connections for this adapter will fetch all users.
- This new field is optional.
- The default value for this field is empty.
Microsoft Azure Active Directory (Azure AD) (Advanced Settings) - Added a new Exclude Azure AD joined devices checkbox under the Azure AD Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch Azure AD joined devices.
- If enabled, all connections for this adapter will not fetch Azure AD joined devices.
- If disabled, all connections for this adapter will fetch Azure AD joined devices.
- This new checkbox is required.
- The default value for this checkbox is False.
Microsoft System Center Configuration Manager (SCCM) (Advanced Settings) - Multiple enhancements:
- Added a new Fetch files path table checkbox under the SCCM Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch installed software path from the files path table.
- If enabled, all connections for this adapter will fetch installed software path from the files path table.
- If disabled, all connections for this adapter will not fetch installed software path from the files path table. When disabled, fetch process for this adapter will be faster.
- This new checkbox is required.
- The default value for this checkbox is True.
- Added a new Fetch v_GS_INSTALLED_SOFTWARE table checkbox under the SCCM Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch installed software from the v_GS_INSTALLED_SOFTWARE table.
- If enabled, all connections for this adapter will fetch installed software from the v_GS_INSTALLED_SOFTWARE table.
- If disabled, all connections for this adapter will not fetch installed software from the v_GS_INSTALLED_SOFTWARE table. When disabled, fetch process for this adapter will be faster.
- This new checkbox is required.
- The default value for this checkbox is True.
- Added a new Fetch services information checkbox under the SCCM Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch services information for each device.
- If enabled, all connections for this adapter will fetch services information for each device.
- If disabled, all connections for this adapter will not fetch services information for each device. When disabled, fetch process for this adapter will be faster.
- This new checkbox is required.
- The default value for this checkbox is True.
- Added a new Fetch files path table checkbox under the SCCM Configuration tab in the Advanced Settings for this adapter.
Okta - Multiple enhancements:
- Added a new API rate limit threshold percentage field in the Add Connection dialog for this adapter.
- This new field lets you specify the threshold percentage of the Okta API rate limit when connecting to the value supplied in Okta URL. Axonius will stop the data fetch when the API rate limit will reach to the supplied value.
- This new field is required.
- The default value for this field is 10.
- Added a new Fetch admin roles checkbox under the Okta Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch additional information on admin roles.
- If enabled, all connections of this adapter will also fetch additional information on admin roles.
- If disabled, all connections of this adapter will only fetch users with admin roles, without additional information about those roles.
- This new checkbox is required.
- The default value for this checkbox is False.
- Added a new API rate limit threshold percentage field in the Add Connection dialog for this adapter.
Palo Alto Networks Prisma Cloud (Advanced Settings) - Added a new Fetch deleted devices checkbox under the Prisma Cloud Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch also 'deleted' devices.
- If enabled, all connections for this adapter will also fetch 'deleted' devices.
- If disabled, all connections for this adapter will not fetch 'deleted' devices.
- This new checkbox is required.
- The default value for this checkbox is False.
Qualys Cloud Platform (Advanced Settings) - Multiple enhancements:
- Added a new Use Qualys API checkbox under the Qualys Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to use the Qualys API.
- If enabled, all connections for this adapter will use the Qualys API to fetch data.
- If disabled, all connections for this adapter will not use the Qualys API to fetch data.
- This new checkbox is required.
- The default value for this checkbox is True.
- Added a new Fetch scanner appliances checkbox under the Qualys Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch scanner appliances as devices.
- If enabled, all connections for this adapter will fetch scanner appliances as devices.
- If disabled, all connections for this adapter will not fetch scanner appliances data.
- This new checkbox is required.
- The default value for this checkbox is False.
- Added a new Fetch policy compliance checkbox under the Qualys Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch policy compliance associated with devices.
- If enabled, all connections for this adapter will also fetch policy compliance associated with each device.
- If disabled, all connections for this adapter will not fetch policy compliance associated with each device.
- This new checkbox is required.
- The default value for this checkbox is False.
- Added a new Use Qualys API checkbox under the Qualys Configuration tab in the Advanced Settings for this adapter.
Rapid7 Nexpose and InsightVM (Advanced Settings) - Added a new Fetch users information for devices checkbox under the Rapid7 Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch users information for fetched devices.
- If enabled, all connections for this adapter will fetch also user information that is associated with the fetched devices. For example, Last Used User field.
- If disabled, all connections for this adapter will not fetch any user information that is associated with the fetched devices.
- This new checkbox is required.
- The default value for this checkbox is True.
Tenable.io (Advanced Settings) - Added a new Fetch only active vulnerabilities checkbox under the Tenable.io Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch only vulnerabilities in Active or in New state. For details, see Tenable.io - Vulnerability States.
- If enabled, all connections for this adapter will only fetch vulnerabilities in Active or in New state.
- If disabled, all connections for this adapter will fetch vulnerabilities with any state: New, Active, Fixed or Resurfaced.
- This new checkbox is required.
- The default value for this checkbox is True.
Tenable.sc (SecurityCenter) (Advanced Settings) - Added a new Repository name exclude list - use 'contains' logic instead of exact match checkbox under the Tenable.sc Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to consider the values supplied in Repository name exclude list field as the exact repository names.
- If enabled, all connections for this adapter will not fetch vulnerabilities from repositories their name contains any of the supplied values in the Repository name exclude list field.
- If disabled, all connections for this adapter will not fetch vulnerabilities from the repositories their name exactly matches one of the supplied values in the Repository name exclude list field.
- This new checkbox is required.
- The default value for this checkbox is False.
VMware Carbon Black EDR (Advanced Settings) - Multiple enhancements:
- Added a new Fetch inactive devices in the last X days field under the Carbon Black EDR Configuration tab in the Advanced Settings for this adapter.
- This new field lets you select whether to fetch inactive devices.
- If supplied, all connections for this adapter will fetch inactive devices that have communicated with the VMware Carbon Black EDR server in that last specified number of days.
- If not supplied, all connections for this adapter will not fetch inactive devices.
- This new field is optional.
- The default value for this field is empty.
- Added a new Fetch only the most recent device per computer SID checkbox under the Carbon Black EDR Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch only the recent device per each SID.
- If enabled, all connections for this adapter will fetch only the recent device per each SID.
- If disabled, all connections for this adapter will fetch all devices, even if there is more than one device for a specific SID.
- This new checkbox is required.
- The default value for this checkbox is False.
- Added a new Fetch inactive devices in the last X days field under the Carbon Black EDR Configuration tab in the Advanced Settings for this adapter.
VMware Workspace ONE (AirWatch) (Advanced Settings) - Added a new Fetch extended information checkbox under the AirWatch Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch additional information for each device, such as the Security Patch Date field.
- If enabled, all connections for this adapter will also fetch additional information for each device.
- If disabled, all connections for this adapter will not fetch additional information for each device.
- This new checkbox is required.
- The default value for this checkbox is True.
Enforcement Center Updates
The following updates have been made to the Axonius Security Policy Enforcement Center:
Updated Actions
The following Actions have been enhanced:
- Create ServiceNow Computer - Added a Create ServiceNow computer even if device's asset entities include ServiceNow checkbox to the Add Action dialog for this action.
- This new checkbox lets you select whether to create a new ServiceNow computer even if one of the device's asset entities has been fetched from ServiceNow.
- If enabled, a computer will be created in ServiceNow even if one of the device's asset entities has been fetched from ServiceNow.
- If disabled, a computer will not be created in ServiceNow even if one of the device's asset entities has been fetched from ServiceNow.
- This new checkbox is required.
- The default value for this checkbox is False.
- Create Cherwell Computer and Update Cherwell Computer - Added a new Do not map default Axonius fields checkbox to the Add Action dialog for these actions.
- This new checkbox lets you select whether to map the set of default Axonius fields to the Cherwell computer.
- If enabled, default Axonius fields will not be mapped to the Cherwell computer.
- If disabled, default Axonius fields will be mapped to the Cherwell computer. For details, see Default Field Mapping field.
- This new checkbox is required.
- The default value for this checkbox is False.
Device and User Tables Interface Updates
The following updates have been made to the device and user tables related capabilities in Axonius:
- Cancel Query - Added a new Cancel Query button which is displayed whenever a query is running.
- This button lets you cancel the currently running query and revert the results to the last successful executed query.
- Running a new query while a query is running cancels the previous query and executes the new query.
- Query Wizard - Multiple enhancements:
Added the Aggregated option to the Adapter drop-down for the Asset Entity (ENT)
- When selecting the Aggregated option, it enables querying asset entity queries for all adapters with a single expression.
- When selecting the Aggregated option, it enables querying asset entity queries for all adapters with a single expression.
Added support for multiple parentheses in a single parentheses control.
- The number of parentheses can be increased/decreased by clicking the up/down arrows in the Parentheses Control.
- The number of parentheses can be increased/decreased by clicking the up/down arrows in the Parentheses Control.
Cloud Asset Compliance Updates
The following updates have been made to Cloud Asset Compliance:
- CIS Microsoft Azure Foundations Benchmark v1.1 - Added Affected Assets for relevant rules in the Virtual Machines category.
Administrator Settings Interface Updates
The following updates have been made to administrator settings in Axonius:
- Global Settings - Multiple enhancements:
- Added a new System External URL section.
- This new section lets you define if an external host name or IP address is to be used in various links re-directing to the system.
- If switched on and configured, all links re-directing back to the system will use the specified host name or IP address.
- If switched off, all links re-directing back to the system will use the host name or IP address the user has used to access the Axonius node.
- Added a new Proxy field under the Amazon S3 Settings section.
- This new field lets you configure HTTP/HTTPS proxy to use when connecting to the AWS APIs.
- If supplied, Axonius will utilize the proxy when connecting to the AWS APIs.
- If not supplied, Axonius will connect directly to the AWS APIs.
- This new field is optional.
- The default value for this field is empty.
- Added a new Set asset name as hostname, if hostname does not exist checkbox under the Aggregation Settings section.
- This new checkbox lets you select whether to set the Host Name field with the Asset Name field value, if no hostname has been fetched for the asset.
- If enabled, if no hostname has been fetched for an asset, the Host Name field will be set with the Asset Name field value for that asset.
- If disabled, if no hostname has been fetched for an asset, the Host Name field will remain empty for that asset.
- This new checkbox is required.
- The default value for this checkbox is False.
- Added a new System External URL section.
General Enhancements
- Help and Support - Added a new Help and Support menu next to the Discover Now button,
- This new menu lets you access the Documentation and the Support Center from any page in the system.