Import Labels/Tags in SAFE
  • 4 Minutes to read
  • PDF

Import Labels/Tags in SAFE

  • PDF

Article summary

About this document


This document explains the import of Labels or Tags in SAFE

  1. Microsoft Azure Tags

  2. Google Cloud Platform (GCP)

  3. Wiz

  4. Crowdstrike Falcon

  5. CrowdStrike Falcon Exposure Management

  6. Tenable Vulnerability Management

  7. SentinelOne

Introduction


Tags are the metadata elements that you apply to the cloud resources. They are the key-value pairs that help you identify resources based on settings relevant to your organization.
SAFE users can automatically import the Tags. This helps users to create multi-cloud Asset Groups based on the tags and labels to manage cyber risk for those groups.

Import Tags from Azure Subscriptions into SAFE


  1. Make sure that Azure integration is configured under Safe Hooks. Refer to the Azure Integration Guide.

  2. Create custom fields for technology corresponding to the Azure tag keys you want to import in SAFE. You can create the custom fields from the Settings > Custom Fields.

  3. In the next Azure sync, the system will automatically update the custom field values. Alternatively, you can manually trigger a sync by navigating to SAFE Hooks > Azure.

Notes

  • The system imports only those tags from Azure for which the corresponding custom fields are present in SAFE.

  • On every subsequent scan, the system updates the custom field values automatically.

Import Labels from Google Cloud Platform (GCP) into SAFE


Import Labels from GCP into SAFE

  1. Make sure that GCP integration is configured under Safe Hooks. Refer to the GCP Integration Guide.

  2. Create custom fields for technology corresponding to the Azure tag keys you want to import in SAFE. You can create the custom fields from the Settings > Custom Fields.

  3. In the next GCP sync, the system will update the custom field values automatically. Alternatively, you can manually trigger a sync using SAFE API’s. Refer to the  GCP Integration Guide.

Notes

  • The system imports only those labels from GCP for which the corresponding custom fields are present in SAFE.

  • On every subsequent scan, the system updates the custom field values automatically.

Import Tags from Wiz into SAFE


Import Tags from Wiz into SAFE

1. Make sure that Wiz integration is configured under Integrations. Refer to the Wiz Integration Guide.

2. Create custom fields for technology corresponding to the tag keys you want to import in SAFE. You can create the custom fields from the Settings > Custom Fields.

3. In the next Wiz sync, the system will automatically update the custom field values. Alternatively, you can manually trigger a sync by navigating to Integrations > Wiz.

Notes

* The system imports only those tags from Wiz for which the corresponding custom fields are present in SAFE.

* On every subsequent scan, the system updates the custom field values automatically.

Import Tags from Crowdstrike Falcon into SAFE


Import Tags from CrowdStrike Falcon

  1. SAFE now supports pulling tags from CrowdStrike. To pull tags, follow the below steps:

    1. Login into SAFE.

    2. Navigate to Settings > Custom Fields.

    3. Click on the Add Custom Field button.

    4. Enter the Name cs-falcon-tags. Keep the Custom Field Type field as Any and Multi-Valued field as Yes.

    5. Click on the Add button.

    To view/filter the pulled tags, follow the below steps:

    1. Login into SAFE.

    2. Navigate to Technology

    3. Add column Custom Field: cs-falcon-tags to view the pulled tags against the asset.

    4. Filtering on the pulled tags is also supported.

    The custom field is case-sensitive. The name of the custom field must be exactly this cs-falcon-tags, for the tags to be pulled in. The CrowdStrike tags will get populated on the created custom field.


    Import Tags from CrowdStrike Falcon Exposure Management into SAFE


    Import Tags from CrowdStrike Falcon Exposure Management

    SAFE now supports pulling tags from CrowdStrike Falcon Exposure Management. In order to pull tags, follow the below steps:

    1. Login into SAFE.

    2. Navigate to Settings > Custom Fields.

    3. Click on Add Custom Field button.

    4. Enter the Name cs-exposure-mgmt-tags. Keep the Custom Field Type field as Any and Multi Valued field as Yes.

    5. Click on Add button.

    To view/filter the pulled tags, follow the below steps:

    1. Login into SAFE.

    2. Navigate to Technology

    3. Add column Custom Field: cs-exposure-mgmt-tags to view the pulled tags against the asset.

    4. Filtering on the pulled tags is also supported.

    The custom field is case-sensitive. The name of the custom field must be exactly this cs-exposure-mgmt-tags, for the tags to be pulled in. The CrowdStrike tags will get populated on the created custom field.

Import Tags from Tenable Vulnerability Management into SAFE


  1. Ensure that Tenable Vulnerability Management is configured under Safe Hooks.

  2. Create Custom Fields in SAFE that correspond to the tag keys (category) in Tenable Vulnerability Management that you wish to import. To set up these custom fields, go to Settings > Custom Fields.

  3. During the next sync with Tenable Vulnerability Management, the system will automatically update the custom field values. If you prefer, you can manually trigger a sync by going to SAFE Hooks > Tenable Vulnerability Management.

Info

  • The system will only import tags from Tenable Vulnerability Management if the corresponding custom fields are already set up in SAFE.

  • After each subsequent scan, the custom field values will be automatically updated.

Import Tags from SentinelOne via Custom-field


SAFE can bring in tags from SentinelOne. Since SentinelOne uses key-value tags, you can import these tags into SAFE using a Custom Field.

To do this, go to Settings > Custom Field and create a new custom field. Make sure the name of this custom field matches exactly with the key of the tag in SentinelOne.

When the next sync with SentinelOne happens, the values for your custom field will be updated. You can also start a manual sync by going to Integrations > SentinelOne > Configure.


Was this article helpful?