Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New Asset Management documentation #1255

Merged
merged 2 commits into from
Sep 25, 2023
Merged

New Asset Management documentation #1255

merged 2 commits into from
Sep 25, 2023

Conversation

gbossert
Copy link
Collaborator

This PR upgrades the documentation of the asset management system to follow its new implementation.
This PR must not be merged before the asset feature is released.

@gbossert gbossert self-assigned this Aug 14, 2023
@github-actions
Copy link

github-actions bot commented Aug 14, 2023
edited
Loading

Pull request was merged, preview was removed.

@ka0ula ka0ula self-requested a review August 30, 2023 09:34
@github-actions
Copy link

github-actions bot commented Sep 1, 2023

Newest code from ka0ula has been published to preview environment

🚀 Latest deployment was built on 2023-09-01 09:48:43 (c84d687eaba19e37c013e6b5a3eb87ce1be38541).

@jeromefellus-sekoia
Copy link
Contributor

Asset matching and detection properties are fundamental features that enhance our system's event correlation and enrichment capabilities. Each asset type comes with a predefined set of detection properties that determine the criteria for matching incoming events with specific assets

Je trouve que les 2 phrases devraient etre inversées. D'abord l'explication de ce qu'est une detection property puis en quoi c'est fondamental.

"enhance our system's event correlation" => j'aurais dit "enhance Sekoia.io's event correlation" , system on sait pas c'est quoi/qui

@jeromefellus-sekoia
Copy link
Contributor

The contextual properties enhance asset management within our system by allowing users to associate additional context and metadata with each asset. These properties provide valuable information beyond the standard asset details, enabling better asset classification and enriched insights into the organization's IT infrastructure.

A contextual property is an additional attribute that can be assigned to an asset to provide more context and details about the asset. It can include any relevant information, such as names, labels, descriptions, categories, or custom identifiers.

pareil j'aurais inversé definition/plebicite

@jeromefellus-sekoia
Copy link
Contributor

Behavioral activity is tracked at the atom level. For instance, even if 192.168.1.2 is associated with various assets over time, events related to this IP address are linked to that specific atom. The weekly activity of a selected atom may be seen in Sekoia.io asset details page

⚠️ Ce n'est pas vraiment vrai : la heatmap d'un asset est basée sur son uuid. Chaque fois qu'on vois cet uuid dans l'evt on a un hit. A une époque lointaine (il y a qques mois humhum) ct basé sur le comptage d'atoms, mais plus maintenant.

@jeromefellus-sekoia
Copy link
Contributor

on pourrait peut etre ajouter une intro à la section "Asset Discovery Rules"

pour expliquer que l'asset discovery repose sur un catalogue de règles (actuellement hardcodées) non ?

il manque la règle "unique host"

@jeromefellus-sekoia
Copy link
Contributor

mais ce sont des détails : tout est super merci 🎉

@gbossert gbossert merged commit c6dcaa9 into main Sep 25, 2023
@gbossert gbossert deleted the feat/new_asset branch September 25, 2023 15:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeromefellus-sekoia jeromefellus-sekoia jeromefellus-sekoia approved these changes

@ka0ula ka0ula Awaiting requested review from ka0ula

Assignees

@gbossert gbossert

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gbossert @jeromefellus-sekoia @ka0ula