Install Indicators of Attack

Required User Role: Organizational user with permissions to modify the Indicators of Attack configuration in Tenable Identity Exposure. For more information, see Set Permissions for a Role.

Tenable Identity Exposure's Indicators of Attack (IoA) module requires you to run a Powershell installation script with an administrative account that can create and link a new Group Policy Object (GPO) to an organizational unit (OU). You can run this script from any machine joined to your Active Directory domain that Tenable Identity Exposure monitors and that can reach domain controllers via the network. If you enable the "Automatic Updates" option, then you only have to run this installation script once in each AD domain: through the GPO, it automatically applies to all existing and new domain controllers (DC).

For more information, see: