Description

Axonius transforms asset data into actionable insights for cybersecurity, IT, and GRC teams. It covers devices, identities, applications, SaaS, exposures, and more across hybrid cloud, on-prem, and OT environments.

The Elastic integration feeds activity logs and asset intelligence into Elastic for advanced analytics and threat hunting.

Sample data is available on request.

Architecture

Data can be retrieved via Axonius' REST API. Transforms in Elastic should be used to maintain latest device data/prevent duplicates.

The integration syncs normalized asset data from Axonius into Elastic for use in asset inventory, leveraging Axonius' correlation and deduplication capabilities across multiple data sources. Key asset properties include device identification (hostname, IP, MAC address, serial number), software inventory, security tool coverage and network discovery data.

It should power downstream use cases like: managed/unmanaged device identification, forbidden software detection and network-based asset discovery for gap analysis.