DeepSurface: Lansweeper Cloud

Documentation
Installation Guide
Overview
Let DeepSurface Host For You
Getting Started
System Requirements
Self Hosted Quick Start - Installing to Cloud Platforms
Self Hosted - Installation Using an OVA
Registration, Package Installation, and Initialization
First Steps After Initialization of the Console
Deployment Options
Main and Subordinate Consoles
Agent-Based Deployment
User Managed Scan Deployment
Credentialed Scanning Deployment
Mixed Environment
Deployment Tools
Active Directory Group Policy
Microsoft Endpoint Configuration Manager (part of InTune)
Tanium Deploy
HCL BigFix
Ivanti
Virtual Machines
VMWare
Virtual Box
VirtualBox Guest Additions
AWS EC2 (BYOL)
AWS EC2 (Usage Based)
Azure Cloud
Google Cloud
Additional Items to Consider
Main Console Server Certificates
LDAP
TOFU
Clock Sync
DeepSurface Commands
Multiple Vulnerability Sources
API Documentation
User Guide
Reporting
Dashboards
Exports
Risk Insight
Hosts
Patches
Vulnerabilities
Vulnerability Instances
Users
Remediation Workflow Manager
Plans
Settings
Integrations
Workflow
Exporting
Accepted Risk Plans
Accepted Risk Workflow
Explore
Model
Paths
Activity
Tasks
Configuration Alerts
Scan Logs
Notification Settings
Scanning
Status
Agents
User Managed
Credentialed Scanning Settings
Credentials
Scan Groups
General Settings
Cloud Scanning
Network Connectivity
Subordinates
Vulnerability Sources
Setup
Sensitive Assets: Polices
Sensitive Assets: Manual
Admin Settings
SMTP Settings
Certificates
Outbound Proxy
Authentication Providers
Users
Tags
Integrations Guide
Vulnerability Sources
CrowdStrike Spotlight
SentinelOne
Carbon Black Cloud
Microsoft Defender for Endpoint
Wazuh
Lansweeper Cloud
Nessus API
Tenable.io API
Security Center/Tenable.sc API
Rapid7 InsightVM API
Qualys API
Nozomi Guardian
Eclypsium
AWS Inspector
Remediation
Jira Software
Tanium (BETA)
Authentication Providers
LDAP (Active Directory)
SAML (Azure Active Directory)
SAML (Google)
SAML (Okta)
PAM
CyberArk
Delinea (Thycotic)
Microsoft LAPS
Security Guide
Firewall Configuration
Base Network Requirements
Agent Network Requirements
Credentialed Scanning Network Requirements
API Network Requirements
How DeepSurface Scans Work
Domain (LDAP) Scanning
Host Scanning Routine
Reasons for the Administrative Access Requirement
Endpoint Protection Considerations
Other Items
Scope of Data Storage and Retention
IPS/IDS Considerations
Logging
Resetting the DSADMIN password
Product Information
Changelogs
Open source Licenses
End User License Agreement (EULA)

For Configuring DeepSurface to interface with Lansweeper Cloud APIs, you need to generate some API keys and enter them into the appropriate configuration screen in DeepSurface.

Setting Up Lansweeper Cloud

For DeepSurface to work with Lansweeper Cloud, you need your Site ID and a specific Application Identity Code.

We will start with the Application Identity Code. In order to get this code, you will first need to create an application within your Lansweeper Cloud Site. To do this, click on your user initials (currently located in the bottom left of the menu on the page).

Vulnerability Sources - Lansweeper Cloud

  1. Once within your profile, select Developer Tools > All Applications. Create a new application by clicking on the "Add New Application" button and select "Personal Application" from the options.

Vulnerability Sources - Lansweeper Cloud

  1. Fill out all of the required information and choose the "Other" option from the types available. Save the application.

Vulnerability Sources - Lansweeper Cloud

  1. Once created, click on the new application and click the "Authorize" button in the "Sites authorization" section of the page.

Vulnerability Sources - Lansweeper Cloud

  1. Click the "No Expiration Time" option for the token expiration and select the sites that the token should have access and click "Allow"

  2. IMPORTANT Copy the "Application Identity Code" on the following screen now.

Vulnerability Sources - Lansweeper Cloud

The other information you will need for DeepSurface is the Site ID. To find the Site ID click on the icon in the top left of the menu this time. You may have multiple sites, if you do, be sure to select the site that you just authorized your application for that you created in the previous section. Once in the correct site, click on the "Configuration" menu and select the "Site Settings" sub-menu and you should see the Site ID on the resulting page.

Vulnerability Sources - Lansweeper Cloud

Alternatively, you can obtain a list of all of your Site IDs through the API by using the Application Identity Code you obtained previously. For instance, using the curl command line tool (available on the DeepSurface appliance SSH console) you could run the following command. (Replace "APPIDCODE" in the command below with the value you obtained in Step 5 above.)

curl --request POST\
     --url https://api.lansweeper.com/api/v2/graphql\
     --header 'Authorization: Token APPIDCODE'\
     --header 'Content-Type: application/json'\
     --data '{"query":"{\n me {\n username\n profiles {\n site {\n id\n name\n }}}}","variables":{}}'