Discovery Glossary

  • Command sets: An SSH script that runs on Linux/Unix machines and produces a specific set of output to be consumed in a discovery source flow.
  • Discovery scan template: A scan template simply defines an object and what properties the object contains. For example, a computer account has a name, machine, and domain. Think of a scan template as an interface that describes an object.
  • Discovery scanner: This item defines how to take that information and runs code to produce collection outputs. Scanners can be system out-of-the-box code that runs natively in the system or completely custom scripts that can do anything.
  • Discovery scripts: In the scripting section, you can define a script for a discovery scanner. While scripts are not specific to discovery, they are an important piece to help use the power of extensible discovery.
  • Discovery source flow: A collection of scanners that work in a common pipe and filter architecture where each scanner inputs a certain type of item and then outputs a different type of item. For example, a scanner takes an input of a host IP range and outputs multiple computers that can then be consumed by another scanner which can input computer information and output computer accounts.
  • Discovery source: This defines the definition for how items are discovered. One discovery source may discover Active Directory items, and one may discover Linux/Unix machines. It is common to have multiple discovery sources. Each source defines credentials, scanners, and settings specific to your network.
  • Secret search filters: Certain scanners and import rules can leverage a filter that uses the name of the machine to find or use an associated Secret. For example, you may have a pattern of naming the local account on a machine including the machine name. A secret search filter allows you to find secrets using the name of the current machine in the pattern to find the matching secret.

  • Discovery Import: Import performs the task of creating new Secrets or linking dependencies to existing Secrets based on discovered account objects. It is available as both a manual option and an automated process (dependent on licensed features).