Attack Path and Technique Statuses

Tenable Exposure Managementprovides built-in statuses to help you prioritize attack paths and techniques that require immediate action. When you change the status of an individual attack technique, Tenable Exposure Management automatically synchronizes the status of all associated attack paths. This automation ensures your exposure data remains accurate without manual updates.

Tip: For more information, see Change the Status of an Attack Technique.

Attack Technique Statuses

These statuses can be selected when you change the status of an attack technique.

Status Definition
To Do You have not yet taken remediation or investigative action on the attack technique.
In Progress You are actively investigating the technique or developing a remediation strategy.
In Review You applied a remediation or mitigation to the technique and are awaiting verification.
Done You confirmed the fix, which closes the technique. This marks mark existing and new associated paths as Done / Chain prevented, which filters them out of the technique by default.
Accepted You formally accepted the risk associated with the technique.

Attack Path Statuses

Status Definition
To Do All techniques in the path are outstanding. You have not started work on these techniques.
In Progress At least one technique is currently In Progress. No techniques are Done or Accepted.
In Review At least one technique is currently In Review. No techniques are Done or Accepted.
Chain Prevented At least one technique is Done, but you have not finished the full path.
Done All techniques in the path are Done.
Accepted At least one technique has been Accepted. No techniques are Done.

Path Status Logic

Tenable Exposure Management automatically calculates attack path statuses based on the statuses of the techniques they contain. You cannot manually edit a path status.

The logic behind path status is as follows:

  • Done — If all techniques in a path have a Done status, the entire path status is Done.

  • Chain Prevented — If you mark at least one technique in a path as Done, but not all techniques are finished, the entire path status is Chain Prevented.

  • Accepted — If no techniques have a Done status, but at least one technique has an Accepted status, the entire path status is Accepted.

  • In Review — If no techniques have a Done or Accepted status, but at least one technique has an In Review status, the path status is In Review.

  • In Progress — If no techniques have a Done, Accepted, or In Review status, but at least one technique has an In Progress status, the path status is In Progress.

  • To Do — If all techniques have a To Do status, the path status is To Do.