Documentation Index

Fetch the complete documentation index at: https://help.nucleussec.com/llms.txt

Use this file to discover all available pages before exploring further.

Assets Overview

  • 3 minute(s) read
Prev Next

Asset Data

The FlexConnect Framework supports ingesting the following types of assets: Host, Container Image, Container and Application assets. Each of these asset types has fields that are specific to their data model, however there are also a set of fields that are common to all asset types (asset metadata). This section details all asset fields and explains how to structure them in the respective JSON, XML and CSV formats.

Supported Asset Types

  • Device/Host

  • Web URLs

  • Code Repositories

  • Container Images & Image Repositories

  • Cloud Resources

Structure

Assets are structured differently depending on whether the file is JSON, XML or CSV.

In JSON files, there is a top level assets key which contains a list of assets. For example:

{
    "nucleus_import_version": "1",
    "scan_tool": "Asset",
    "scan_type": "Host",
    "assets": [
        {
            "host_name": "my.secret.server.com"
        },
        {
            "host_name": "my.other.server.com"
        }
    ]
}

In CSV files, each asset field listed in the fields sections below is a column in the CSV file. For example: 

nucleus_import_version,scan_tool,scan_type,host_name
1,Asset,Host,my.secret.server.com
1,Asset,Host,my.other.server.com

In XML files, there is a top level assets object which contains a list of sub-objects (assets). For example:

<nucleusCustomScan>
    <nucleus_import_version>1</nucleus_import_version>
    <scan_tool>Asset</scan_tool>
    <scan_type>Host</scan_type>
    <assets>
        <asset>
            <host_name>my.secret.server.com</host_name>
        </asset>
        <asset>
            <host_name>my.other.server.com</host_name>
        </asset>
    </assets>
</nucleusCustomScan>

Asset Metadata Fields

Name

Description

host_notes

Optional. The asset's description.

asset_info

Optional. An extensible field used to specify additional key/value pair metadata on an asset. See Custom Asset Metadata for more information.

Note: Only JSON files support setting additional metadata values as a list.

What is asset_info?

The asset_info field in FlexConnect serves as a container for supplementary metadata about an asset. This can include:

  • Operating System Details: Information about the OS type and version.

  • Hardware Specifications: CPU, memory, and storage details.

  • Network Information: IP addresses, MAC addresses, and DNS names.

  • Installed Software: Lists of applications and versions.

  • Security Agents: Presence of antivirus or endpoint detection tools.

By providing this detailed context, asset_info enhances Nucleus's ability to accurately identify and correlate assets across various data sources, reducing duplication and improving the fidelity of vulnerability assessments.

Importance of Additional Asset Metadata

Using the asset_info field, FlexConnect allows the inclusion of various metadata fields that provide business and operational context to assets. These metadata fields are vital for:

  • Ownership Assignment: Identifying responsible teams or individuals for specific assets.

  • Business Criticality: Assessing the importance of assets to business operations.

  • Compliance Scope: Determining which regulatory requirements apply to each asset.

  • Environment Classification: Distinguishing between production, development, and testing environments.

Incorporating such metadata enables Nucleus to automate risk prioritization and streamline remediation efforts. For instance, vulnerabilities on high-criticality assets can be escalated automatically, ensuring timely attention.

Benefits of Including asset_info and Metadata

  1. Enhanced Asset Correlation: Combining technical and business metadata allows Nucleus to more accurately match assets across disparate data sources.

  2. Improved Risk Assessment: Understanding the context of assets leads to more precise risk evaluations.

  3. Automated Workflow Management: Metadata-driven rules can automate ticketing, notifications, and remediation processes.

  4. Regulatory Compliance: Detailed metadata supports compliance reporting and audit readiness.

By leveraging asset_info and comprehensive asset metadata, organizations can achieve a more nuanced and effective vulnerability management strategy within Nucleus.

The following fields are common to all asset types and can be included as such:

Accepted Values or Format  A list of strings in the following formats:

  • CSV files: a semicolon separated list of users

  • JSON files: a list of users

  • XML files: a nested list of users

Must match with an existing team's name or id that is in the Nucleus project.  Must match with an existing team's name or id that is in the Nucleus project.  A list of groups in the following formats:

  • CSV files: a semicolon separated list of groups

  • JSON files: a list of groups

  • XML files: a nested list of groups

Only standard ASCII characters are allowed (see ASCII Code - The extended ASCII table).  Key/value pairs. The key should follow a dot style format with the namespace set to something unique to your organization.

Example Additional Metadata using asset_info

{
    "nucleus_import_version": "1",
    "scan_tool": "Asset",
    "scan_type": "Host",
    "assets": [
        {
            "host_name": "my.secret.server.com",
            "host_notes": "This asset is a demo host",
            "asset_info": {
                "my-org-name.demo-key-1": "value 1",
                "my-org-name.demo-key-2": ["value 2", "value 3"]
            }
        }
    ]
}

To remove a metadata key

In order to remove a metadata key, you can upload a flexconnect file with the key included and the value set to an empty string (‘‘)

Next Step: To look at the fields available for each asset type. Let’s start with Hosts