Centraleyezer AgentSec integration
AgentSec is Centraleyezer’s own lightweight endpoint agent. The platform tasks each agent over HTTP, the agent runs its checks locally, and the results are pulled back and imported — no scanner appliance and no credentials to manage. Two feeds exist: missing security updates and SCA (configuration assessment) checks.
Scan types imported
- Missing OS security updates per host
- SCA / CIS configuration checks
API connection
Install the agent on the hosts you want covered and add the AgentSec scanner to the project. On every run Centraleyezer posts a job to each asset’s agent, collects the job results, and imports them through the standard mapping engine.
Configuration
Where to get the credentials
No external credentials required — the platform talks to the agent it deployed on each asset.
What gets imported on every run
- Missing OS security updates per host (the agent_sec feed).
- SCA / configuration assessment results mapped to CIS Implementation Groups (the agent_sca feed).
How imported findings are risk-scored
Every Centraleyezer AgentSec finding is normalised into Centraleyezer’s risk model on import: the scanner’s native severity scale maps to a configurable DREAD vector (Damage, Reproducibility, Exploitability, Affected users, Discoverability), which combines with asset criticality, network exposure, exploitability intelligence and the platform’s other risk factors to produce one comparable risk score across every scanner you run. CVE, CVSS and CWE metadata are preserved on the finding for reference and reporting, and duplicate findings from repeated imports are automatically correlated instead of creating noise.