Explore Device Inventory
A workflow guide for using the device inventory in Epiphany.
Last updated
A workflow guide for using the device inventory in Epiphany.
Last updated
Epiphany aggregates all of the unique devices found across all your data sets into the Inventory tool for you to explore. This tool is available under Asset Tool in the left navigation menu. It helps increase your awareness and visibility of devices that may have previously been unknown. Additionally, Epiphany's Dashboard contains components specifically designed to track devices and look for exposures. For the Epiphany-specific process we'll use the following workflow:
Go to Asset Tools -> Inventory.
Review device counts.
Search for a device.
View the device's Quick Look.
View the Device's Details.
The Inventory tool is the central aggregation point of all unique devices Epiphany discovers across all your data sets reporting device-related information. This can come from vulnerability scanners, endpoint agents, network management systems, and access management systems, as well as others. Epiphany simplifies this view for you by showing you the most often used counts in most organizations: the overall total number of unique devices in your organization (Total Devices), the number of unique Windows Devices, the number of unique Linux Devices, and the number of unique Network Devices. These can be used to quickly understand where you may have gaps between your configuration management database (CMDB) and your individual data sources (which can be explored in the Rogue Reporting tool).
Epiphany is a data-driven platform that empowers you to find the data you need as quickly as possible. There are multiple places to search for anything in Epiphany, but on the Inventory page you can use the search field to look for device names, IP addresses, installed applications, risk levels, and more. As an example, a of search "Windows" yielded 20,137 results in the inventory since it includes all operating systems with Windows in the name as well as any installed application because we did not limit the search.
Each device in the inventory is represented by a card. This card quickly establishes a couple of data points to help you understand the device's function and attributes: the IP Address(es), Hostname, operating system (OS) with the OS icon, and criticality flag (the colored banner in the upper-right of the card). The criticality flag is Epiphany's overall assessment of the risk the device poses to your environment based on several factors, including its presence in attack paths, number of potential footholds, value of users, defenses, and value of installed applications.
The Quick Look is designed to provide you with the raw information about a device so that it can be more easily copied into CSV format or other machine readable tools. It displays many different data points about the device for you to explore or use in other tools.
The Device Detail page provides an analyst with all the information they might need to know about a device, including the overall Risk Level, Total Risks, Entry Points (the total number of entry points as well as details about each entry point), Primary Group, Operating System, Users, Installed Applications, Reporting Data Sets, and more. If you're searching for information about a device, the Device Detail is a good place to look.
NOTE: Clicking on any device name in a table in Epiphany will take you to the Device Detail for that device.
