Getting Started with Tenable Attack Surface Management
Use the following steps to get started with Tenable Attack Surface Management:
Log in to Tenable Attack Surface Management
To log in to Tenable Attack Surface Management:
- In a supported browser, navigate to https://cloud.tenable.com/. The login page appears.
- Type your Username and Password credentials.
- Click Sign In.
The Workspace page appears.
Click the Tenable Attack Surface Management tile.
The Tenable Attack Surface Management interface appears, where you can identify internet-accessible assets that may or may not be known to your organization.
Create Your First Inventory
When you log in to Tenable Attack Surface Management for the first time, you can see the Let's set up your Inventory page. Type your organization's domain name and click the + Add Domain Name button. Tenable Attack Surface Management starts discovering subdomains and creating your inventory.
If you entered wikipedia.org as your main domain name, you can see the following inventory:
Add Users to Tenable Attack Surface Management
To add users to Tenable Attack Surface Management, you must first create users in Tenable Vulnerability Management.
For information about creating users in Tenable Vulnerability Management, follow the instructions in Create a User Account in the Tenable Vulnerability Management User Guide.
(Business Admins only) You can modify user roles and add inventories for users in the Tenable Attack Surface Management administrator interface.
For more information, see Edit User Account Details and Edit Inventory Details.
Filter Your Assets
Tenable Attack Surface Management uses filters to provide powerful inventory search capabilities. Filters allow you to view specific subsets of assets in your inventory.
To apply a filter:
Above the search box, click + Add filter.
A drop-down menu appears with a list of filters:
Select the filter you want to use.
A list of operators appears. This list varies based on the filter you select.
If the operator requires a value, type that value in the text box.
In this example, Filter = SSL/TLS Expiration, Operator = expires in, and Value =30.
Your inventory displays only assets matching the filter criteria.
In this example, your inventory displays only assets with a TLS certificate that expires within the next 30 days. The SSL/TLS Expiration column also appears.
You can save one or more filters as a Subscription. Tenable Attack Surface Management updates subscriptions automatically and these contain only the assets that match the applied filters.
For example, if you want to know which assets have TLS certificates that expire within the next 30 days, you can create a Subscription to refer the filter quickly.
To create a Subscription:
Apply one or more filters to your assets.
To the right of the applied filter, click Save.
The Create Subscription window appears.
In the Subscription name box, type a name for the subscription.
Click Create Subscription.
A confirmation window appears with a link to the newly created subscription.
Click the link in the confirmation window.
Your subscription appears with a list of assets that match the applied filter.
To see a list of all your subscriptions click the icon in the top navigation bar.
Set Up Notifications
If certain aspects of your inventory change, Tenable Attack Surface Management provides a notification system that can email you, send you a Slack message, or communicate though ServiceNow.
For example, you can receive an email notification when an asset has a TLS certificate that expires soon by using the Subscription that you created previously.
Hover over the row that contains your Expiring TLS Certificates subscription, and click the bell icon:
The following window appears:
To enable email notifications, click the Email toggle.
Type your email address and press Save.
Tenable Attack Surface Management now sends daily emails that give you a list of assets that have a TLS certificate expiring in 30 days.