What's New in Axonius - Axonius 4.3

Release Date: July-2021

Release Highlights

• Manage Service Accounts New Manage Service Accounts tab was added
  • Use Service Accounts to manage accounts that will only connect to the system using API, such as external accounts.
  • Use the Manage Service Accounts tab to create a new Service Account, generate its API key and secret, and assign roles to Service Accounts.

• Support Complex Expressions for Column Filtering - Added the capability to filter columns by complex expressions.

  • Create complex filters using the following:
    • AND/OR available from the second row on.
    • NOT.
    • Field - including the possibility to filter by other fields as part of the complex field.
    • Operators available according to the column type filtered.
    • Value field.
  • Parenthesis can be used.
  • When complex filters are defined, Axonius will display only values that match the complete filter.

  

• Duplicating Enforcement Sets

  • Added the capability to duplicate Enforcement Sets from the Enforcement Center page or from the Enforcement Set page.
  • A new Actions menu was added to the Enforcement Center page. From this Actions menu you can delete or duplicate Enforcement Sets.

  

  • To duplicate Enforcement Sets use Duplicate from the Actions menu. All properties of the Enforcement Set are cloned. You can edit them as required.
  • The option to duplicate and delete enforcement sets was also added to the View Tasks arrow menu on the Enforcement Set page.

• Query Wizard - Autocomplete Suggestions for Equals Values - The system now provides autocomplete suggestions for equals values.

  • On certain fields, when the operator is set to equals the value drop down box displays all of the values that exist in the system, so that you will easily be able to formulate a valid query, without having to guess the exact name of the component on your system. Once you type 3 letters, the system presents possible values for the field.

    

New Adapters

The following new adapters have been added in this release:

• Adaptive Shield
  • Adaptive Shield is a security posture management platform used to help businesses manage their cloud services.
  • This adapter fetches the following types of assets: Users.
• Atera
  • Atera is a cloud-based remote monitoring and management (RMM) platform for MSPs and IT professionals.
  • This adapter fetches the following types of assets: Devices.
• Atlassian Jira Software
  • Atlassian Jira Software is a work management tool for various use cases, from requirements and test case management to agile software development.
  • This adapter fetches the following types of assets: Users.
• baramundi
  • baramundi provides organizations with cross-platform management of networked endpoints in IT and manufacturing environments.
  • This adapter fetches the following types of assets: Devices.
• Bionic
  • Bionic is an agentless platform that helps teams to manage, operate and protect applications.
  • This adapter fetches the following types of assets: Devices.
• Cherwell IT Service Management Database
  • Cherwell IT Service Management Database is a service desk platform enabling automation for process workflows, supporting tasks, and related approvals.
  • This adapter fetches the following types of assets: Devices.
• CloudFit CFS
  • CloudFit CFS delivers managed, custom applications for cloud, hybrid, and on-premise environments.
  • This adapter fetches the following types of assets: Devices.
• CyberArk Endpoint Privilege Manager
  • CyberArk Endpoint Privilege Manager enforces least privilege, providing credential theft protection and application control at scale.
  • This adapter fetches the following types of assets: Devices.
• FortiClient EMS
  • FortiClient Enterprise Management Server (FortiClient EMS) is a security management solution that enables scalable and centralized management of multiple endpoints.
  • This adapter fetches the following types of assets: Devices.
• Fortify Software Security Center
  • Fortify Software Security Center offers security assurance solutions that address the threats posed by security flaws in business-critical software apps.
  • This adapter fetches the following types of assets: Devices.
• LastPass
  • LastPass is a password manager that stores encrypted passwords online.
  • This adapter fetches the following types of assets: Users.
• Nectus
  • Nectus is a network discovery, monitoring and visualization software.
  • This adapter fetches the following types of assets: Devices.
• PaperCut
  • PaperCut is a print management solution that provides print job tracking and reporting.
  • This adapter fetches the following types of assets: Devices.
• Proofpoint's ObserveIT Insider Threat Management (ITM) platform
  • Proofpoint's ObserveIT Insider Threat Management (ITM) platform is a cloud-based solution that provides insider risk detection, incident response, and unified visibility across user activity, data interaction, and threat context.
  • This adapter fetches the following types of assets: Devices.
• Rapid7 InsightIDR
  • Rapid7’s InsightIDR is a security center for incident detection and response, authentication monitoring, and endpoint visibility.
  • This adapter fetches the following types of assets: Devices.
• RiskSense
  • RiskSense provides vulnerability prioritization and management to dynamically control and measure cybersecurity risk.
  • This adapter fetches the following types of assets: Devices.
• Schneider Electric EcoStruxure IT
  • Schneider Electric EcoStruxure IT provides software and services for IT and Data Center teams to monitor and manage critical IT infrastructure on-premise, in the cloud, and at the edge.
  • This adapter fetches the following types of assets: Devices.
• Threat Stack
  • Threat Stack is a provider of cloud security management and compliance solutions.
  • This adapter fetches the following types of assets: Devices.

For more details:

• Explore the entire list of supported and integrated adapters.
• View the adapter enhancements in this release, under the Updated Adapters section in this article.
  
  

Adapters Interface Updates

The following updates have been made to the common functionality across all adapters:

• Adapters Fetch History

  • Added a new Actions menu with a Terminate Fetch option to the Adapters Fetch History page. Terminate Fetch lets you terminate Fetch for adapters.
  • Terminate Fetch is only applicable to adapters with the status 'Fetch Started'.
  • Fetch Terminated status was added to the list of statuses.

  

Dashboard Updates

The following updates have been made to the Axonius Dashboard:

• Refresh Space - Added the capability to update all of the charts in a dashboard space simultaneously.
  

• Field Segmentation Chart - Multiple enhancements:

  • Added a new Exclude adapters field to the Field Segmentation chart.

    • This new option allows you to select one or more adapters that will not be included in the data used to create this chart.
      

  • Added the capability to duplicate filter rows.
    

  • Added a new Use case-sensitive segmentation toggle button to the Field Segmentation chart.

    • This new toggle button allows you to define whether case will be considered in the data used to create this chart.
      

• Query Timeline Chart - multiple enhancements

  • Added a new Date Range Indication to the Query Timeline Chart.

  

  • Added the capability to click on any data point to open the chart in the 'Devices' or 'Users' page.

  

Device and User Tables Interface Updates

The following updates have been made to the device and user table related capabilities in Axonius:

• Support Complex Expressions for Column Filtering - Added the capability to filter columns by complex expressions.

  • Create complex filters using the following:
    • AND/OR available from the second row on.
    • NOT.
    • Field - including the possibility to filter by other fields as part of the complex field.
    • Operators available according to the column type filtered.
    • Value field.
  • Parenthesis can be used.
  • When complex filters are defined, Axonius will display only values that match the complete filter.

  

• Add Custom Fields

  • Adding Custom Fields has been made more streamlined.

  • From the Devices page, Action menu Add Custom Data was renamed to Add Custom Fields.
    

  • The Edit Fields button on the Adapter Connections tab on the Devices Profile page was renamed to Manage Custom Fields.

  • Added a new option to delete fields from a device.
    

• Copying a Link to Saved Queries
  • You can now copy a link to a saved query from the Devices and Users pages and then share it with others.
    
  • You can now copy a link to a saved query from the Saved Queries drawer on the Saved Queries page, and then share it with others.

• Query Wizard - Field Comparison - You can now make a Field Comparison with a preferred field when you choose Aggregated in the Device drop-down box.
  

• Query Wizard - Autocomplete Suggestions for Equals Values - The system now provides autocomplete suggestions for equals values.

  • On certain fields, when the operator is set to equals the value drop down box displays all of the values that exist in the system, so that you will easily be able to formulate a valid query, without having to guess the exact name of the component on your system. Once you type 3 letters, the system presents possible values for the field.

    

• Export CSV on the Users and Devices pages - the following enhancements have been made providing an additional way to see and examine the exported data.

  • Added a Split by fields values drop down box to the Export CSV dialog box. This enables you to create a CSV file where the values of complex fields and lists are represented as separate rows in the CSV files; for instance if you Split by fields values on Installed software complex field, you will be able to see all the installed software and all its fields as separate rows for each device.
  • Added a File name field to the Export CSV dialog box. This enables you to edit the name of the CSV file before creating the CSV file.

Enforcement Center Updates

The following updates have been made to the Axonius Security Policy Enforcement Center:

• Enforcement Tasks Page - Multiple enhancements:
  • Added a new Actions menu with a Terminate Task option. Terminate Task lets you terminate a running enforcement task.
  • Terminate Task is only applicable to tasks with the status 'In progress'.
  • Completed status is now displayed as either ‘Completed Successfully' or 'Completed with Errors’ to view and filter the status of enforcement tasks more easily.
  • Added filter by status and filter by date to the Enforcement Task table.

• Renaming Enforcement Sets and Actions

  • Added the capability to rename Enforcement Sets and Actions.

• Duplicating Enforcement Sets

  • Added the capability to duplicate Enforcement Sets from the Enforcement Center page or from the Enforcement Set page.
  • A new Actions menu was added to the Enforcement Center page. From this Actions menu you can delete or duplicate Enforcement Sets.

  

  • To duplicate Enforcement Sets use Duplicate from the Actions menu. All properties of the Enforcement Set are cloned. You can edit them as required.
  • The option to duplicate and delete enforcement sets was also added to the View Tasks arrow menu on the Enforcement Set page.

New Actions

Added the following Actions:

• Reset Users' Password - Added a new enforcement action called Reset User's Password under the Manage Microsoft Active Directory (AD) Services category.
  • This new action causes Active Directory to prompt users to change their password the next time that they try to login to their system.
    
    

Updated Actions

The following Actions have been enhanced:

• Create ServiceNow Incident - Added a new Include only added entities in attached CSV checkbox to the Add Action dialog for this action. This is relevant when 'Send CSV as attachment' is True.

  • If enabled, the attached CSV file with the query results will only contain information about the devices added in the trigger query since the previous execution of the enforcement task.
  • If disabled, the attached CSV file with the query results will contain information about all the relevant entities.
  • This checkbox is required.
  • The default value for this checkbox is False.
    
    

• Create ServiceNow Asset - Multiple enhancements:

  • Added a new Create ServiceNow asset for each installed software checkbox to the Add Action dialog for this action.
    • This new checkbox lets you select whether to create a new ServiceNow asset for each of the devices' installed software.
    • If enabled, an asset will be created in ServiceNow also for each of the devices' installed software.
    • If disabled, an asset will be created in ServiceNow only for the device.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new CIDR white list field to the Add Action dialog for this action in the Manage CMDB assets category.
    • This new field lets you specify a comma-separated list of CIDRs to be excluded.
    • If supplied, Axonius will only use ServiceNow IP addresses in the IP address range of the specified CIDRs.
    • If not supplied Axonius will add ServiceNow IP addresses in any IP address range.
    • This field is optional.
    • The default value for this checkbox is empty.
      
      

• Update ServiceNow Asset - Added a new CIDR white list field to the Add Action dialog for this action.

  • This new field lets you specify a comma-separated list of CIDRs to be excluded.
  • If supplied, Axonius will only use ServiceNow IP addresses in the IP address range of the specified CIDRs.
  • If not supplied Axonius will add ServiceNow IP addresses in any IP address range.
  • This field is optional.
  • The default value for this checkbox is empty.
    
    

• Update Cherwell Asset - Multiple enhancements.

  • Added a new CIDR exclude list field to the Add Action dialog for this action.
    • This new field lets you specify a comma-separated list of CIDRs to be excluded.
    • If supplied, Axonius will not add Cherwell IP addresses in the IP address range of the specified CIDRs.
    • If not supplied Axonius will add Cherwell IP addresses in any IP address range.
    • This field is optional.
    • The default value for this field is empty.
  • Added a new CIDR white list field to the Add Action dialog for this action.
    • This new field lets you specify a comma-separated list of CIDRs to be included.
    • If supplied, Axonius will only use Cherwell IP addresses in the IP address range of the specified CIDRs.
    • If not supplied Axonius will add Cherwell IP addresses in any IP address range.
    • This field is optional.
    • The default value for this field is empty.
      
      

• Create Cherwell Asset - Multiple enhancements.

  • Added a new CIDR exclude list field to the Add Action dialog for this action.
    • This new field lets you specify a comma-separated list of CIDRs to be excluded.
    • If supplied, Axonius will not add Cherwell IP addresses in the IP address range of the specified CIDRs.
    • If not supplied Axonius will add Cherwell IP addresses in any IP address range.
    • This field is optional.
    • The default value for this field is empty.
  • Added a new CIDR white list field to the Add Action dialog for this action.
    • This new field lets you specify a comma-separated list of CIDRs to be included.
    • If supplied, Axonius will only use Cherwell IP addresses in the IP range of the specified CIDRs.
    • If not supplied Axonius will add Cherwell IP addresses in any IP range.
    • This field is optional.
    • The default value for this field is empty.
      
      

• Add IPs to Rapid7 InsightVM Site - Added a new Source Adapter field to the Add Action dialog for this action.

  • This new field lets you specify an adapter name as it appears in Axonius (as in the Axonius URL) in order to send specific adapter IP data.
  • If supplied, it will send adapter IP data only from the adapter listed.
  • If not supplied it will send adapter IP data from all adapters.
  • This field is optional.
  • The default value for this checkbox is empty.
    
    

• Tag Tenable.io Assets - Added a new Create new tags if they do not exist field to the Tag Tenable.io Assets dialog for this action.

  • This new field lets you select whether to create new tags, if tags are listed that do not exist in Tenable.io.
  • If enabled - creates new tags that do not already exist in Tenable.io.
  • If disabled - tags that do not exist in Tenable.io will not be created and therefore will not be added to the assets.
  • This new field is required.
  • The default value for this field is false.

Cloud Asset Compliance Updates

The following updates have been made to the Axonius Cloud Asset Compliance:

• Excluding Rules - Multiple enhancements:

  • You can exclude rules from being included when Cloud Compliance runs. You can exclude a rule for a single account, or for all accounts. Excluded rules will not be calculated for the selected accounts as part of the benchmark score.
  • Added a new status - Excluded to the Benchmark Results table.
  • The Comments field in the Rule Details Drawer has been renamed to Exclusions and Comments.
  • Rules that are excluded appear in the Exclusions and Comments section.

  

General Enhancements

The following general enhancements have been made in Axonius:

• Login Page - Multiple enhancements:

  • The look and feel for the login page was updated.

  • The Login for LDAP and SSO has been redesigned so that the SAML/LDAP login buttons are side-by-side with the internal login.
    

  • The LDAP login flow has been updated.
    

  • It is now possible to add a custom message that will appear on the Login page.

Administrator Settings Interface Updates

The following updates have been made to the administrator settings in Axonius:

• Historical Snapshot Retention Settings on the Lifecycle Settings Page - Added rules for Historical Snapshot Retention Settings.

  • Historical Snapshot Retention Settings allows you to set rules to control the way historical data is retained. These rules define how many snapshots to keep or delete for set time periods. This helps conserve disk space and allows you to save reduced amounts of data for a longer period of time. For example, you can define that you will retain data up to 360 days and when the snapshot is older than 30 days, retain one snapshot every seven days.

  

• Global Settings - Multiple enhancements
  • Added a new Number of enforcement tasks that can run in parallel field to the Global Settings under the Aggregation Settings section.
    • This new setting lets you specify the number of enforcement tasks that can run simultaneously.
    • This setting is required.
    • The default value is 10.
  • Added a new Restrict Assignment of non-authorized permission toggle to the Global Settings under the Permission Assignment Settings section.
    • This new setting lets you select whether a user can edit or assign permissions to roles that the user does not have themselves.
    • If enabled, users with permissions to create/edit roles can only assign permissions that they themselves have.
    • If disabled, users with permissions to create/edit roles may assign any permissions to roles that they create or edit.
    • This setting is required.
    • The default value is switched off.
  • Added HashiCorp Vault as a new option to the Password Manager field under the Enterprise Password Management Settings section.
    • The integration between Axonius and HashiCorp Vault enables Axonius to securely pull privileged credentials from HashiCorp Vault. The integration helps ensuring that privileged credentials are secured in the HashiCorp Vault, rotated to meet company guidelines, and meet complexity requirements.

• GUI Settings - Added a new Custom Message field to the GUI Settings under Login Page Settings section.

  • Custom Message - This new setting lets you define a custom message that will appear on the Login page.
    • If supplied, the Login page will display that message on the Login page.
    • If not supplied, the Login page does not display a custom message.
    • The maximum number of characters a custom message can display is 3000 characters.
    • This field is optional.
    • The default value for this fields is empty.
      
      

• Identify Provider Settings - in the SAML-based Login Settings

  • Added a new section SAML User Parameters Mapping that lets you map SAML user parameter fields to Axonius fields.
  • You can map the following fields:
    • User name
    • First name
    • Last name
    • Email
      
      

• Manage Service Accounts New Manage Service Accounts tab added.

  • Use Service Accounts to manage accounts that will only connect to the system using API, such as external accounts.
  • Use the Manage Service Accounts tab to create a new Service Account, generate its API key and secret, and assign roles to Service Accounts.

• Permission List - Added the following new permissions:
  • View notifications permission in the System and User Management permission category.
    • This new permission lets you select whether the role allows seeing the notifications on the system.
    • If enabled, the users assigned to that role can see all system notifications.
    • If disabled, the users assigned to that role will not be able to see system notifications.
    • The default value for this permission is True for Admin and Viewer roles and False for Restricted and for No Access roles.
  • Manage service accounts permission in the System and User Management permission category.
    • This new permission lets you select whether the role allows managing of Service Accounts.
    • If enabled, the users assigned to that role can manage Service Accounts.
    • If disabled, the users assigned to that role will not be able to manage Service Accounts.
    • The default value for this permission is True for Admin roles and False for Viewer, Restricted and for No Access roles.
  • Manage admin users permission in the System and User Management permission category.
    • This new permission lets you select whether the role allows assigning and editing admin permissions in every location in the system.
    • If enabled, the users assigned to that role can assign and edit admin permissions in all locations in the system.
    • If disabled, the users assigned to that role will not be able to assign and edit admin permissions anywhere in the system.
    • The default value for this permission is True for Admin roles and False for Viewer, Restricted and for No Access roles.
  • Refresh Dashboard space permission in the Dashboard permission category.
    • This new permission lets you select whether the role allows to refresh the dashboard space.
    • If enabled, the users assigned to that role can refresh all charts in a dashboard space.
    • If disabled, the users assigned to that role will not be able to refresh all charts in a dashboard space.
    • The default value for this permission is True for Admin, Viewer and Restricted roles and False for the No Access role.
  • Terminate connection permission in the Adapters permission category.
    • This new permission lets you select whether the role allows terminating the Fetch process for selected adapters on the system.
    • If enabled, the users assigned to that role can terminate Fetch for selected adapters.
    • If disabled, the users assigned to that role will not be able to terminate Fetch for selected adapters.
    • The default value for this permission is True for Admin roles and False for Viewer, Restricted and for No Access roles.
  • Manage Exclusions and Comments permission in the Cloud Asset Compliance permission category.
    • The Manage Comments permission was renamed to Manage Exclusions and Comments.
    • This updated permission lets you select whether the role allows adding, editing and deleting exclusions and comments for compliance rules for selected accounts on the system.
    • If enabled, the users assigned to that role can manage exclusions and comments for selected accounts on the system.
    • If disabled, the users assigned to that role will not be able to manage exclusions and comments for selected accounts on the system.
  • Terminate Enforcement Tasks permission in the Enforcement Center permission category.
    • This new permission lets you select whether the role allows terminating enforcement.
    • If enabled, the users assigned to that role can terminate enforcement tasks.
    • If disabled, the users assigned to that role will not be able to terminate enforcement tasks.
    • The default value for this permission is True for Admin roles and False for Viewer, Restricted and No Access roles.
  • Duplicate Enforcement permission in the Enforcement Center permission category.
    • This new permission lets you select whether the role allows duplicating enforcement.
    • If enabled, the users assigned to that role can duplicate Enforcement Sets.
    • If disabled, the users assigned to that role will not be able to duplicate Enforcement Sets.
    • The default value for this permission is True for Admin roles and False for Viewer, Restricted and No Access roles.

Updated Adapters

The following adapters have been enhanced:

• Amazon Web Services (AWS) (Advanced Configuration File) - Multiple enhancements:

  • Added a new roles_for_account_name option to the Advanced Configuration File field in the Add Connection dialog for this adapter.
    • This new option is part of the key/value pairs that can be specified in the Advanced Configuration File.
    • This option adds the 'Account name' to the AWS Organization data that is populated in every AWS device and user.
  • Added a new fetch_roles_from_organization option to the Advanced Configuration File field in the Add Connection dialog for this adapter.
    • This new option is part of the key/value pairs that can be specified in the Advanced Configuration File.
    • This option allows the user to set a role in the advanced configuration that allows Axonius to discover all member accounts in an AWS Organization.

• Amazon Web Services (AWS)) (Advanced Settings) - Added a new Fetch information about API Gateway checkbox to the AWS Configuration tab in the Advanced Settings for this adapter.

  • This new checkbox lets you select whether to fetch AWS API Gateways and their related data.
  • If enabled, all connections for this adapter will fetch AWS API Gateways and their related data.
  • If disabled, all connections for this adapter will not fetch AWS API Gateways and their related data.
  • This checkbox is required.
  • The default value for this checkbox is False.
    
    

• CloudHealth (Advanced Settings) - Multiple enhancements:

  • Added a new Fetch AWS accounts checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to fetch AWS accounts.
    • If enabled, all connections for this adapter will fetch AWS accounts.
    • If disabled, all connections for this adapter will not fetch AWS accounts.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Fetch AWS Classic Load Balancers checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to fetch AWS Classic Load Balancers.
    • If enabled, all connections for this adapter will fetch AWS Classic Load Balancers.
    • If disabled, all connections for this adapter will not fetch AWS Classic Load Balancers.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Fetch AWS Application Load Balancers checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to fetch AWS Application Load Balancers.
    • If enabled, all connections for this adapter will fetch AWS Application Load Balancers.
    • If disabled, all connections for this adapter will not fetch AWS Application Load Balancers.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Fetch AWS Network Load Balancers checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to fetch AWS Network Load Balancers.
    • If enabled, all connections for this adapter will fetch AWS Network Load Balancers.
    • If disabled, all connections for this adapter will not fetch AWS Network Load Balancers.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Fetch AWS RDS instances checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to fetch AWS RDS instances.
    • If enabled, all connections for this adapter will fetch AWS RDS instances.
    • If disabled, all connections for this adapter will not fetch AWS RDS instances.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Fetch AWS S3 buckets checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to fetch AWS S3 buckets.
    • If enabled, all connections for this adapter will fetch AWS S3 buckets
    • If disabled, all connections for this adapter will not fetch AWS S3 buckets.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Fetch AWS VPCs checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to fetch AWS VPCs.
    • If enabled, all connections for this adapter will fetch AWS VPCs.
    • If disabled, all connections for this adapter will not fetch AWS VPCs.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Fetch AWS NAT gateways checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to fetch AWS NAT gateways.
    • If enabled, all connections for this adapter will fetch AWS NAT gateways
    • If disabled, all connections for this adapter will not fetch AWS NAT gateways.
    • This checkbox is required.
    • The default value for this checkbox is False.
      
      

• Druva (Advanced Settings) - Added a new Do not fetch disabled devices checkbox to the Druva Configuration tab in the Advanced Settings for this adapter.

  • This new checkbox lets you select whether to fetch disabled devices.
  • If enabled, all connections for this adapter will not fetch disabled devices.
  • If disabled, all connections for this adapter will fetch all devices including disabled devices.
  • This checkbox is required.
  • The default value for this checkbox is False.

• Google Workspace (G Suite) (Advanced Settings) - Added a new Fetch user groups checkbox to the Google Workspace Configuration tab in the Advanced Settings for this adapter.

  • This new checkbox lets you select whether to fetch user group memberships for each user from Google Workspace.
  • If enabled, all connections for this adapter will fetch user group memberships for each user.
  • If disabled, all connections for this adapter will not fetch user group memberships for each user.
  • This checkbox is required.
  • The default value for this checkbox is False.
    
    

• Infoblox NetMRI (Connection Configuration - Added a new Fetch Neighbors checkbox in the Add Connection dialog for this adapter.

  • This new checkbox lets you select whether to fetch neighbor devices.
  • If enabled, Axonius will fetch neighbor devices for this device.
  • If disabled, the neighbor devices will not be fetched for this device.
  • This checkbox is required.
  • The default value for this checkbox is False.
    
    

• Kolide Fleet (Connection Configuration) - Added new User Name and Password fields in the Add Connection dialog for this adapter.

  • These new fields let you use username and password authentication to connect to Kolide Fleet.
  • If both these fields are supplied, Axonius will connect to Kolide Fleet using user name and password authentication.
  • If both these fields are not supplied, you must supply an API Key for Axonius to connect to Kolide Fleet.
  • These new fields are optional.
  • The default value for these fields is empty.
    
    

• KnowBe4 (Advanced Settings) - Added a new Ignore archived users checkbox to the Infoblox NetMRI Configuration tab in the Advanced Settings for this adapter.

  • This new checkbox lets you choose whether to fetch archived users from KnowBe4.
  • If enabled, all connections for this adapter will fetch archived users from KnowBe4.
  • If disabled, all connections for this adapter will not fetch archived users from KnowBe4.
  • This checkbox is required.
  • The default value for this checkbox is False.
    
    

• McAfee ePolicy Orchestrator (ePO) (Connection Configuration) - Added a new Drive Encryption Query ID field in the Add Connection dialog for this adapter.

  • This new field lets you specify the ID of an existing EPO Query, that contains at least 'EPOLeafNode.NodeName' and 'EPESystems.State' information, to populate Hard Drive Encryption data for devices.
  • If supplied, Axonius will populate the Hard Drive Encryption data for devices.
  • If not supplied, Axonius will not populate the Hard Drive Encryption data for devices.
  • This new field is optional.
  • The default value for this field is empty.
    
    

• Microsoft Defender ATP (Advanced Settings) - Added a new Fetch recommendations checkbox to the Defender ATP Configuration tab in the Advanced Settings for this adapter.

  • This new checkbox lets you select whether to fetch security recommendations from Microsoft Defender ATP.
  • If enabled, all connections for this adapter will fetch security recommendations data from Microsoft Defender ATP.
  • If disabled, all connections for this adapter will not fetch any security recommendations data from Microsoft Defender ATP.
  • This checkbox is required.
  • The default value for this checkbox is False.
    
    

• Microsoft Azure Active Directory (Azure AD) (Advanced Settings) - Added a new Fetch mobile devices checkbox to the Azure AD Configuration tab in the Advanced Settings for this adapter.

  • This new checkbox lets you select whether to fetch mobile devices.
  • If enabled, all connections for this adapter will also fetch mobile devices.
  • If disabled, all connections for this adapter will not fetch mobile devices.
  • This checkbox is required.
  • The default value for this checkbox is True.
    
    

• MobileIron EMM (Advanced Settings) - Added a new Fetch Hardware Inventory from Cloud checkbox to the MobileIron EMM Configuration tab in the Advanced Settings for this adapter.

  • This new checkbox lets you select whether to fetch more information about the hardware. You can only set this if Is MobileIron Cloud is true.
  • If enabled, all connections for this adapter will fetch more information about the hardware.
  • If disabled, all connections for this adapter will not fetch more information about the hardware.
  • This checkbox is required.
  • The default value for this checkbox is False.
    
    

• Netskope (Advanced Settings) - Added a new Fetch mobile devices checkbox to the Netskope Configuration tab in the Advanced Settings for this adapter.

  • This new checkbox lets you select whether to fetch mobile devices.
  • If enabled, all connections for this adapter will fetch also mobile devices.
  • If disabled, all connections for this adapter will not fetch mobile devices.
  • This checkbox is required.
  • The default value for this checkbox is True.
    
    

• Orca Cloud Visibility Platform (Advanced Settings) - Added a new Asset type exclude list field to the Orca Configuration tab in the Advanced Settings for this adapter.

  • This new field lets you specify a comma-separated list of asset types.
  • If supplied, all connections for this adapter will not fetch devices whose asset type is any of the comma-separated list of asset types that have been defined in this field.
  • If not supplied, all connections for this adapter will fetch devices with any asset type.
  • This field is optional.
  • The default value for this field is empty.
    
    

• Qualys Cloud Platform - Multiple enhancements:

  • This adapter now fetches users as well as devices.
  • Added a new Fetch users checkbox to the Qualys Configuration tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to fetch user account date from Qualys.
    • If enabled, all connections for this adapter will fetch user account data from Qualys.
    • If disabled, all connections for this adapter will not fetch user account data from Qualys.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Fetch QID CVE ID checkbox to the Qualys Configuration tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to fetch additional CVEs for each QID in the vulnerability list from the next URL API.
    • If enabled, all connections for this adapter will fetch additional CVEs.
    • If disabled, all connections for this adapter will not fetch additional CVEs.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Use ‘lastCheckedIn’ field as ‘last_seen’ checkbox to the Qualys Cloud Platform tab in the Advanced Settings for this adapter.
    • This new checkbox lets you define how to compute the 'last_seen' field in Qualys.
    • If enabled, all connections for this adapter will compute the 'last_seen' field from the lastCheckedIn field and then from the LastVulnScan field.
    • If disabled, all connections for this adapter will not use these fields to compute the 'last_seen' field in Qualys Cloud Platform.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Do not fetch devices without Last Seen checkbox to the Qualys Cloud Platform tab in the Advanced Settings for this adapter.
    • This new checkbox lets you define whether to fetch devices without the last_seen attribute.
    • If enabled, all connections for this adapter will not fetch devices without the last_seen attribute.
    • If disabled, all connections for this adapter will fetch devices without the last_seen attribute.
    • This checkbox is required.
    • The default value for this checkbox is False.
      
      

• ServiceNow - Multiple enhancements

  • The following configurations were moved from the ServiceNow tab in the Advanced Settings to the Connection configuration dialog for this adapter.
    • Fetch devices updated in ServiceNow in the last X hours (0: All)
    • Fetch users updated in ServiceNow in the last X hours (0: All)
    • Fetch users created in ServiceNow in the last X hours (0: All)
  • Added new Client ID and Client Secret fields in the Add Connection dialog for this adapter.
    • These new fields let you use OAuth authentication to connect to ServiceNow.
    • If both these fields are supplied, Axonius will connect to ServiceNow using OAuth authentication.
    • If both these fields are not supplied, Axonius will connect to ServiceNow using basic authentication.
    • These new fields are optional.
    • The default value for these fields is empty.
  • Added a new Fetch only parsed fields for users checkbox to the ServiceNow tab in the Advanced Settings for this adapter.
    • This new checkbox lets you define which fields are fetched from ServiceNow.
    • If disabled (default setting), all connections for this adapter will fetch all fields from ServiceNow, show them all in the “view advanced” section and parse only the fields required.
    • If enabled, all connections from this adapter will fetch only specific fields from ServiceNow.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Fetch upstream related Certificate information checkbox to the ServiceNow Configuration tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to fetch the certificate information of device assets from ServiceNow.
    • If enabled, all connections for this adapter will fetch the certificate information of device assets from ServiceNow.
    • If disabled, all connections for this adapter will not fetch the certificate information of device assets from ServiceNow.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new last_discovered' device field exclusively as 'last_seen' checkbox to the ServiceNow Configuration tab in the Advanced Settings for this adapter.
    • This new checkbox lets you define how to compute the 'last_seen" field in Service Now.
    • If enabled, all connections for this adapter will compute the 'last_seen' field from the 'last_discovered' raw field, if this field does not exist 'last_seen' will not exist.
    • If disabled, all connections for this adapter will use max('last_discovered', ‘sys_updated_on’) to compute last_seen.
    • This checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Fetch users updated in ServiceNow in the last X hours' field to the ServiceNow Configuration tab in the Advanced Settings for this adapter.
    • This new field lets you define how to fetch users in ServiceNow.
    • If a value is set, all connections for this adapter will fetch only users seen in the last X hours.
    • If not set, all connections for this adapter will fetch all users.
    • This field is optional.
    • The default value for this field is 0 which is all.
  • Added a new Fetch only parsed fields for users checkbox to the ServiceNow Configuration tab in the Advanced Settings for this adapter.
    • This new checkbox lets you define how to fetch users in ServiceNow.
    • If False, all connections for this adapter will fetch all fields from ServiceNow, show them all in “view advanced” section and parse only the fields required.
    • If True - only specific fields are brought.
    • If disabled, all connections for this adapter will fetch all users.
    • This checkbox is required.
    • The default value for this checkbox is False.
      
      

• Splunk - Moved the Splunk search macros list field and the Splunk installed software search macros list field from the Advanced Settings to the Add Configuration dialog on this adapter.
  
  

• Tenable.io - Moved the Tag key whitelist field from the Advanced Settings to the Add Configuration dialog and renamed it Tenable.io Tags whitelist on this adapter.
  
  

• Tenable.sc (Advanced Settings) - Added a new Parse interface name from vulnerability text checkbox to the Tenable.sc Configuration tab in the Advanced Settings for this adapter.

  • This new checkbox lets you select whether to parse device interface name from the vulnerability text.
  • If enabled, all connections for this adapter will parse the device interface name from the vulnerability text.
  • If disabled, all connections for this adapter will not parse the device interface name.
  • This checkbox is required.
  • The default value for this checkbox is False.
    
    

• Tenable Nessus CSV File (Advanced Settings) - Added a new Only get devices with MAC, Hostname or correlatable IP address checkbox to the Nessus CSV Configuration tab in the Advanced Settings for this adapter.

  • This new checkbox lets you select whether to exclude fetching devices without MAC address, without hostname and without an IP address that can be correlated to other existing IP address.
  • If enabled, all connections for this adapter will only fetch devices having at least one of the following:
    • MAC address
    • Hostname
    • IP address that can be correlated with an existing IP address in Axonius.
  • If disabled, all connections for this adapter will fetch devices even if those do not have MAC address, no hostname and no IP address that can be correlated to other existing IP address.
  • This checkbox is required.
  • The default value for this checkbox is False.
    
    

• Workday (Connection Configuration) - Added a new Fetch Events Effective X Days Forward field to the Add Connection dialog for this adapter.

  • This new field lets you enter a value to set an effective future date to ensure information about future hires is accurate.
  • If a value is set, this adapter will fetch information relating to future events up to the number of days set in the future.
  • If this field is left empty, this adapter will not fetch any information relating to future events.
  • This field is optional.
  • The default value for this checkbox is Empty.