Data Sources Overview

Connect Hydden to any data source, Active Directory, Okta, LDAP, etc. and discover identities, accounts, and privileges in seconds.

The template for setting up data sources is similar, with just a few data source-specific fields to differentiate. Any on-premises data source requires a local client deployment.

1. To access the data sources page, navigate to Configuration > Discover and select Data Sources.

   

2. To add a new data source, click + Add Data Source.

   

   The first field on the Add Data Source modal is a drop-down to select the type of data source to be created. The default is Active Directory, change the Data Source selection to the correct option for your specific collection needs. The data source options are organized by type:

   • Cloud: AWS, Azure, Google Cloud, Google Workspace, Have I Been Pawned, Keeper, Okta, Salesforce, Slack
   • Database: PostgreSQL, SQLServer
   • Datacenter: Active Directory, Apache (Linux), LDAP, Linux Host, Windows Host, WindowsRm Host
   • Orchestration: Kubernetes, Kubernetes Pods

   Based on the selection of that data source drop-down, there is a slight difference for the field that specifies the actual source address.

3. For Name enter an easy-to-identify name, especially if several data sources for the same service are to be created.

4. The next field depends on the data source to be configured. For

   • Active Directory, under Domain/Controller enter a fully qualified domain name (for example, ad_dns_name.corp or us.philly.ad.corp) or an IP address.
   • Azure or Okta, enter the Tenant identifier of your tenant, usually an alpha-numeric string.
   • Google Cloud, enter the Project ID.
   • Google Workspace, enter the Workspace Domain.
   • Linux Host or Windows Host, enter the Hostname (for example, linux1.demo.corp or win11.bos.corp) or an IP Address. For Linux specify your preference of how to run the data collection, and use the check box to run elevated with sudo.
   • Have I Been Pwned, select which API key you want to use. Hydden offers a shared API key for customers; however, customers may also use their own Have I Been Pawned account. Add the API Key as a Cloud Credential.

5. Under Presets, pre-configured data collection schedules and credentials are available for selection if configured. If you use one of the presets, the Schedule and Credentials fields contain the configured data, but they are grayed out.

   

6. To manually specify credentials, enter the login information for your data source via the Credentials field or the + option. Credentials can be added as

   • Account Password,
   • Cloud Credentials,
   • JSON Credentials,
   • SSH Keys, or
   • Slack Tokens

   depending on your data source.

7. To manually specify a Schedule for the data collection, specify the schedule via the Schedule field. This can be done by selecting from a list of pre-configured collection schedules or by manually entering a new schedule.

8. Under Site specify the site matching your client registration site.

9. Under the Select Account Mapping Rule Set drop-down, select from the following options:

   • Default Rules Only
   • Add All Rules
   • Add All Default Rules
   • Add All Custom Rules
   • Manual Selection: Rules need to be selected from a drop-down menu.

   Any rules added, can be removed by clicking on the x on the rule name label.

   NOTE: Rules need to be set to enabled on the rule add/edit modal to work in your tenant, refer to Account Mapping.

10. To enable account mapping or identity creation, select the Enable Automatic Account Mapping and Enable Automatic Identity Creation checkboxes respectively. Both options can be enabled at the same time.

11. In the Automatic Mapping Rules (Match Account to Identity using) field, rules are either automatically populated based on your selection under the Automatic Account Mapping Rules step or you have to manually add rules from the drop-down menu. Any rules added, can be removed by clicking on the x on the rule name label.

12. From the Automatic Identity Creation Rules (Create New Identity when) drop-down, select which rules you want to use in your environment. Custom rules are listed first. Any rules added, can be removed by clicking on the x on the rule name label.

13. Click Add to save the data source. You have an option to manually run the data collection via the Run Now button.

NOTE: To use any of these rules, they need to be enabled on the configured Data Sources.

Permissions

The Hydden collectors require read access to the data they are collecting. The following table provides an overview of least privileges for the account passwords used with local data sources.