Within an organizational environment, where there are several devices and their respective credentials, it can be difficult to register the entire park in the vault one by one, manually. It may be even more difficult to keep these records up to date with any changes that may occur in the organization's IT environment.
The purpose of this module is to check the network to find devices and their elements like:
- Users
- SSH keys
- Certificates
- Windows services associated with credentials
- Domain accounts
Discovery can connect to devices on the network using its standard protocols (SSH/TELNET, RDP) without the need to install a local agent. It collects the hostname, IP address, credentials list, privilege type, and user registration information, such as last access date and password change.
Discovery in the Segura® Platform can also identify all types of credentials (privileged and non-privileged). Including Windows admin users and users with privileged Linux/Unix accounts (sudo accounts and ID 0).
Also, Segura® Platform discoveries support multi-ports. In the Plugin tab, you can define multiple ports for each type of plugin.
Besides, it is possible to perform the automatic import of the objects found based on predefined glossaries, and even to monitor the unauthorized or suspicious accesses (performed outside the vault) on the network.
Devices that can be found by Discovery are:
- Servers (Linux / Unix, Windows and VMWare)
- Databases (Oracle, SQL, MySQL, PostgreSQL)
- Network devices (Firewall, Routers, Switches, Balancers)
- Work stations
It is also possible to automatically identify privileged accounts in the following environments:
- Unix
- Linux
- Windows, on local machines or in Active Directory
- Oracle
- MS SQL
- MySQL
- PostgreSQL
DevOps
It is important to mention that in addition to verifying devices and credentials, it is also possible to verify DevOps platforms such as:
- Dockers: Containers.
- Ansible: Playbooks and Roles.
- Jenkins: Jobs, Nodes and Users.
- Kubernetes: Secrets.