Axonius Asset Cloud

The general use case for Axonius  is cybersecurity asset management. My company, an IT solution provider, works with Axonius  to offer both asset management and cybersecurity asset management. This provides full visibility of the assets in the network. Axonius integrates with the customer's existing setup, such as Office 365 , Zoom , servers, firewalls, antivirus, email security, and active directories, to give a comprehensive view of the assets they have in their network.

From a security perspective, Axonius allows users to check for obsolete operating systems, like Windows XP or Windows 7. It highlights vulnerabilities due to unsupported systems, offering insights into network security issues. Axonius' integration with active directories and antivirus servers identifies PCs lacking antivirus solutions, pinpointing potential security vulnerabilities.

Axonius could improve by increasing their integrations with more technology vendors. There are cases where Axonius doesn't have full compatibility with some newer solutions that have recently appeared in the market. It would be beneficial for Axonius to keep updated on these solutions to enhance asset inventory management. Additionally, having embedded AI within their solutions would also be advantageous.

I have been working with Axonius for almost one year and a half, and we have a partnership contract with them.

The support provided by Axonius is good, but it requires improvement as the company is still growing. They respond when contacted, but during high demand, the quality can be affected. Overall, the knowledge base is good.

If the customer has prepared all prerequisites properly, Axonius can be deployed within one or two days. The initial setup is quite fast and efficient if all requirements are met beforehand.

Axonius is somewhat costly and has a price above average. It provides great value, but obtaining significant discounts can be challenging. As the tools are unique, they have limited direct competition, which can make negotiations for discounts more complex.

Overall, I would rate Axonius an eight out of ten. It's a unique tool with great potential and offers excellent asset management capabilities combined with cybersecurity insights. I would rate the overall solution an 8 out of 10.

I use the system to collect background data, identify cybersecurity issues, and catch exceptions in systems like NetSuite.

I like that the tool has a user-friendly interface. It helps organizations and big companies improve business requirements and control processes.

Adding more detailed descriptions or YouTube videos about specific features would help improve the application.

I have been using the product for two years.

I don't recall any exceptional stability issues, but I assume they've improved with new versions.

I rate the product an eight out of ten.

We use it for reporting, noncompliance reporting, and identifying gaps. We use it for API monitoring within our company.

And we also use it as a CMDB. Our security team, people within the SOC team, and people within other IT departments use it as a CMDB. We have integrated Axonius with a few of our solutions, so it has good inventory mapping. It provides information like installed software, running services, file shares, patches, and more. We have integrated it with many different solutions that we use internally.

We refer to Axonius as a CMDB, but the tool was actually onboarded for KPI monitoring and to alert against noncompliances. For example, if a device is running with an out-of-date agent or if a device is missing an agent it is supposed to have, Axonius helps us find unauthorized software installations within corporate devices. We use it for various KPI metrics and send out automated alerts to the relevant IT personnel to address and fix those noncompliances.

Right now, we use it mainly as a CMDB, but the tool was onboarded for KPI monitoring and metrics.

It's the agentless solution. It doesn't rely on specific agents. We integrate Axonius with APIs, which are called adapters or connectors. Essentially, it's API connectivity between different platforms. Getting Axonius up and running only takes a few days. If you have a server or solution, you create firewall rules to integrate with other platforms. This way, Axonius can communicate and collect data from them without needing much infrastructure. It sits on a device and collects data from multiple environments and sources, aggregating everything into a single console.

It also creates multiple dashboards. Axonius provides preconfigured dashboards that can be customized to your needs. What I like is that everything is in one solution, and you don't need agents running on every process to collect information. Other platforms like ServiceNow rely on agents installed on assets, but Axonius doesn’t.

Axonius is agentless and can easily integrate with other platforms. It uses API access accounts with other security solutions. They support a lot of different solutions. When we first started using Axonius, they supported around 400 IT solutions. Now, I think they support more than 600 or 700. I've lost count.

When we started working with them, Axonius was a small company with just a few engineers, but now they’ve grown into a large enterprise. They’ve been great at fixing issues and customizing solutions for clients. They maintain all of that really well.

It is a good solution; it lets you customize the solution based on customer requirements. They can even create custom adapters. For example, if you have a legacy platform or a new solution that doesn’t have official support yet, Axonius can deliver quick fixes by developing custom adapters. I’ve worked with them when we needed to integrate a solution that wasn't in their supported integrations. They gathered the requirements, asked us what data we wanted to pull, and quickly delivered a custom adapter. They also added that adapter to their product timeline, ensuring it would become an official integration in future releases.

In that sense, Axonius has been fantastic at delivering these solutions. We’ve had no issues with them.

Axonius can improve on delivering compliance-related features, like PCI DSS, and different dashboards that work with various compliances. For example, if a company follows ISO, they can create a dashboard that shows the gaps within that compliance framework. They have started delivering some of these features, but the tool still needs to mature for companies that heavily rely on certain standards, like payment compliances or cloud security guidelines.

In those cases, the tool might need further development. However, I haven’t had specific issues because they are really good at fixing things. Whenever we report or escalate something, they are quick in providing solutions.

I think they are very flexible in terms of working with them. But at the same time, they are customizing the solution too much based on client requirements. This might cause issues in the future because if they keep customizing the solution for every single client’s requirement, they might face difficulties in future releases. Integrating every customer’s options within the platform might be challenging to handle.

That might be a risk they are taking. But we have had good communication with them, and overall, it’s been positive.

I have been using it since 2021, so it has been three years. It’s been cruising through so far fine. We didn’t have any issues with the platform.

During that time, they didn’t have the SaaS options. Now they have started offering SaaS models. We used on-premise deployment, which is hosted within our company data center. But, it’s been going good.

I would rate the overall stability a ten out of ten. But Axonius has a few things they need to integrate. They need to move forward to get more mature in the current IT world. So I’d like to give it an eight out of ten. In terms of working with them and the company’s flexibility, I’ll give ten out of ten for getting things done, customizing solutions, or providing quick fixes for issues we face. For all of that, I’ll give ten out of ten.

All IT people who work on maintaining assets, ordering new assets, and compliance managers will be looking into it. IT directors and anyone who works with IT, but not the end users. End users don’t have access to the platform, but anyone who works in IT and manages the platforms and infrastructure, as well as compliance people who want to monitor KPI metrics and view reports, use it. So, there are 500 to 700 users within my organization.

They’re really great people to work with. Every customer has a dedicated technical account manager. We usually have weekly calls with them to check on everything. When we onboarded the platform, we had regular calls, and they were always available. That was a great experience working with them.

Since it’s an OVA package, it’s a virtualization package that you can just deploy on your VMware, ESXi, or whatever virtualization solution that your company internally uses. It’s just, like, import it, and then they’ll provide you with a license key. If you do a POC, they’ll provide you with a license key for a month so you can try it out and see how the product is going. Once you’re happy, they can provide you with a proper license for however many years you are going to sign the contract with them.

But, the initial setup is pretty straightforward. It’s not like you need to change a lot of things in your environment. It runs in a standalone installation. They also provide a cluster-based solution. If your IT presence is across the globe and you have huge latency that you want to reduce, you can have multiple instances in your different data centers and then aggregate that information in a centralized cluster and show it in a single dashboard. They started offering this around the same time we began working with them.

In terms of onboarding, it only takes a couple of days. It's mostly dependent on your organization's RFCs, change requests, and approval processes. There aren't a lot of configurations needed. You just need to open a few firewall ports for product updates.

The product runs on a Debian-based operating system, and you can scale it based on your requirements. If you're trying to pull 50,000 assets, the requirements will be a bit different. You'll need something like 8 cores, 16 or 32 gigs of RAM, and probably 5 terabytes of storage to store the data.

One of the good features of the product is snapshots. You can go back to specific dates and check the inventory status at that time. Axonius has an option to take daily snapshots within the product.

Axonius collects data from other platforms, and you can configure it to take snapshots at specific times. It keeps the snapshots for as long as you want, impacting your storage. You can keep the snapshots for ten years and still go back to a specific date to check how many assets you had, how many were identified for a specific noncompliance, and when it was fixed. You can check all of those details going back to a specific point in time and still get that information.

Lots of other products, like CMDB products or cyber asset management products, don’t have that functionality. Other platforms give you live data but don’t provide an option to go back and check how it was ten months or a year ago. Axonius gives you historical information and keeps it as long as you want. You can configure it to store the data for one year or ten years based on your storage capacity.

That’s one of the good features we heavily rely on internally.

Axonius is quite a bit cheaper compared to other solutions. And the amount of value they provide is really huge compared to other vendors. So, it’s based on the actual requirement and how you want to use the product within your IT department.

You can get insights within the platform and see how you can integrate Axonius with your current setup. You can make a decision to go with the POC or something like testing. But I don’t think they provide a free download option. You need to request access to a test engine and then get the software.

Probably, if you have other solutions like ServiceNow, because a lot of companies already have ServiceNow, you might not find much value in moving to Axonius. Whatever Axonius provides, ServiceNow also provides it. So, you need to assess what you’re planning to use it for and check the features that Axonius provides.

See whether you want to move platforms. They have a few unique features within the platform. But if a company already has a proper CMDB or an asset management solution, you should review your current internal solutions and see the benefit of moving toward Axonius. It might be a financial decision or just a couple of features that Axonius provides additionally on top of the CMDB.

At this stage, I would rate it an eight out of ten. The product needs to mature a little bit more in terms of following up on compliances.

Axonius is a US-based company. We had a few difficulties in getting the legal documents signed when we started working with them. If they had an EU presence, our legal department might have directly worked with them, and it would have been much easier. But since they are completely US-based, we had to sign a lot of data processing agreements and deal with transferring data between the EU and US. The legal department had a few hiccups, and it took some time to go through all those processes.

In the future, if they have a regional headquarters in the EU or where there is no data transfer from the EU region to other regions, it would be much easier for companies to start working with them quickly. In the initial days, we had to sign a lot of contracts because when we started working with them, we had to provide some sample data, and they had to sign a lot of DPA (Data Processing Agreements) between both companies and the legal team. It was a back-and-forth conversation, editing that legal agreement, and putting it in place between both companies.

We had a few issues in getting the single agreement signed in the initial days. But apart from that, no issues.

It’s pretty much company-focused decision to choose a solution. If you don’t have any solution for CMDB, I think it’s good to go with Axonius because they have good integration. They support a lot of different tools. Within their platform, you have a separate section per adapter where they’ve mentioned probably 600 to 700 IT solutions that they can integrate and work with. You can also check within the description what kind of use cases you can get from that integration. For example, if you have some kind of vulnerability management solution or MECM or a BitLocker administration tool, Axonius will give you information on what kind of data it will pull from the individual sources. You can create reports, check BitLocker statuses, and see what kind of encryption has been applied and how it is maintained.

It will give you those use cases as well, showing what you can get out of that particular integration between Axonius and whatever solution you are looking for. You can list down all the solutions you use internally within your company and then check the Axonius portal or website to see what use cases you can integrate with the platform. You can at least get an idea before you even try to speak with the Axonius team and start working with them yourself to see the benefits of utilizing the platform.

We don't use it to the fullest. We just use it for a few pieces because we have other solutions for that. But they have a lot of different features within the platform. We are not actually replacing everything. We just use a few bits and pieces, like enforcement center actions, CMDB, and a few other features within the platform.