Update data connector docs: Remove 90-day limits and update asset properties

- Remove all references to 'last 90 days' from Retrieved Data sections
- Update Wiz connector with detailed asset properties including cloud info, VM properties, privileges, internet exposure, etc.
- Update Palo Alto connector with resource type, network interfaces, DNS name, and internet facing info
- Update CrowdStrike connector with device info, cloud platform data, host details, and firmware info
- Update SentinelOne connector with endpoint details, account info, machine properties, and security state
- Remove time-based data retrieval limitations across all connectors

Author: DebLanger

exposure-management/Qualys-data-connector.md

@@ -48,8 +48,6 @@ To establish a connection with Qualys in Exposure Management, follow these steps
 
 Qualys connector retrieves data on compute devices, including machines and virtual machines, and vulnerability findings from Qualys on those assets. It also retrieves some networking data to identify those devices.
 
-Only devices that were modified in the last 90 days are retrieved, based on assessing the "modified" field in the Qualys asset.
-
 | **Category**            | **Properties**                                                                 |
 |-------------------------|--------------------------------------------------------------------------------|
 | **Assets/devices**      | - Gateway address<br>- FQDN<br>- IP address<br>- MAC address<br>- OS information<br>- Qualys criticality data |

exposure-management/Rapid7-data-connector.md

@@ -31,8 +31,6 @@ To establish a connection with Rapid7 in Exposure Management, follow these steps
 
 Exposure Management retrieves data on compute devices from Rapid7, including machines and virtual machines. It also retrieves vulnerabilities reported by Rapid7 on those devices.
 
-Only devices that were actively scanned in the last 90 days are retrieved, based on assessing the "last_scan_end" field in the Rapid7 asset.
-
 | Category               | Properties                                                                 |
 |------------------------|----------------------------------------------------------------------------|
 | **Assets/devices, and data per each identifier** | - Rapid7 ID<br>- Hostname<br>- IP address<br>- mac Address<br>- OS information<br>- Rapid7 risk score<br>- Tags<br>- Rapid7 criticality data<br>- Cloud platform |

exposure-management/ServiceNow-data-connector.md

@@ -40,8 +40,6 @@ To establish a connection with ServiceNow in Exposure Management, follow these s
 
 Exposure Management currently retrieves data on devices, their business application association, and business criticality. Additional data is also retrieved that helps identify the device, such as network adapter information and OS data.
 
-Only devices that were active in the last 90 days are retrieved, based on assessing the "sys_updated_on" field in the ServiceNow CI.
-
 The following fields are ingested via the connector:
 
 | **Category**          | **Properties**                                                                 |

exposure-management/Tenable-data-connector.md

@@ -44,8 +44,6 @@ To establish a connection with Tenable in Exposure Management, follow these step
 
 Exposure Management retrieves data on compute devices from Tenable, including machines and virtual machines. It also retrieves some networking data to identify those devices.
 
-Only devices that were modified in the last 90 days are retrieved, based on assessing the "updated_at" field in the Tenable asset.
-
 Exposure Management also retrieves vulnerability findings from Tenable on those assets.
 
 The vulnerability data retrieved for Tenable is applicable to CVEs only, and not other types of vulnerabilities or misconfigurations. Tenable shows total vulnerability counts that include other non-CVE misconfigurations as well, so these counts aren't applicable to the numbers of vulnerabilities ingested to Exposure Management.

exposure-management/crowdstrike-data-connector.md

@@ -60,11 +60,9 @@ To establish a connection with CrowdStrike Falcon in Exposure Management, follow
 
 CrowdStrike connector retrieves data on compute devices, including endpoints and servers monitored by CrowdStrike Falcon, along with vulnerability findings from CrowdStrike on those assets. It also retrieves network and configuration information to identify those devices.
 
-Only devices that were active in the last 90 days are retrieved, based on the last activity timestamp in CrowdStrike Falcon.
-
 | **Category**            | **Properties**                                                                 |
 |-------------------------|--------------------------------------------------------------------------------|
-| **Assets/devices**      | - Device information<br>- Operating system details<br>- Network interfaces<br>- Agent status<br>- CrowdStrike criticality data |
+| **Assets/devices**      | - Device information<br>- Cloud platform information<br>- Host name<br>- Operating system details<br>- Network interfaces<br>- IP address<br>- Mac address<br>- CrowdStrike criticality data<br>- Firmware version and vendor<br>- Internet facing |
 | **Vulnerability findings** | CrowdStrike retrieves CVE findings on the assets that it ingests. |
 
 ## Troubleshooting the CrowdStrike data connector

exposure-management/palo-alto-data-connector.md

@@ -45,7 +45,7 @@ The Palo Alto Prisma connector retrieves data on your IT assets and risks, provi
 
 | **Category**            | **Properties**                                                                 |
 |-------------------------|--------------------------------------------------------------------------------|
-| **Assets/devices**      | - Cloud provider information<br>- Resource type<br>- IP address<br>- Operating system<br>- Configuration details<br>- Palo Alto criticality data |
+| **Assets/devices**      | - Cloud provider information<br>- Resource type<br>- Network interfaces<br>- IP address<br>- Public DNS name<br>- Operating system details<br>- Internet facing<br>- Palo Alto criticality data |
 | **Vulnerability findings** | Palo Alto Prisma retrieves CVE findings on the assets that it ingests. |
 
 ## Troubleshooting the Palo Alto Prisma data connector

exposure-management/sentinel-one-data-connector.md

@@ -51,13 +51,11 @@ To establish a connection with SentinelOne in Exposure Management, follow these
 
 ## Retrieved data
 
-SentinelOne connector retrieves data on compute devices, including endpoints, servers, and other managed assets, along with security findings and threat detection data from SentinelOne on those assets. It also retrieves network information to identify those devices.
-
-Only devices that were active in the last 90 days are retrieved, based on the last activity timestamp in SentinelOne.
+SentinelOne connector retrieves data on compute devices, including endpoints, servers, and other managed assets. It also retrieves network information to identify those devices.
 
 | **Category**            | **Properties**                                                                 |
 |-------------------------|--------------------------------------------------------------------------------|
-| **Assets/devices**      | - Endpoint information<br>- Operating system details<br>- Network interfaces<br>- Agent status<br>- Device classification<br>- SentinelOne criticality data |
+| **Assets/devices**      | - Endpoint information<br>- Operating system details<br>- Account ID<br>- UUID<br>- Domain<br>- Cpu ID<br>- Machine type<br>- Machine SID<br>- Network interfaces<br>- External IP address<br>- Last logged in user details<br>- Active threats<br>- Detection state<br>- Serial number<br>- Site name<br>- Firewall enabled<br>- Active directory information |
 | **Security findings**   | SentinelOne retrieves CVE findings on the assets that it ingests. |
 
 ## Troubleshooting the SentinelOne data connector

exposure-management/wiz-data-connector.md

@@ -55,11 +55,9 @@ To establish a connection with Wiz in Exposure Management, follow these steps:
 
 Wiz connector retrieves data on compute devices. This includes virtual machines and cloud resources, along with vulnerability findings and configuration data from Wiz on those assets. It also retrieves network and configuration information to identify those devices.
 
-Only devices that were active in the last 90 days are retrieved, based on the last activity timestamp in Wiz.
-
 | **Category**            | **Properties**                                                                 |
 |-------------------------|--------------------------------------------------------------------------------|
-| **Assets/devices**      | - Cloud provider information<br>- Network Interfaces<br>- VirtualMachine Properties<br>- IP address<br>- Operating system<br>- Configuration details<br>- Wiz criticality data |
+| **Assets/devices**      | - Cloud provider information<br>- Network Interfaces<br>- IP addresses<br>- Virtual Machine Properties (Device name, Cloud provider ID)<br>- Operating system details<br>- Has high or Admin Privileges<br>- Open to Internet or Internet facing<br>- Contains sensitive data<br>- Instance type<br>- Is Container Host<br>- Is Ephemeral<br>- isManaged<br>- Tags<br>- Wiz projects<br>- First seen<br>- Last seen<br>- Wiz Criticality |
 | **Vulnerability findings** | Wiz retrieves CVE findings on the assets that it ingests. |
 
 ## Troubleshooting the Wiz data connector