Source Management

For Epiphany to evaluate the potential outcomes of your environment’s attack surface, it must have access to your data sources. This includes vulnerability management, endpoint protection, identity service, and network management tools in your network. Once Epiphany has access to these data sources, its modeling can find the entry points that are most advantageous to an attacker.

Epiphany needs at least one identity source, one endpoint protection source, and one vulnerability detection source to create useful attack path information

For your initial setup, your implementation team will work with you to get the necessary credentials to access your data sources. We recommend that you work with the owners of your different data systems to let them know that Epiphany needs visibility into these systems. To help these data system owners understand how Epiphany uses data, you can show them the document Platform Data Usage Guide: How Epiphany uses Data.

Your data sources are typically an API, so the information that Epiphany needs is the information needed to access the API and its data (read-only). Wherever possible, Epiphany will collect data from a data source and build a profile to form data analysis and path optimization. Path optimization is what Epiphany does to analyze all the touchpoints of data as it progresses through your systems.

Epiphany supports over 70 data sources. They are either cloud-based or on your premises, which is referred to as on prem and collected via an Epiphany Site Collector.

Cloud-based data sources. These are data sources where you don’t have any equipment or infrastructure on your organization’s premises. Epiphany generally needs one of these credentials to access your cloud-based data:

• A username and password.

• An API key and a secret.

An overview of setting up a data source is described in the section Cloud-based Data Sources. For more specific information about setting up a particular data source, see the source’s specific configuration guide in the Data Sources section.

On-prem data sources. Most organizations run traditional Windows Active Directory, with Active Directory domain controllers locally on-premise. For any on-premise data source, you must do two things:

• Set up a site collector, which is basically a virtual appliance that sits in your environment and establishes a secure connection between your environment and Epiphany’s cloud-based environment to collect your data. This is described in Site Collectors Setup in this guide. For more specific information about setting up a particular site collector, see the site collector's specific configuration guide in the Site Collectors section Site Collectors.

• Set up an on-prem data source. For data sources that require a site collector, you specify the site collector when you set up the data source. This is described in the section On-Prem Data Sources.