Indicator of Exposure Details

The details on a specific Indicator of Exposure allow you to review technical information on detected vulnerabilities, associated deviant objects, and recommendations on remediation.

To display Indicator of Exposure details:

  1. In Tenable Identity Exposure, click Indicators of Exposure in the navigation pane.

    The Indicators of Exposure pane opens. By default, Tenable Identity Exposure displays only the IoEs that contain deviances.

  2. (Optional) To show all IoEs, click the Show all indicators toggle to Yes.

  3. Click on any Indicators of Exposure tile on the page.

    The Indicator details pane opens.

    At the top, the Indicator details pane summarizes the information already provided in the Trail Flow table:

  • The Name of the IoE.

  • Its Severity level (Critical, High, Medium, or Low).

  • Its compliance Status based on the result of the last analysis that Tenable Identity Exposure ran.

  • The Latest detection indicating the last time that Tenable Identity Exposure ran the analysis.

  1. Click on any of the following tabs provide more details for the IoE:

    Tab Description
    Information

    Includes internal and external resources on the IoE such as:

    • Executive Summary — an overview on the issue to help you make appropriate decisions.

    • Documents — links to external resources on the IoE.

    • Attacker-known tools — name of the hacking tools.

    • A tree structure of the impacted domains.

    Vulnerability details

    Provides explanations for the weakness detected in your AD and the risks to your Active Directory (AD) if you do not take remediation actions.

    Deviant objects

    Deviant objects reveal weaknesses or potentially dangerous behaviors in your AD. You can apply filters to deviant objects to pinpoint critical issues.

    When an IoE status is not compliant and includes deviant objects, you can take remediation actions to correct the security deficiencies that Tenable Identity Exposure detected. For more information, see Deviant Objects.

    Recommendations

    Tips on how to restore compliance with your security requirements and improve the security of your AD:

    • An Executive summary gives an overview on the solution suggested by Tenable Identity Exposure.

    • The Details sub-section gives advice on how to implement the action plan and helps managers initiate the necessary changes to their AD infrastructures.

    • The Documents sub-section provides links to external resources on the suggested solution or threat.

See also