Dear JDisc friends, we are constantly adding new protocols to improve device detection. The upcoming version (5106) will add two new main protocols to discover IoT devices: mDNS (Multicast DNS) UPnP (Universal Plug and Play) What is mDNS and UPnP? Home automation and IoT devices often support the mDNS and UPnP protocols to publish their…
Companies use more and more PAM (Privileged Access Management) tools to store, manage and rotate passwords for essential accounts (like domain admin accounts or root accounts for important servers). Especially rotating passwords make a manual configuration within JDisc Discovery impossible. Therefore, JDisc has integrated three password managers (Cyberark, Thychotic, Microsoft LAPS) into JDisc Discovery. Within…
Dear JDisc friends, find the German translation from our long term partner i-doit: https://www.i-doit.com/blog/log4j-linux-skript-von-jdisc/ I think everyone is busy figuring out if any applications are affected by the log4j security issue. While this may be easy for commercial applications, the vulnerability can be difficult to find for custom applications that are hosted in your data…
Dear JDisc users, I am pretty sure that you are aware of the log4j security issue CVE-2021-44228. JDisc Discovery is mainly written in Java and we have investigated whether we are affected. One external library (yavijava – a library to access VMware ESX and VSphere servers) uses log4j in version 1.2.17. We have investigated the…
In order to scan devices properly, JDisc Discovery users need to configure access credentials. For security reasons, we do not display the passwords in clear text (neither in the UI nor in the logs). But how do you verify that you made no mistake when you entered the password? Misconfigured passwords lead to an access…
Dear JDisc friends, upon a customer request, we have implemented a new feature to collect the list of pending updates on Windows and Linux computers. Three weeks ago, we added this feature for Linux and with build 5086 we finalized the data collection for Windows computers. We hope that this data helps to keep your…
Dear JDisc friends, we understand that storing your crown jewels (administrative accounts and passwords) in products like JDisc Discovery is not something that IT security departments really like. There is always the conflict between being as secure as possible and getting current inventory information (which often requires administrative accounts). Therefore, we implemented on request from…
Dear JDisc users, just recently, we have added support for the CyberArk solution for managing accounts and passwords within your enterprise. Due to customer requests, we have integrated the Thycotic second password management tool. Your passwords are no longer stored within JDisc Discovery’s database but stay in the Thycotic SecretServer. JDisc Discovery only requests the…
Dear JDisc Users, we have extended our Security Add-On to collect information about local users and their password information. The issue with local users is that they are difficult to control. For users which are part of a Windows domain, it is pretty simple to configure policies to change the password on a regular basis.…
Dear JDisc friends, We are proud to announce that we have been certified by CyberArk! CyberArk is the global leader in Identity Security. Organizations use CyberArk to manage and secure the human and machine identities in their environment, many of which will have some form of privileged access. Part of securing these identities involves automatically…