Identity Explorer

Permissions: To access the configuration and data visualization for Azure Active Directory, your user role must have the appropriate permissions. For more information, see Set Permissions for a Role.

Tenable Identity Exposure's Identity Explorer view unifies identities across both Active Directory and Azure AD. This view shows the Identity Risk Score (beta) for each listed asset and the potential reach of compromised identities.

To access the Identity Explorer:

Note: The Identity Explorer is only visible if you use the Azure Active Directory feature. For more information, see Azure Active Directory Support.

  • In Tenable Identity Exposure, click on the Identity Explorer icon in the left navigation bar.

    The Identity Explorer pane opens. Identity Explorer

The Identity Explorer pane shows the following information for total accessible resources:

  • Identity Name — Name of the user account under the identity provider.

  • Account Provider — The Identity Provider.

  • Exposure ScoreTenable Identity Exposure calculates this metric by assessing the criticality of an asset or identity and its vulnerabilities for each identity provider, and aggregates it to provide an overall exposure score for a given identity.

    Note: Tenable Identity Exposure only shows the Exposure Score if you have the Tenable One license.
  • Open Risks — The number of findings that an Azure AD Indicator of Exposure detects when it scans the asset. For more information, see Indicators of Exposure Related to Azure AD .

  • Total Accessible Resources — The number of resources of any type to which this asset has access (read, write, etc.)