The latest release of Tenable Identity Exposure provides advanced vulnerability management capabilities and real-time threat detection for Active Directory security
Tenable, a leading Exposure Management company, announced today the introduction of new identity-aware features powered by artificial intelligence (AI) and machine learning. These innovative capabilities offer organizations a unified view of user identities and entitlement risks across both on-premises and cloud environments. Tenable Identity Exposure, integrated within the Tenable One Exposure Management Platform, equips customers with advanced vulnerability management and asset risk prioritization tools, enabling the identification and disruption of attack paths through Active Directory (AD).
According to a recent study conducted by Forrester Consulting on behalf of Tenable, 50% of IT and security professionals globally expressed a lack of effective integration of user privilege data into their vulnerability management practices. This deficiency poses a significant challenge, as AD serves as the primary source of truth for critical business applications and services within enterprises. Exploiting AD and abusing access privileges are common tactics employed in ransomware and other cyberattacks.
Traditional AD security tools rely on point-in-time scans and aggregated event logs, resulting in outdated visibility into directory service security. Tenable Identity Exposure addresses the long-standing gaps in AD security. It empowers organizations to reduce their AD attack surface through continuous assessment, real-time attack detection, AI-driven exposure and risk prioritization, and detailed remediation instructions.
The latest enhancements to Tenable Identity Exposure offer companies the ability to manage their AD security posture across hybrid cloud environments and visualize any active threats to their identities. Key features include:
- Identity Unification and Identity Explorer: Provides a comprehensive view of entitlements across on-premises and cloud-based AD deployments, enabling accurate assessment of identity risk and intelligence to prevent exploited identity exposures. This feature offers valuable insights to prevent privilege escalation and other attack vectors.
- Identity Risk Score (powered by Tenable’s Artificial Intelligence and Data Science Engine): Utilizes advanced AI and machine learning models to quantify asset risk by combining vulnerability, exposure, and identity entitlement data. This integration leverages Tenable’s industry-leading exposure management data.
- Azure Active Directory Support: Extends protection to public and hybrid cloud Azure Active Directory deployments, enabling identity unification across environments and effective management of cloud identity risk through specific Indicators of Exposure for Azure AD. With the growing shift of business applications to the cloud, Azure AD has become a critical access control point.
The seamless integration of these capabilities within the Tenable One Exposure Management Platform offers single sign-on, data sharing, and app switching between solutions. This holistic approach provides identity awareness for vulnerability management, attack path analysis, cloud posture, and web application security practices.
Nico Popp, Chief Product Officer at Tenable, emphasized the importance of addressing access misconfigurations and weak identities in combating ransomware attacks and data breaches.
“Threat actors are only one identity vulnerability away from breaking into SaaS applications and stealing data. By leveraging modern AI techniques, Tenable can now quickly identify and prioritize identity and entitlement-related problems across AD and Azure AD. The ability to safeguard identities both on-premises and in the cloud is essential for empowering customers to prevent attacks rather than just clean up the aftermath.”Nico Popp stated.
The latest release of Tenable Identity Exposure marks a significant milestone in strengthening cybersecurity defenses against ransomware attacks and corporate data breaches. With the power of AI and machine learning, organizations can proactively identify and mitigate identity-related vulnerabilities, reducing the risk of cyber threats and their devastating consequences.