DeepSurface: Vulnerability Sources
DocumentationInstallation GuideOverviewLet DeepSurface Host For YouGetting StartedSystem RequirementsSelf Hosted Quick Start - Installing to Cloud PlatformsSelf Hosted - Installation Using an OVARegistration, Package Installation, and InitializationFirst Steps After Initialization of the ConsoleDeployment OptionsMain and Subordinate ConsolesAgent-Based DeploymentUser Managed Scan DeploymentCredentialed Scanning DeploymentMixed EnvironmentDeployment ToolsActive Directory Group PolicyMicrosoft Endpoint Configuration Manager (part of InTune)Tanium DeployHCL BigFixIvantiVirtual MachinesVMWareVirtual BoxVirtualBox Guest AdditionsAWS EC2 (BYOL)AWS EC2 (Usage Based)Azure CloudGoogle CloudAdditional Items to ConsiderMain Console Server CertificatesLDAPTOFUClock SyncDeepSurface CommandsMultiple Vulnerability SourcesAPI DocumentationUser GuideReportingDashboardsExportsRisk InsightHostsPatchesVulnerabilitiesVulnerability InstancesUsersRemediation Workflow ManagerPlansSettingsIntegrationsWorkflowExportingAccepted Risk PlansAccepted Risk WorkflowExploreModelPathsActivityTasksConfiguration AlertsScan LogsNotification SettingsScanningStatusAgentsUser ManagedCredentialed Scanning SettingsCredentialsScan GroupsGeneral SettingsCloud ScanningNetwork ConnectivitySubordinatesVulnerability SourcesSetupSensitive Assets: PolicesSensitive Assets: ManualAdmin SettingsSMTP SettingsCertificatesOutbound ProxyAuthentication ProvidersUsersTagsIntegrations GuideVulnerability SourcesCrowdStrike SpotlightSentinelOneCarbon Black CloudMicrosoft Defender for EndpointWazuhLansweeper CloudNessus APITenable.io APISecurity Center/Tenable.sc APIRapid7 InsightVM APIQualys APINozomi GuardianEclypsiumAWS InspectorRemediationJira SoftwareTanium (BETA)Authentication ProvidersLDAP (Active Directory)SAML (Azure Active Directory)SAML (Google)SAML (Okta)PAMCyberArkDelinea (Thycotic)Microsoft LAPSSecurity GuideFirewall ConfigurationBase Network RequirementsAgent Network RequirementsCredentialed Scanning Network RequirementsAPI Network RequirementsHow DeepSurface Scans WorkDomain (LDAP) ScanningHost Scanning RoutineReasons for the Administrative Access RequirementEndpoint Protection ConsiderationsOther ItemsScope of Data Storage and RetentionIPS/IDS ConsiderationsLoggingResetting the DSADMIN passwordProduct InformationChangelogsOpen source LicensesEnd User License Agreement (EULA)
Vulnerability scanners tell DeepSurface what hosts have which CVEs (Common Vulnerabilities and Exposures). DeepSurface uses
it's rule engine to create the appropriate segments in
it's directed graph of the
threat model for each instance of a CVE. For a visual representation of the graph, see the documentation on Exploring the model.
Follow the instructions for your configuring the integration in our Integrations Guide.
DeepSurface Security support can also provide a manual import method for Nessus Pro, Tenable VM (Tenable.io), Rapid7 InsightVM, and Qualys VMDR.
More vulnerability scanners are on the roadmap. If you have a vulnerability scanner not currently supported, p
lease contact our support team.
Configuration
To configure your third party vulnerability scanner(s) to work with DeepSurface, head to Scanning > Settings > Vulnerability Scanners.
From there you can click the '+ Vulnerability Scanner' and you should see a form similar to the following:
First, choose your scanner from the dropdown. If you don't see yours in the list, please contact us. The available form will
differ depending on the specific vulnerability scanner that you are trying to configure. In-depth documentation for each supported
scanner is available here.
Note: While it may not be common, DeepSurface can interface with multiple scanners at once (even multiple of the same scanner).
DeepSurface also supports manual imports, simply select the manual import you would like to upload and then select the upload
button from the entry in the list.