Attack Technique Details

You can view additional details for any attack techniques on the Top Attack Techniques tab on the Attack Path page.

To view additional details for an attack technique:

1. Access the Top Attack Techniques tab.

2. In the Top Attack Techniques list, click the attack technique for which you want to view additional details.

   The attack technique details page appears.

   

On the attack technique page, you can:

• View the name and priority of the attack technique.

• View the date and time at which the attack technique was last updated. For example, a change in the status, priority, or state of a attack technique can change the Last update time.

• Click Log History to view the changes in the state, status, and priority of a attack technique. For more information, see View the Log History for an Attack Technique.

• View information about source and target nodes within attack paths that exploit the attack technique.

  • Click a node name to view additional details:

    The node details panel appears.

    

    In the node details panel, you can:

    • On the left side of the panel, select the node for which you want to view additional details.

      The information on the right side of the panel updates accordingly.

      Tip: Click the button to view that node directly in the Attack Path Graph.

    • On the right side of the panel, click View Asset Details to navigate directly to the Asset Details page for that node.

    • Click the Information tab to view further details about the node, including, but not limited to:

      • NES — The Node Exposure Score (NES) is a metric produced by Tenable Exposure Management to understand the blast radius exposure of a node. This metric considers the Vulnerability Priority Rating of all vulnerabilities on the asset as well as other relationships such as software installed, sub-networks to which the asset belongs, internet exposure, etc.

      • Logged in Users — Users currently logged into the node.

      • Member of — Lists the number of groups to which the node belongs.

      • Related Types — The node type as categorized by Tenable Exposure Management.

      The information in this panel varies based on the node type, for example, Computer or User.

    • Click the Related Techniques tab to view Attack Path Techniques associated with the node.

    • Click Export to CSV to export the node details in CSV format.

• Click View Attack Paths to navigate to the Top Attack Paths tab, where you can view a graphical representation of the attack path as well as interact with more attack path data.

• Click Share to copy, send via email, or print the details of the attack technique:

  Tenable Exposure Management displays the following menu:

  Option	Description
  	Click the button. The attack technique page opens in your browser and the URL gets copied to your clipboard.
  	Click the button. Tenable Exposure Management opens your configured email with the URL to the attack technique details page.
  	Click the button. Tenable Exposure Management opens the Print window, where you can print the attack technique details page.

• View a brief description of the Details of the attack technique.

• View the Choke Point Priority related to the attack technique.

  Tip: A choke point is a place where potential attack paths merge together before reaching a critical asset. Tenable Exposure Management uses a Choke Point Priority metric to determine the criticality of choke points. Tenable recommends focusing on areas with higher choke points first, as remediating those will negate the largest number of critical items within your organization.

• View Evidence related to the attack technique.

• View Related Sources for the attack technique. This section displays information about the data sources used or seen within this specific attack technique.

  Note: While source information is available for on-premises products such as Tenable Identity Exposure On-Prem and partial products such as Tenable Security Center without Tenable Vulnerability Management, links to the source application are currently unavailable for these.

• View Mitigation Guidance for the attack technique:

  1. Click on an option to view further information steps you can take to mitigate the attack technique.

  2. To view a step-by-step guide on how to mitigate the attack technique, click Mitigation Guidelines.

     On the right side of the page, the Mitigation Guidelines panel appears, which includes a set of instructions you can follow to mitigate the attack technique and its related risk.

• View Detection Guidance for the attack technique.

• View Related Threat Groups associated with the attack technique.

• View Related Malware and Tools associated with the attack technique.

• View external References, where you can learn more about the attack technique.

  1. Click a reference to navigate to that resource.