Skip to content

Enrichments

Data enrichment is a powerful AQtive Guard feature that provides deeper, clearer insights into your inventory and cryptographic assets. It works by sifting through the noise and filtering out irrelevant or misleading data. This ensures you get a more accurate and comprehensive understanding of your assets, giving you the clarity you need to make informed decisions and proactively manage potential compliance and security risks.

With data enrichment, you can:

  • Reduce the time you spend on root-cause analysis, allowing you to quickly identify and address potential issues.
  • Zero in on actionable priorities, ensuring that you’re focusing on the most critical aspects of your inventory.
  • Gain deeper insights into your Non-Human Identity (NHI) and cryptographic assets and issues, empowering you to make more informed decisions.
  • Create custom filters and views that meet your specific needs, making it easier to manage and prioritize compliance and remediation efforts.

Demo

Launch our interactive demo: Understanding Enrichments: Reducing false positives.

How it works

AQtive Guard data enrichment is powered by our proprietary intelligence database, a vast collection of publicly known cryptography and associated context to make an inventory actionable. This database is compiled using a specialized collection and analysis processes, verified by our dedicated cybersecurity and cryptography research team, ensuring that the data is accurate, relevant, and up-to-date.

Enriched data provides critical context for several key actions:

  • Filtering out supply chain cryptography you don’t directly control.
  • Identifying the root causes of cryptographic issues.
  • Enriching rules with external context.

Important

In the Enrichments panel, the enriched paths, applications, and distributions indicate where AQG observed those crypto objects in real-world usage within our database, although they may not be present in your inventory. This unique insight offers valuable context on how these objects are used in practice, providing a perspective that goes beyond your current inventory.

Enrichment can be accessed on the far right side of the Global filter bar from the following pages:

From these pages, you can apply the enrichment filters to your inventory. This applies relevant metadata that adds useful context to better understand the nature, usage, and potential risks associated with discovered cryptographic objects.

Tip

The enrichment feature functions similarly to other Global filters, impacting data across dashboards, priority issues, and statistics, and persisting across views and login sessions.

Using data enrichment

To apply intelligent filters using enrichment metadata, follow these steps:

  1. Select Enrichments in the Global filter bar on the Issues page or the Keys or Certificates tabs of the Inventory page.
  2. For the desired item(s) under each data enrichment category, select one or more checkboxes:
    • Include - adds or retains objects that meet the selected criteria.
    • Exclude - removes objects that meet the selected criteria.

Tip

The top five filters with the most associated objects are displayed under each category by default. Use the Search at the top of the enrichment categories to filter the view based on your search criteria.

Enrichment categories

Available enrichment categories include:

  • Publicly known: This inventory object is recognized from publicly available software or online sources.
  • Unknown: This inventory object is not recognized from publicly available software or online sources.
  • Distribution: This inventory object is associated with a specific Docker image.
  • Package: This inventory object is associated with a specific software package or application bundle.
  • Application: This inventory object is linked to a particular application or application category.
  • Path: This inventory object was discovered in your filesystem at a specific location.