Assets? Managed. is an asset management application which focuses on blending the business efficiency focuses of IT Asset Management and the risk detection and prevention focus of Information Security Management Systems. By using this tool, organisations can get a clear overview of all their assets with information allowing them to be tracked through their entire lifecycle. The tool also check for known vulnerabilities using the NIST Vulnerability API and has a Windows Data Collection tool. This tool can be installed on end-user devices and, when ran (ideally on boot), will automatically report compliance data about the device including: last boot time and the disk encryption status.
Screenshot showing the 3D asset map, which identifies locations which contains assets with potential security risks:
The agile methodology is being used for project management during the development of this application. Notion is being used to provide a kanban board as well as the GANTT chart.
The project aim was to develop an application to help combine asset management aims and provide organisations a platform for storing assets with automated data collection to check ISM compliance, detect vulnerabilities, and maximise asset’s value through its lifecycle.
The objectives of this project set out to achieve the aim were:
-
Develop a full-stack application asset management system.
-
Ensure the application is a single source of truth.
-
Automatically collect data from assets to keep information up-to date.
-
Detect vulnerabilities in assets so they can be resolved.
- Laravel (PHP)
- MySQL
- Docker
- CSS
- JavaScript
- C#
- Dr Hafizul Asad - Project supervisor
- Laravel LLC - Developers of the Laravel framework
- Colorlib - Creator of AdminLTE3 template
- Jeroen Noten - Created the AdminLTE3 laravel integration, used for the web application
- Enlightn Software. - Tool used for checking security, performance, and reliability
- National Institute of Standards and Technology - Utilising the NIST vulnerability API
- Mapbox - Implemented Mapbox for displaying asset locations on a map
- Chart.js - Used for data visualisation
Please note if you install this application, you will need to get an API key from https://www.mapbox.com/ which must be placed in your .ENV file in the MAPBOX_TOKEN field. Without this, the assets map will not work.
If you discover a security vulnerability within this application, please open an issue with as much detail as possible. All security vulnerabilities will be promptly addressed.
Assets? Managed. is licensed under a Creative Commons Attribution 4.0 International License.
