Axonius uses a variety of sources to collect information on reported CVEs and enriches them with that information.
Below is the list of enrichment sources used by Axonius and their icons. When viewing Vulnerability Instances on the relevant Assets page, the icon of the enrichment from which the vulnerabilities originate is displayed under the Adapter Connection column.
Out-of-the-Box Enrichment Sources
Name and Icon | Indicates |
|---|---|
NVD | Indicates Vulnerabilities enriched with data from the NIST NVD database. |
EPSS | Indicates software vulnerabilities enriched with details from the Exploit Prediction Scoring System EPSS from connected adapters. |
CISA | Indicates Vulnerabilities enriched with vulnerabilities information from your connected adapters with additional details from the CISA Known Exploited Vulnerabilities (KEV) Catalog. When relevant, the CISA fields and information are available for viewing and querying in the Vulnerabilities module and Devices module. Only CVEs that are part of the CISA KEV Catalog will be enhanced. |
MSRC | Indicates software vulnerabilities enriched with details from MSRC from connected adapters. |
EUVD
| A platform that offers information on security vulnerabilities from the European Union Vulnerability Database. |
Adapter Enrichments
Configure the following adapters in Axonius to enrich vulnerabilities with them.
Name and Icon | Indicates |
|---|---|
Indicates Vulnerabilities enriched with data from the VulnCheck enrichment enforcement action. | |
Provides cyber threat intelligence to assess, identify, and manage potential risks. | |
Offers threat intelligence, incident response, and security consulting services to detect and mitigate advanced cyber threats. | |
A security platform that offers comprehensive attack surface management solutions. | |
| Qualys Cloud Platform monitors customers' global security and compliance posture using sensors. This adapter connects to the Qualys Cloud Platform service to import information about devices and vulnerabilities. |
.svg)