Axonius 6.1 Ongoing Adapter and Enforcement Action Updates
  • 11 Jul 2024
  • 40 Minutes to read
  • Dark
    Light
  • PDF

Axonius 6.1 Ongoing Adapter and Enforcement Action Updates

  • Dark
    Light
  • PDF

Article summary

The following includes new Adapters and Enforcement Actions and ongoing updates to Adapters and Enforcement Actions as they are added to Axonius 6.1

New Adapters

The following new adapters were added:

  • 1Password REST
    • 1Password is a password manager providing a place for users to store various passwords, software licenses, and other sensitive information in a virtual vault. (Fetches: Activities) (6.1.21.0)
  • 3Play Media
    • 3Play Media offers video accessibility services through transcription, captioning, and audio description. (Fetches: Users) (6.1.1.0)
  • Abnormal Security
    • Abnormal Security is an email security provider that helps companies protect against targeted email attacks. (Fetches: Users) (6.1.8.0)
  • A Cloud Guru
    • A Cloud Guru is an online learning platform that specializes in teaching cloud computing and related technologies. (Fetches: Users) (6.1.0.0)
  • Acronis
    • Acronis is a backup solution providing data protection and recovery for servers and endpoints. (Fetches: Devices) (6.1.12.0)
  • Action1
    • Action1 is a cloud-based platform that automates patch management and vulnerability remediation. (Fetches: Devices) (6.1.5.1)
  • Active Directory Federation Service (AD FS)
    • Active Directory Federation Service (AD FS) is a software component developed by Microsoft that provides users with single sign-on and identity access. (Fetches: Groups, User Extensions) (6.1.21.2)
  • Akamai CDN Cloud
    • Akamai CDN Cloud is a content delivery network that accelerates web and video content delivery globally. (Fetches: Users) (6.1.12.0)
  • Amplitude
    • Amplitude is a digital analytics platform that tracks and analyzes user behavior across various platforms. (Fetches: Users) (6.1.1.0)
  • Anecdotes
    • Anecdotes is a compliance management platform. (Fetches: Devices) (6.1.0.2)
  • Apple App Store Connect
    • Apple App Store Connect is a platform for developers to manage, release, and report on their iOS apps. (Fetches: Devices) (6.1.0.3)
  • Aqua Security (SaaS)
    • Aqua Security provides container and cloud native cybersecurity for teams using Docker, Kubernetes, serverless, and other cloud native technologies. (Fetches: Devices, Users) (6.1.20.1)
  • Arnica.io
    • Arnica.io is a cloud-based security platform that scans APIs to identify vulnerabilities. (Fetches: Devices) (6.1.14.0)
  • Atlassian Access
    • Atlassian Access is an identity and access management solution for controlling user access to applications and resources. (Fetches: Users) (6.1.11.2)
  • Atlassian Confluence
    • Atlassian Confluence provides information on Confluence entities, like pages and blog posts, spaces, users, groups, and more. (Fetches: Users) (6.1.1.0)
  • Automatos
    • Automatos is a platform that delivers solutions to surmount challenges in IT asset management. (Fetches: Devices) (6.1.17.0)
  • Azure DevOps (On-Prem)
    • Azure DevOps (On-Prem) is a Microsoft product that provides version control, reporting, requirements management, project management, automated builds, testing and release management capabilities. (Fetches: Users, Groups) (6.1.10.4)
  • Beeline
    • Beeline is a cloud-based system for managing and procuring employees and services. (Fetches: Users) (6.1.18.0)
  • Censys ASM
    • Censys ASM is a tool designed to provide attack surface management by identifying and monitoring threats and exposures. (Fetches: Devices, Activities, Certificates, Application Resources) (6.1.23.1)
  • Cervello
    • Cervello is a railway cybersecurity platform that monitors, protects, and manages rail operations. (Fetches: Devices) (6.1.19.0)
  • Cisco Adaptive Security Appliance (ASA)
    • Cisco Adaptive Security Appliance (ASA) Software is the core operating system for the Cisco ASA Family, delivering firewall capabilities for ASA devices in an array of form factors. (Fetches: Devices, Users) (6.1.19.0)
  • Cisco Common Service Platform Collector (CSPC)
    • The Cisco Common Service Platform Collector (CSPC) is an SNMP-based tool that discovers and collects information from the Cisco devices installed on companies' networks. (Fetches: Devices) (6.1.6.0)
  • Citrix Application Delivery Management (ADM)
    • Citrix Application Delivery Management (ADM) is a platform enabling automation, orchestration, management, and analytics across hybrid multi-cloud environments. (Fetches: Devices) (6.1.7.0)
  • Claroty Cloud
    • Claroty Cloud is a cyber-physical security (CPS) platform for IoT security. (Fetches: Devices) (6.0.18.8)
  • CyberArk Privilege Cloud
    • CyberArk Privilege Cloud is a privileged access management (PAM) solution for securing, managing, and monitoring privileged accounts. (Fetches: Users) (6.1.12.0)
  • CyberGRX (Global Risk Exchange)
    • CyberGRX (Global Risk Exchange) is a collaborative risk exchange platform for managing third-party cyber risk assessments. (Fetches: Devices) (6.1.10.0)
  • Cynerio
    • Cynerio is a healthcare IoT security platform that identifies, monitors, and secures connected medical devices. (Fetches: Devices, Vulnerabilities) (6.1.18.0)
  • Dell Unisphere for PowerMax
    • Dell Unisphere for PowerMax is a management tool for administering and monitoring PowerMax storage arrays. (Fetches: Devices) (6.1.15.0)
  • DeviceTotal
    • DeviceTotal is an agentless attack surface management solution. (Fetches: Devices) (6.1.8.0)
  • Dialpad
    • Dialpad is a cloud-based communication and collaboration platform for voice, video, and messaging. (Fetches: Users) (6.1.10.7)
  • Digi
    • Digi provides IoT solutions including hardware, software, and services for connecting and managing IoT devices and networks. (Fetches: Devices) (6.1.14.0)
  • DNSFilter
    • DNSFilter is a cloud-based web content filtering solution that protects users from accessing malicious or inappropriate websites. (Fetches: Devices) (6.1.17.0)
  • Docker Engine
    • Docker Engine is an open-source containerization technology that helps development teams build and manage applications. (Fetches: Devices) (6.1.5.0)
  • EcoStruxure IT Advisor
    • EcoStruxure IT Advisor is asset and planning software that facilitates OpEx management. (Fetches: Devices) (6.1.10.0)
  • Efecte
    • Efecte is an IT service management (ITSM) and collaboration platform with a focus on SaaS security and configuration management. (Fetches: Devices) (6.1.4.0)
  • Everbridge
    • Everbridge is an emergency notification and critical event management platform for communicating during incidents or crises. (Fetches: Users) (6.1.17.0)
  • Exabeam Cloud
    • Exabeam Cloud is a cloud-based Security Information and Event Management (SIEM) solution. (Fetches: Devices) (6.1.12.0)
  • FileWave
    • FileWave offers unified device management for all devices, platforms, and environments. (Fetches: Devices) (6.1.17.0)
  • FireMon Asset Manager
    • FireMon Asset Manager is a network visibility solution for cyber situational awareness and compliance monitoring. (Fetches: Devices) (6.1.6.0)
  • FortiCloud
    • FortiCloud is a cloud-based platform offering compliance, security and management services for Fortinet solutions. (Fetches: Devices) (6.1.8.0)
  • Fortify On Demand
    • Fortify On Demand delivers application security as a service, providing security testing and vulnerability management. (Fetches: Devices, Users) (6.1.17.0)
  • Gainsight PX
    • Gainsight PX is a product experience platform that helps businesses understand and improve user engagement with their software products. (Fetches: Users) (6.1.20.1)
  • Google Tag Manager
    • Google Tag Manager is a tag management system for web pages that allows marketers and developers to manage and deploy marketing tags and other code snippets on their websites. (Fetches: Users) (6.1.16.0)
  • HPE GreenLake for Compute Ops Management
    • HPE GreenLake for Compute Ops Management is a cloud-based management platform for automating and optimizing compute operations. (Fetches: Devices) (6.1.20.1)
  • IBM Turbonomic
    • IBM Turbonomic is a performance and cost optimization platform for public, private, and hybrid cloud. (Fetches: Users) (6.1.11.0)
  • Intigriti
    • Intigriti is a platform for security testing that assesses risk to prioritize remediation. (Fetches: Devices, Vulnerabilities) (6.1.22.2)
  • IONIX (formerly Cyberpion)
    • IONIX (formerly Cyberpion) is a SaaS-based external attack surface management solution. (Fetches: Devices) (6.1.20.1)
  • IPDB (BT Diamond IP IPControl)
    • BT Diamond IP IPControl (IPDB) is IP address management (IPAM) software designed to manage and allocate IP addresses in enterprise networks. (Fetches: Devices) (6.1.14.0)
  • JetBrains
    • JetBrains is an integrated development environment (IDE) for software development that provides a suite of tools and features to help developers write, test, and deploy code. (Fetches: Licenses) (6.1.19.0)
  • JFrog Xray
    • JFrog Xray is a software composition analysis (SCA) tool that scans software artifacts for security vulnerabilities, open source license compliance, and software quality. (Fetches: Devices) (6.1.10.0)
  • Jira Service Management (Service Desk) Fetch Tickets
    • Jira Service Management (Service Desk) is a project management tool that helps software development teams plan, track, and release software. (Fetches: Tickets) (6.1.16.0)
  • Lattice
    • Lattice is a people management platform that allows human resources teams to engage employees and measure performance. (Fetches: Users) (6.1.13.0)
  • LeanIX
    • LeanIX is a cloud-based software platform that helps companies manage and optimize their IT infrastructure and applications. (Fetches: Devices) (6.1.6.4)
  • LogicGate
    • LogicGate provides a governance, risk, and compliance (GRC) platform. (Fetches: Users) (6.1.17.0)
  • Meta Business
    • Meta Business is a customer relationship management (CRM) and advertising platform for management of customer data, marketing campaigns, and advertising efforts across Meta's social media platforms. (Fetches: Users) (6.1.18.0)
  • Microsoft Power BI
    • Microsoft Power BI is a business analytics tool for visualizing and sharing data insights across an organization. (Fetches: Users, Groups, Compute Services) (6.1.17.7)
  • Microsoft Teams
    • Microsoft Teams is a workspace for real-time collaboration and communication, meetings, file and app sharing. (Fetches: Devices) (6.1.11.0)
  • Mimecast - V2
    • Mimecast provides a mail management system designed to protect email, ensure access and simplify the tasks of managing email. (Fetches: Users) (6.1.1.0)
  • Nautobot
    • Nautobot is a network documentation and automation platform for managing network resources. (Fetches: Devices) (6.1.8.2)
  • Netreo
    • Netreo is an IT infrastructure monitoring platform. (Fetches: Devices) (6.1.5.1)
  • Nexthink Query Language (NQL)
    • Nexthink Query Language (NQL) is a programming language developed by Nexthink for querying data from its platform. (Fetches: Devices, Users) (6.1.3.2)
  • Nozomi Vantage
    • Nozomi Vantage is a SaaS platform for global network monitoring and protection. (Fetches: Devices) (6.1.21.0)
  • Onapsis
    • Onapsis cybersecurity solutions automate the monitoring and protection of SAP and Oracle applications. (Fetches: Devices) (6.1.11.0)
  • Oracle Identity and Access Management (IAM)
    • Oracle Identity and Access Management (IAM) is a software suite that enables enterprises to manage and automate user identities. (Fetches: Users) (6.1.10.0)
  • Paycom
    • Paycom is a programmatic interface for managing user roles and permissions. (Fetches: Users) (6.1.17.0)
  • PDQ Connect
    • PDQ Connect is a remote desktop and server management tool that allows IT administrators to remotely access and manage Windows computers and servers. (Fetches: Devices) (6.1.17.0)
  • PowerDNS
    • PowerDNS is an open-source DNS server program, offering both authoritative and recursive DNS services. (Fetches: Devices) (6.1.1.3)
  • Proxyclick
    • Proxyclick App is a visitor management system that helps companies digitize the check-in process for employees, contractors, and visitors. (Fetches: Users) (6.1.0.3)
  • Qualys VMDR OT
    • Qualys VMDR OT is a cloud-based platform for asset inventory and vulnerability management of critical industrial infrastructure. (Fetches: Devices) (6.1.5.0)
  • Qualys WAS
    • Qualys WAS is a web application scanning tool for identifying vulnerabilities in web applications. (Fetches: Vulnerabilities, SaaS Applications, Application Services) (6.1.22.0)
  • Rapid7 Insight AppSec
    • Rapid7 Insight AppSec performs black-box security testing to identify vulnerabilities, triage vulnerabilities, prioritize actions, and remediate application risk. (Fetches: Devices) (6.1.18.0)
  • RemotePC
    • RemotePC is a tool for remote access and control of computers and devices. (Fetches: Devices, Users) (6.1.5.2)
  • Safe Security
    • Safe Security is a platform that provides real-time cyber risk quantification and management. (Fetches: Devices, Users)
  • SolarWinds Pingdom
    • SolarWinds Pingdom is a website and server monitoring tool that helps organizations track the uptime, performance, and availability of their web-based applications and services. (Fetches: Users) (6.1.16.0)
  • SPEKTRA
    • NTT SPEKTRA (Sentient Platform for Network Transformation) is a managed network services platform. (Fetches: Devices) (6.1.0.2)
  • Spirent Velocity
    • Spirent Velocity is a software deployment and release management tool used for automating application deployments. (Fetches: Devices) (6.1.17.6)
  • Tangoe Managed Mobility Services (MMS)
    • Tangoe Managed Mobility Services (MMS) provides end-to-end mobile lifecycle management. (Fetches: Devices, Users) (6.1.6.0)
  • Trace3 LAMP
    • Trace3 Technology Lifecycle Management Platform (LAMP) is an IT Asset Management (ITAM) platform. (Fetches: Devices) (6.1.4.2)
  • UnifiedFX PhoneView
    • UnifiedFX PhoneView is a Cisco Preferred Solutions Partner which offers Cisco Phone Management Software. (Fetches: Devices) (6.0.18.8)
  • Veritas NetBackup
    • Veritas NetBackup is an enterprise backup solution offering data management, automation, artificial intelligence, and elastic architecture. (Fetches: Devices) (6.1.2.2)
  • Verkada
    • Verkada is a cloud-based security platform offering video surveillance, access control, and environmental sensors. (Fetches: Devices, Users) (6.1.19.0)
  • Windows Server Update Services (WSUS) SQL
    • Windows Server Update Services (WSUS) - SQL, previously Software Update Services (SUS), enables administrators to manage the distribution of updates and hotfixes released for Microsoft products. (Devices) (6.1.1.0)
  • Wrike
    • Wrike is software designed to help teams plan, organize, manage, and track tasks and projects. (Users) (6.1.18.0)
  • Zscaler Client Connector
    • Zscaler Client Connector enables secure access to business applications from any device. (Fetches: Devices) (6.0.18.8)

Updated Adapters

The following adapters were enhanced:

  • Abnormal Security - Email Domain was added to connection parameters. (6.1.14.0)
  • Absolute - Added the option to fetch only the latest installed app version of devices. (6.1.13.0)
  • Adobe - Added support for fetching licenses along with other SaaS data. (6.1.5.0)
  • Adobe Acrobat Sign
    • Added the option to fetch full data per user. (6.1.5.0)
    • Added the capability to enter a comma-separated list of users to filter with specified user statuses. (6.1.5.0)
  • Airlock Digital - Added the option to fetch information about group policies. (6.1.3.0)
  • Aruba ClearPass - Added the option to set endpoint devices as network infrastructure devices. (6.1.1.5)
  • AssetPanda
    • Added the option to parse the invoice number. (6.1.8.0)
    • Added the option to parse the PO number. (6.1.8.0)
    • Added the option to parse the employee status field. (6.1.8.0)
  • AWS
    • Added the option to split subnets of a VPC network into individual assets. (6.1.3.0)
    • Added the option to fetch CloudFormation Stacks as assets. (6.1.4.0)
    • Added the option to fetch AWS step functions as assets. (6.1.4.0)
    • Added the option to fetch AWS Service Catalogs as assets. (6.1.4.0)
    • Added the option to fetch CloudWatch Alarms as assets. (6.1.4.0)
    • Added the option to fetch the Kinesis Data analytics as devices. (6.1.5.0)
    • Added the option to fetch Direct Connect data assets associated with Network Services. (6.1.6.0)
    • Amazon Route 53 DNS records can now be fetched as Network Service assets (6.1.11.0)
    • SSM Parameters Store are now fetched as Configuration assets. (6.1.19.3)
  • Axonius Network Discovery
    • Added the capability to configure how to fetch certificates, either in normal fetch, background fetch or not all. (6.1.10.0)
    • Added the capability to configure custom ports to scan. (6.1.17.0)
  • Axonius Users - Added the capability to enter a number of days to retrieve all activity logs for that user in that time range. (6.0.0.1)
  • Azure DevOps - Added the option to fetch the Git Repositories from the projects in Azure DevOps. (6.1.8.0)
  • BambooHR
    • Added the capability to enter the name of the LOA employee table to fetch from. (6.1.0.0)
    • It is now possible to fetch data from more than one table. (6.1.10.0)
  • BigFix Compliance Analytics (formerly SCA) - Added the capability to enter a comma-separated list of checklist IDs to fetch from. (6.1.8.0)
  • BitSight Security Ratings - Added the option to fetch company assets. (6.1.8.0)
  • BloodHound - Added support for SaaS instances of BloodHound. (6.1.5.0)
  • Cisco DNA Center
    • Added the option to fetch additional devices from the default “Client Detail” report. (6.1.4.0)
    • Users can now configure the “Client Detail” report by name. (6.1.5.2)
  • Cisco Identity Services Engine (ISE) - Added the option to add authentication status data for each fetched endpoint. (6.1.15.0)
  • Cisco Intersight
    • Added the option to fetch chassis devices as assets. (6.1.12.0)
    • Added the option to fetch SAN switches as assets. (6.1.12.0)
    • Added the option to override the available name in the SAN Switch API response using the MDS prefix along with the Network Policy Name. (6.1.20.1)
  • Cisco Meraki - Added the option to fetch firewall rules. (6.1.19.0)
  • Cloudflare DNS - Added the option to fetch certificates. (6.1.13.0)
  • Cloudflare Zero Trust
    • Added the option to add subdomain data for each device. (6.1.5.0)
    • Added the option to add policy data for each user. (6.1.5.0)
  • Code42 Incyder - Added the option to ignore devices fetched from Code42 with the values “Deactivated” or “Blocked” in the status field. (6.1.4.0)
  • CrowdStrike Falcon
    • Added the option to enable the parsing of vulnerability descriptions (disabled by default). (6.0.19.3)
    • Added the capability to avoid duplicate devices. (6.1.16.0)
    • Added the capability to set the amount of requests per second. (6.1.21.0)
  • CrowdStrike Falcon Discover
    • Added the capability to only fetch applications used in the selected amount of days. (6.1.1.2)
    • Added the option to configure a pattern to apply to an interface alias in order to identify a historical IP address and record it separately from current IP addresses. (6.1.2.0)
    • Added the capability to filter devices by their discoverer count field. (6.1.6.0)
    • Added enhanced device search settings. (6.1.17.0)
  • CrowdStrike Falcon Identity Protection (Preempt)
    • Added the option to rename risk factors. (6.1.9.0)
    • Added the option to exclude devices with the risk factor type of 'UNMANAGED_HOST'. (6.1.11.0)
  • CSV - Added the option to allow the system to support assets with empty fields. If an asset was created with a field that contained a value, when the CSV file subsequently contains an empty field with the same name, the device or user asset will display that field without a value in it. (6.1.15.2)
  • CyberArk Alero
    • Tenant ID and Service Account JSON were added to connection parameters. (6.1.4.0)
    • API Key was removed from connection parameters. (6.1.4.0)
  • CyberArk Idaptive - Added the option to fetch user roles and user groups. (6.1.20.1)
  • CyberArk Privileged Account Security
    • Added the option to fetch the activities for each account. (6.1.0.0)
    • Added the option to fetch additional data about each account. (6.1.0.0)
    • Added support for OAuth2 authentication. (6.1.4.0)
    • Added the option to parse the domain value as an associated device. (6.1.10.0)
  • CyCognito Platform
    • Added the option to fetch domains. (6.1.12.0)
    • Added the option to fetch vulnerabilities. (6.1.16.0)
  • Darktrace - Added the capability to select the types of devices to fetch. (6.1.5.0)
  • Dell OpenManage Enterprise
    • Added the option to fetch warranties of each device. (6.1.11.0)
    • This adapter now fetches users. (6.1.20.1)
    • Added the option to fetch the compliance statuses of each device and the components of the device. (6.1.21.0)
  • DigiCert CertCentral
    • This adapter now fetches certificates as assets. (6.1.19.0)
    • Added the capability to create either certificate assets, device assets, or both assets. (6.1.19.0)
    • Added the option to fetch order certificate notes. (6.1.19.0)
  • Druva Cloud Platform - Added the option to fetch the Microsoft 365 apps status configured to backup as an Application asset type. (6.1.16.0)
  • Duo Beyond
    • Added the option to not fetch phones as devices. (6.1.10.0)
    • Added the option to fetch users with the Telephony Logs by phone number. (6.1.14.0)
    • Added the capability to specify the amount of days back to look for credit usage logs. (6.1.17.0)
  • Dynatrace - Added the option to categorize devices under different asset types. (6.1.12.0)
  • Eagle Eye Networks - Added the option to enrich the device with extra device information. (6.1.4.0)
  • EfficientIP SOLIDserver DDI - Added the option to fetch DHCP scopes, ranges, leases, and statics as devices.
  • Eracent - Added the option to use the field "LanName" instead of "DnsName" for the Hostname field.
  • FireMon Security Manager - Added the option to try to parse SyslogMatch Names as IP addresses or serial numbers. (6.1.9.0)
  • FlexNet Manager Suite Cloud - Added the option to fetch Software Technopedia fields. (6.1.22.0)
  • Foreman - Added the option to fetch the APT security updates count. (6.1.15.0)
  • ForeScout CounterACT - Added the option to map ForeScout script results to device fields. (6.1.18.0)
  • FortiClient EMS - Added support for cloud version of FortiClient EMS. (6.1.9.0)
  • Fortinet FortiGate - Added the option to fetch VPN SSL sessions as Devices. (6.1.0.0)
  • Forward Networks
    • Added the option to use the networks API to fetch devices. (6.1.13.0)
    • Added the option to fetch vulnerabilities. (6.1.16.0)
  • Freshservice - Added the option to fetch device relationships from Freshservice. (6.1.7.0)
  • GoDaddy
    • Added support for the GoDaddy v2 API. (6.1.2.0)
    • Added support for certificates as assets. (6.1.10.0)
  • Google Cloud Platform (GCP)
    • Added the option to fetch all Google Cloud Compute Disk Images, Snapshots and Templates. (6.1.2.0)
    • Added the option to split subnets of a VPC network into individual assets. (6.1.5.0)
    • Added the option to fetch only compute devices that are turned on. (6.1.11.0)
    • Added the option to fetch Serverless Functions from the 'Cloud Functions' service. (6.1.21.0)
  • Google Workspace
    • Added an advanced setting to populate the asset name with the value of the Annotation ID (when the value exists) instead of using the value in the Name field. (6.1.2.2)
    • Added proxy values (Proxy address, Proxy port, Proxy username, and Proxy password) to the adapter connections. (6.1.6.4)
    • Added the option to use the host name as the asset name, when the host name exists. (6.1.9.1)
    • The 'Fetch User Audit Logs' advanced setting was changed to 'Number of days for Audit Log data.' Users can enter the number of days before the last successful fetch to retrieve audit logs for. (6.1.16.2)
  • Guardicore - Added the option to fetch full agent information for a device. (6.1.7.0)
  • Have I Been Pwned - Added the capability to retrieve all breached accounts associated with a domain. (6.1.9.0)
  • Imperva Data Activity Monitoring (DAM)
    • Added the option to fetch DAS assessment results. (6.1.22.0)
    • Added the option to use the database name for the asset name. (6.1.22.0)
  • Infoblox DDI
    • Added the option to fetch DNS CNAME records. (6.1.5.0)
    • Added the option to fetch DHCP address ranges. (6.1.7.0)
    • Added the option to fetch Infoblox networks as assets. (6.1.11.0)
    • Added the option to fetch shared A records from Infoblox. (6.1.12.0)
  • Ivanti Endpoint Security - Added the capability to select an API version. (6.1.16.1)
  • JFrog Artifactory
    • Added the option to use a user name and password for authentication. (6.1.15.0)
    • Added the option to not fetch users. (6.1.15.0)
  • Jira Service Management - Added the option to use the "Updated" field as "Last Seen". (6.1.21.2)
  • JSON - JSONL format is now supported. (6.1.16.0)
  • Juniper Junos Space - Added the option to fetch users. (6.1.12.0)
  • Kandji - Added the option to fetch devices not yet enrolled. (6.1.7.0)
  • Keyfactor
    • This adapter now fetches users.
    • Added permissions that are required in order to use the endpoint 'GET SSH Users'.
    • Added the option to fetch certificates from collections the customer has in Keyfactor.
  • KnowBe4 - Added the option to remove fields without value from the latest fetch. (6.1.19.0)
  • Kolide K2 - Added the capability to enrich Kolide devices using a custom report that will be fetched from api/v0/reporting/queries/{query_id}. (6.1.14.0)
  • Lakeside SysTrack - Added the option to fetch the local member inventory for each system. (6.1.4.0)
  • Landscape
    • Added the option to fetch devices with packages installed on Linux laptops covered by Landscape. (6.1.20.1)
    • Added the option to parse the title to Last Used Users and the hostname to Asset Name. (6.1.20.1)
  • Lansweeper Cloud - Added the option to fetch vulnerabilities. (6.1.23.0)
  • Linux SSH Scan now supports Solaris. (6.1.6.0)
  • LogicMonitor - Added the capability to enter fields from autoProperties field in the device's JSON to dynamically parse them into queryable fields (both common and specific). (6.1.18.0)
  • LogRhythm - Added the capability to enter a record status with which to ignore devices. (6.1.23.0)
  • Lookout Mobile Endpoint Security
    • Added the option to use the version 2 of the API, which uses only the API key (without a username or password). (6.1.7.0)
    • Added the option to fetch vulnerabilities from /mra/api/v2/os-vulns/android and /mra/api/v2/os-vulns/ios and add them to devices with the same OS version. (6.1.23.0)
  • ManageEngine Endpoint (Desktop) Central and Patch Manager Plus
    • Added the option to fetch vulnerability data (6.1.11.2)
    • Added the option to fetch data from /inventory/scancomputers endpoint. (6.1.21.0)
  • ManageEngine OpUtils
    • Added the option to fetch assets asynchronously. (6.1.8.2)
    • Added the option to ignore devices without IP to DNS values. (6.1.8.2)
  • Mandiant
    • Added the option to fetch entities last seen by the number of days specified. (6.1.5.0)
    • Added the option to use last_seen_after:configured_scan_count query to fetch only active entities. (6.1.5.0)
    • Added the option to add more details to the information fetched per each entity. (6.1.5.0)
  • MarkMonitor - Added the option to remove user fetch functionality. (6.1.8.0)
  • McAfee ePolicy Orchestrator (ePO)
    • Added the capability to enter values to the list of query IDs to enrich each device. (6.1.6.0)
    • Added the option to fetch COAMS data. (6.1.7.0)
    • Added the option to change software names using regular expressions. (6.1.17.0)
  • Microsoft Active Directory (AD)
    • Added the option to fetch data from Active Directory Sites. (6.1.8.0)
    • Added the capability to enter a custom host map. (6.1.12.0)
  • Microsoft Azure
    • Tenants added to list of Azure services to fetch as assets. (6.1.11.0)
    • This adapter now supports the asset type ‘Certificate’. (6.1.13.0)
    • Certificates From Key Vaults added to list of Azure services to fetch as assets. (6.1.13.0)
    • Secrets From Key Vaults added to list of Azure services to fetch as assets. (6.1.13.0)
    • NetApp Accounts and NetApp Volumes added to list of Azure services to fetch as assets. (6.1.20.1)
    • Added the capability to get the billing data per service. (6.1.20.1)
  • Microsoft Cloud App Security
    • Added the option to ignore Microsoft Cloud App Security users that do not have a domain field. (6.1.4.0)
    • Added the option to ignore external users. (6.1.10.0)
  • Microsoft Defender for Endpoint (Microsoft Defender ATP)
    • Added the option to only fetch devices with hostname values. (6.1.5.0)
    • Added the option to fetch vulnerability changes from Microsoft Defender for Endpoint. (6.1.21.0)
    • Added the option to fetch only users that match the description of interactive in the MDE documentation. (6.1.23.0)
    • Added the capability to enter one or more regex strings that can be used to identify users apart from other accounts. (6.1.23.0)
  • Microsoft Endpoint Configuration Manager (MECM)
    • Added the option to parse historical compliance status information to the Current Compliance Status field. (6.0.18.8)
    • Added the option to parse the latest compliance status information to the Current Compliance field. (6.0.18.8)
    • Added support for SSL. (6.1.8.0)
    • Added the option to fetch software reported as uninstalled by SCCM. (6.1.9.1)
    • Added the option to fetch "Unknown" software update compliance statuses. (6.1.19.0)
  • Microsoft Entra ID (Azure AD) and Microsoft Intune
    • The name of the 'Microsoft Azure AD and Microsoft Intune' adapter was changed to Microsoft Entra ID (Azure AD) and Microsoft Intune in line with changes by Microsoft. (6.1.1.0)
    • Added the option to fetch autopilot device identities from Intune. (6.1.4.0)
    • Added the option to disable fetch of groups and to list groups not to fetch. (6.1.7.0)
    • Added the option to fetch administrative units as groups. (6.1.1.0) (available till 6.1.19.3)
    • The option to fetch group app roles is now available to Cyber-Security Asset Management, not just SaaS Management. (6.1.11.0)
    • Added the option to enrich mobile devices from Intune with application data. (6.1.1.0)
    • Added the option to fetch role eligibility schedule instances of groups. (6.1.13.0)
    • Added the option to fetch mailbox settings for each user and populate the field 'Has Mailbox' in Entra ID users. (6.1.17.0)
    • Administrative Units are now fetched as Organizational Units by default. (6.1.19.3)
    • Added the option to fetch legal hold information as accounts. (6.1.21.0)
  • Microsoft SCOM - Added support for SSL. (6.1.9.0)
  • Mist - This adapter now fetches users (note that only admin users are fetched). (6.1.14.0)
  • MongoDB - Added support for TLS (Transport Layer Security). (6.1.19.0)
  • NetBrain - NetBrain Domain Name and NetBrain Tenant Name were added to the connection parameters. (6.1.4.0)
  • Netskope - Added permissions for endpoints that are required in order to use API V2. (6.1.3.0)
  • NTT Application Security - The name of the 'WhiteHat' adapter was changed to NTT Application Security.
  • Nucleus Security - Added the capability to enter a list of project IDs to specify which projects you want to fetch from. (6.1.15.0)
  • Okta
    • Added the option to specify a list of data fields to exclude from the fetch. (6.1.10.0)
    • Added the option to fetch security logs based on security.request.blocked and security.threat.detected events. (6.1.7.0)
    • Added the option to fetch user information to populate in the relevant device-specific fields. (6.1.7.0)
  • OneLogin
    • Added the 'SSO Provider' option. (6.1.6.0)
    • Added the option to enable rate limit override settings. (6.1.16.0)
    • Added the option to not fetch SaaS Management-related entities. (6.1.16.0)
  • Oracle Cloud - Added the capability to enter a comma-separated list of tag keys to be saved as fields. (6.1.8.0)
  • Oracle Enterprise Manager - Added the capability to enter a comma-separated list of devices with specified type names to be fetched. (6.1.4.2)
  • Oracle Fusion HCM Cloud - Added the capability to enter a list of sensitive fields to be included.
  • Orca Cloud Visibility Platform
    • Added the option to parse all Orca tags as fields. (6.1.6.0)
    • Added the option to fetch Orca types as specific asset types. (6.1.16.0)
    • Added additional Orca types to fetch as specific asset types. (6.1.21.0)
  • Palo Alto Networks Cortex XDR - Added the option to fetch the device serial number. (6.1.14.0)
  • Palo Alto Networks Cortex Xpanse
    • Added the option to categorize devices into different asset categories using their asset type. (6.1.11.0)
    • Added the option to fetch vulnerabilities. (6.1.16.0)
  • Palo Alto Networks IoT Security (Zingbox) - Added the option to fetch vulnerabilities. (6.1.10.0)
  • Palo Alto Networks Panorama
    • Added the option to connect NAT firewall rules (public to private IPs only) with Network assets. (6.1.6.0)
    • Added the option to connect Access firewall rules (from untrust sources) with Network assets. (6.1.6.0)
    • Added the option to fetch the one-day-old VPN login logs to parse users of type LOGIN LOG. (6.1.17.0)
  • Palo Alto Networks Prisma Access
    • Added the option to fetch Global Protect connected users. (6.1.16.0)
  • Palo Alto Networks Prisma Cloud
    • Added the capability to select how many days of alerts to fetch into devices. (6.1.7.0)
    • Added the option to add the heuristicSearch: true parameter to the request. (6.1.8.0)
    • Added the capability to enter a comma-separated list of account names to fetch from. (6.1.12.0)
    • Added the option to not include resource JSON. (6.1.12.0)
    • Added the option to fetch from cloud types only. (6.1.16.0)
    • Added the capability to enter Prisma Cloud types to fetch data as the specified asset type, instead of as devices. (6.1.21.0)
  • PaperCut - API Health Token added to connection parameters. (6.1.3.1)
  • PeopleHR - Added the option to fetch users that left. (6.1.18.0)
  • phpIPAM - This adapter now fetches networks. (6.1.22.0)
  • Promisec Endpoint Manager
    • Added the capability to select the number of days back that the adapter fetches records from Promisec. (6.1.16.0)
    • Added the capability to select which enrichments to perform. (6.1.19.0)
  • Proofpoint Endpoint DLP - Added the option to use the latest version of the API. (6.1.2.0)
  • PRTG Network Monitor - Added support for API Token. (6.1.14.0)
  • Qualys Cloud Platform
    • Added the option to fetch Web Applications. (6.1.5.0)
    • Added the capability to enter Qualys tags to skip device ingestion. (6.1.11.0)
  • Rapid7 InsightCloudSec - Added the option to fetch Insight findings. (6.1.11.1)
  • Rapid7 InsightIDR - Added the option to use the FQDN as a Host Name for devices. (6.1.1.2)
  • Rapid7 Nexpose and InsightVM - Added the capability to specify the wait time between retries when receiving errors. (6.1.19.0)
  • Rapid7 Nexpose Warehouse
    • Added the option to utilize complex queries to fetch data from the database. (6.1.6.0)
    • Added the capability to fetch only devices and corresponding information if they were seen by Rapid7 Nexpose Warehouse in the number of days set. This allows the system to pull a recent history of the devices rather than the entire system history every fetch. (6.1.6.0)
  • Red Hat Automation Controller (Ansible Tower)
    • Added the option to enable using the device name for the asset ID. (6.1.10.0)
    • Added support for API Token. (6.1.12.0)
  • Red Hat Insights - Added the option to use API authentication for this adapter. (6.1.4.0)
  • RedSeal - Added the option to fetch metrics data. (6.1.14.0)
  • SailPoint IdentityIQ - Added the capability to specify the size of the chunk size per async request batch. (6.1.20.1)
  • SailPoint IdentityNow
    • Added the capability to enter a list of private attributes to include with the users. (6.1.13.0)
    • Added the option to fetch only users that satisfy the core filters. (6.1.19.0)
  • Salesforce
    • Added the option to fetch new audit logs: URI and Lightning URI events. (6.1.3.2)
    • Added the option to use the http://login.salesforce.com URL for login in instead of sub-domain.salesforce.com. (6.1.14.0)
  • SAP Concur 4.x - Refresh Token is now used in the adapter connection instead of Company ID and Company Auth Token. (6.0.10.2)
  • ScienceLogic
    • Added the option to ingest all ScienceLogic custom fields. (6.1.14.0)
    • Added the capability to enter a list of additional fields to parse from the raw data. (6.1.23.0)
  • Sectigo - This adapter now fetches certificates. (6.1.22.0)
  • Secureworks Taegis XDR (Red Cloak TDR) - Added the capability to enter a list of tags to filter. (6.1.7.0)
  • SentinelOne
    • Added the option to remove old tags that are no longer being fetched from SentinelOne. (6.1.6.0)
    • Added the option to fetch only the version with the most recent installed date for each software.(6.1.8.0)
    • Added the option to fetch only the latest installed app. (6.1.9.0)
    • Added the option to ignore vulnerabilities of software detected as an ubuntu package. (6.1.10.0)
  • ServiceNow
    • Added the option to fetch active extensions. (6.1.3.2)
    • Added the ability to fetch the Application Settings SaaS Data from Script Action, Email Filter, and Antivirus settings. (6.1.5.3)
    • Added the option to extract the correct software name and version when the field fetched by ServiceNow does not contain this correctly. (6.1.8.0)
    • Added the option to fetch active model lifecycle information from the cmdb_hardware_model_lifecycle table and parse it as a list object named “Model Lifecycle”. (6.1.12.0)
    • Added the option to fetch Application Services as assets. (6.1.19.0)
    • Added the option to append device model to OS strings, when specified strings are in the Model field in ServiceNow. (6.1.20.1)
    • Added the option to fetch field values and populate them into the Enforcement Action field mapping lists. (6.1.5.3)
  • SharePoint
    • Added the option to fetch sites as Application Resource assets instead of devices. (6.1.5.0)
    • Added the option to fetch site permissions.(6.1.10.7)
    • Added the capability to enter names of lists to fetch sites from. (6.1.17.0)
  • Snyk - Added the option to enrich the organization name in devices. (6.1.20.1)
  • SolarWinds Network Performance Monitor
    • Added the option to select the IPAM devices to fetch according to their status. (6.1.3.2)
    • Added the option to fetch stack members. (6.1.13.0)
    • Added the option to fetch dependencies information. (6.1.15.0)
    • Added the option to fetch subnet info from IPAM by the node IP. (6.1.17.0)
  • Sophos Endpoint Protection - Added support for the Sophos Central APIs and the Sophos Endpoint API. This included updating the connection screen to use Client ID and Client Secret and adding Required Permissions. (6.1.9.3)
  • SQL Server -Added an option to allow the system to support assets with empty fields. If an asset was created with a field that contained a value, when the SQL file subsequently contains an empty field with the same name, the device or user asset will display that field without a value in it. (6.1.17.0)
  • Stairwell - Added the option to parse the hostname and serial number if there are spaces surrounding the hyphen in the asset name for macOS devices. (6.1.11.0)
  • SymphonyAI Summit - Added support for fetching tickets. (6.1.14.5)
  • Sysdig - Added the option to select the type of client (Monitor or Secure). (6.1.15.4)
  • Tanium Asset
    • Added the option to round the Total RAM (GB) field to the closest power of 2. (6.1.20.1)
    • Added the option to deduplicate devices. (6.1.22.0)
  • Tanium Client Status - Added the option to deduplicate devices. (6.1.23.0)
  • Tanium Comply - Added the option to fetch installed software. (6.1.11.0)
  • Tanium Discover - Added the option to deduplicate devices. (6.1.16.0)
  • Tenable.asm - Added the capability to enter a list of tags to filter. (6.1.3.0)
  • Tenable Identity Exposure (formerly Tenable.ad) - API Secret no longer required for configuration. (6.1.1.0)
  • Tenable.io
    • Added the option to use the most recent CVSS version as the CVSS Score. (6.1.12.0)
    • Added the capability to enter a value to restrict compliance findings to those that were updated or indexed into Tenable Vulnerability Management after X days. (6.1.22.0)
  • Tenable.sc
    • Added the option to fetch devices from mobile repositories. (6.0.19.4)
    • Added the option to use CVE dates for the device last seen calculation. (6.1.9.0)
    • Added the capability to enter a number of days to only fetch vulnerabilities from that number of days back. (6.1.15.0)
    • Added the capability to specify the maximum number of devices that the adapter will keep in memory at the same time. (6.1.17.0)
  • UpGuard CyberRisk - Added the option to not fetch users. (6.1.15.0)
  • Velociraptor - Added the option to use FQDN as the hostname. (6.1.12.0)
  • Venafi - Added the option to fetch agents. (6.1.22.0)
  • Veracode - Added the option to use the first hostname found in the findings as the hostname for the device. (6.1.11.2)
  • VMware NSX - Added the option to enrich devices with firewall rules. (6.1.18.0)
  • VMware NSX Advanced Load Balancer
    • The name of the 'Avi Networks' adapter was changed to VMware NSX Advanced Load Balancer. (6.1.16.0)
    • Added the option to parse devices as load balancers. (6.1.22.0)
  • VMware vCloud Director - Added the Tenant Name parameter for API Key authentication (Relevant for API version v36.0 only). (6.1.20.1)
  • VMware Workspace ONE (AirWatch) - Added the option to fetch Smart Groups. (6.1.2.3)
  • Vulcan - Added the option to fetch vulnerabilities. (6.1.1.4)
  • WhatsUp Gold
    • Added the option to fetch additional device attributes from the endpoint WhatsUp Gold Device_FindAttributes API. (6.1.7.0)
    • Added the option to fetch device credentials from the endpoint WhatsUp Gold Device_Credentials API. (6.1.7.0)
    • Added the capability to enter a number of months to fetch data on the state of the device as well as the uptime of the device's power supply from the endpoint WhatsUp Gold DeviceReport_DeviceStateChangeReport API. (6.1.7.0)
  • WhiteHat - Added the capability to set the number of assets to fetch in the API response from the WhiteHat API. (6.1.4.0)
  • Wiz
    • Added the capability to filter vulnerabilities by detection method. (6.1.9.3)
    • Added the option to fetch installed software. (6.1.11.0)
    • Added the option to fetch network exposures from Wiz. (6.1.19.0)
  • Wiz Reports - Additional fields are now supported for the Hosted Technology report. (6.1.12.1)
  • Workday
    • Added the option to create users only from the custom report data. (6.1.1.0)
    • Added the option to include custom organization data. (6.1.3.3)
    • Added the option to fetch application settings. (6.1.3.3)
    • Tenant Login URL, Read Only Admin Username/Password, and 2FA Secret Key added to connection parameters. (6.1.3.3)
    • Added the option to fetch only application settings. (6.1.6.0)
    • Added the option to fetch user assets. (6.1.17.0)
  • Zabbix - Added the option to set hostnames from the relevant item in the inventory section that has a hostname. (6.1.9.0)
  • Zendesk
    • Added the option to fetch Users, All Tickets, or both Users and Tickets. (6.1.14.5)
    • Added the option to use the user email as the ticket assignee name. (6.1.22.1)
  • ZeroFox - Added the option to use API Key authentication for this adapter. (6.1.9.0)
  • Zerto ZVM - Added the option to fetch only protected VMs. (6.1.9.0)
  • Zoom - Added the option to fetch application settings and licenses for accounts with Axonius SaaS Management. (6.1.11.0)
  • Zscaler Client Connector
    • Added a default value for Host name or IP address. (6.1.1.5)
    • Added the capability to enter the maximum rate of requests per hour by Axonius to the Zscaler server. (6.1.14.0)
  • Zscaler Web Security
    • Added the option to include devices that have the Linux operating system on the device fetch. (6.1.3.2)
    • Added the option to not fetch SaaS application users. (6.1.4.0)
    • Added the capability to enter the maximum rate of requests per hour by Axonius to the Zscaler server. (6.1.11.0)
  • Zscaler ZDX - Added the capability to enter the maximum rate of requests per hour by Axonius to the Zscaler server. (6.1.11.0)



For more details:

New Enforcement Actions

The following Enforcement Actions were added:

Updated Enforcement Actions

The following Enforcement Actions were updated:



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.