Indicators of Exposure
Tenable Identity Exposure measures the security maturity of your AD infrastructures through Indicators of Exposure (IoEs) and assigns severity levels to the flow of events that it monitors and analyzes. Tenable Identity Exposure triggers alerts when it detects security regressions.
At the top of The Indicators of Exposure page, type a string in the Search box. This can be any term related to an IoE such as password, user, logon, etc.
The IoE page updates with the indicators associated with your search term.
Click n/n domain.
A Forest and domains pane opens.
Select the forest or domain.
Click Filter on selection.
Level of Severity
Severity levels allow you to assess the severity of the detected vulnerabilities and to prioritize remediation actions.
The Indicators of Exposure pane shows IoEs as follows:
By severity level using color codes.
Vertically — from most severe to least severe(red for top priority and blue for least priority).
Horizontally — from most complex to least complex. Tenable Identity Exposure computes the complexity indicator dynamically to indicate the level of difficulty to remediate the deviant IoE.
|Critical — Red||Shows how to prevent attacks and compromise of the Active Directory by certain unprivileged users.|
|High — Orange||
Deals with either post-exploitation techniques leading to credential theft or security bypass or with exploitation techniques that require chaining to be dangerous.
|Medium — Yellow||Indicates a limited risk for the Active Directory infrastructure.|
|Low — Blue||Shows good security practices. Certain business contexts may allow low-impact deviances that do not necessarily affect AD security. These deviances have an impact on the AD only if an administrator makes an error such as by activating an inactive account.|