RiskSense

RiskSense provides vulnerability prioritization and management to dynamically control and measure cybersecurity risk.

Types of Assets Fetched

This adapter fetches the following types of assets:

• Devices
  
  

Parameters

1. Host Name or IP Address (required) - The hostname or IP address of the RiskSense server.

2. API Key (required) - An API Key associated with a user account that has the Required Permissions to fetch assets.

3. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

4. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

5. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

6. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Advanced Settings

Fetch hosts vulnerabilities - Select this option to fetch vulnerabilities from hosts.

APIs

Axonius uses the RiskSense REST API.

Required Permissions

The value supplied in API Key must be associated with credentials that have permissions to fetch assets.

Generating an API token

1. Log in to RiskSense. If you are a multi-client, user, select one of your clients (it doesn't matter which one).
2. On the top right corner of the window, click the three vertical dots to open the menu.
   Select 'User Settings'.
   
3. In the user settings page that opens up, locate the second section on the page labeled 'API TOKENS'. This is the section where you can create and revoke API tokens for your user.
4. Click the 'Generate' button to generate a new API token. You will be required to give it a name. This token will only be displayed once, so copy and paste it to a safe location for storage.