Exposure Center Overview

Tenable Identity Exposure provides comprehensive visibility into weaknesses and misconfigurations across various identity providers, including Active Directory (AD) and Entra ID.

By continuously scanning and identifying critical weaknesses in privileged accounts, password policies, delegation configurations, and more, Tenable Identity Exposure enables organizations to address security gaps proactively.

This overview allows you to prioritize issues based on severity, impacted assets, and recent detection, ensuring a focused and efficient approach to identity security management.

Prerequisites

  • To use the Exposure Center, you must activate the feature in Tenable Identity Exposure settings.

  • See Identity 360, Exposure Center, and Microsoft Entra ID Support Activation for instructions.

Exposure Center page

To access the Exposure Center page:

  • In Tenable Identity Exposure's left navigation pane, click the Exposure Center icon .

    The Exposure Center page appears.

Header Information

These metrics in the header provide at-a-glance visibility into the current state of identity exposures.

  • Number of Weaknesses- Total identified weaknesses.

  • New Weaknesses in Last 7 Days- Count of new weaknesses detected within the past week.

  • Number of Findings – Total number of findings linked to exposures.

  • New Findings in Last 7 Days – Count of findings identified within the past week.

Quick Filtering Panel

The Filters panel (left sidebar) allows you to narrow down exposures based on different attributes:

  • Impacted Assets

    • With Impacted Assets

    • Without Impacted Assets

  • Provider Name – Filter exposures by provider.

  • Severity – Critical, High, Medium, Low.

  • Tenants – Scope exposures by tenant.

  • Families – Organize exposures by category, such as:

    • Authentication and Credentials

    • Policy and Configuration

    • Access Control and Permissions

    • Services and Applications

  1. Open the Filters panel using the ("Show") arrows on the left-hand side of the Exposure Center. (This side panel is open by default)

  2. Expand the desired filter category (e.g., Severity or Provider Name).

    Alternately, you can type a keyword in the "Search" box to locate an attribute.

  3. Select one or more filter options by checking the boxes.

  4. The exposures table automatically refreshes to show results for the selected filters.

  5. Combine multiple filters to narrow results further.

  6. To reset, deselect the options or clear all filters using the top filter icon.

Exposures Table (Main View)

The central table lists detected exposures with the following columns:

  • Weakness Name – Lists specific weaknesses or misconfigurations detected. Example: "Not protected against delegation", "Too many privileged accounts", etc.

  • Provider – The provider where the weakness was detected.

  • Description – Provides a brief explanation of the issue. Example: "Privileged accounts have to be protected...", "Too many administrators are present...".

  • Severity – Displays the criticality of each weakness (Critical, High, Medium, Low).

  • Remediation Effort – Estimated effort required to fix the weakness (visual indicators).

  • Impacted Assets – Shows the number of assets affected by each weakness.

  • Sources – The systems or platforms that detected the data. This data could come from multiple products.

  • Last Seen: Displays the last time each weakness was detected or reported. Example: "September 10, 2024", "September 29, 2024".

  • See Details – Link to detailed information about the weakness.

Tip: The "See Details" arrow takes you to Exposure Instance details for Identity Exposure weaknesses, and to Tenable Inventory for the others. For more specific information on a given weakness, refer to Exposure Instance Details & see Weaknesses in Tenable Inventory.

Note: The Exposure Center feature currently displays weakness-related data based on the default Tenable profile and does not automatically reflect the status of deviances on AD objects you whitelisted in other profiles.

Therefore:

  • If you have whitelisted an AD object for a specific Indicator of Exposure (e.g., "Native admin group member"), Exposure Center will still flag it as a security weakness if the default profile identified it as deviant.

  • This can create the impression that the issue has not been addressed, even though the object has already been whitelisted under a different profile.

  • If a remediation action (such as removing group membership) is taken based on the Exposure Center display, the object will disappear from the view— but this may not have been necessary if the object was already whitelisted elsewhere.

Search, Filter, Export, and Column Display Options

Exposure Center offers powerful search options to help you find the exact information you need:

  • Global Search Query Builder

    • Enables complex, precise searches using specific properties and relational queries

    • Ideal for power users and detailed analysis

    • Example: Find all accounts that are members of the "identities that have accounts belonging to a specific group" or "identities with high-risk entitlements accessed in the last 30 days."

    • Benefits: Allows you to construct precise, multi-layered searches to pinpoint exactly the data you need.

    For complete information on how to use this query builder, see the Global Search Quick Reference Guide.

  • Simple Search

    • Fast, straightforward text-based search for immediate results

    • Perfect for finding specific identities or simple lookups

    • Example: Typing a name like "John Smith" or an employee ID

    • Benefits: Instantaneous, ideal for day-to-day operations and quick checks

Each search type caters to different user needs and scenarios, from complex data analysis to quick identity lookups. You can choose the most appropriate search method based on your current task, technical expertise, and the complexity of the information you seek.

  • Find Menu Options: Click Find or the icon to unveil a quick-access menu that helps streamline your search and query workflow. The menu includes the following options:

    • Tenable Queries - Predefined queries provided by Tenable—for example, commonly used filters or searches crafted by Tenable to help you get started quickly.

    • Search History - A log of your most recently executed query expressions, enabling easy reuse and continuity in your investigation process.

    • Bookmarks - Your saved custom queries for convenient reuse anytime.

A filter function in Exposure Center allows you to narrow down or refine displayed data by applying specific criteria.

To apply a filter to the list of weaknesses:

  1. In the header of the Exposure Center page, click the icon.

    The Add Filter button appears.

  1. Click Add Filter +.

    A menu appears.

  1. In the Properties search box, you can type a keyword such as "asset" to quickly find related properties. Otherwise, scroll through the list of available properties.

  2. Select Impacted Assets from the dropdown (example).

  3. In the Impacted Assets filter dialog: choose a comparison operator, such as:

    • Equal

    • Exists

    • Greater than

    • Greater than or equal

    • [more]

  1. Enter a numeric value if applicable (e.g., 2).

  2. Click Apply to activate the filter.

  3. Click Apply filters.

The exposures table refreshes and only displays weaknesses with the number of impacted assets matching your selected condition.

  • To adjust or remove the filter, reopen the filter settings or clear it from the active filter list at the top of the panel.

You can export the data displayed in the table to an Excel file.

To export data:

  1. In the header of the Exposure Center page, click the icon.

  2. In the Export Table window, select the columns to export. You have the option to export the current page or selected rows.

  3. Click Add Columns to add more columns as necessary.

  4. If you choose to export rows, select a separator: comma or semi-colon.

  1. Click Export.

You can add, remove, or reorder columns to tailor your view to your preferences. If you want to revert any changes, you can always reset to the default settings.

To customize column displays:

  1. In the header of the Exposure Center page, click .

    The Customize columns window appears.

  2. Optional:

    • In the Reorder added columns section, click and drag any column name to reorder the columns.

    • In the Show/Hide section, select/delesect the check boxes to show or hide columns in the table.

    • In the Remove section, click (-) to permanently remove a column from the table.

    • To add columns to the table, click Add Columns.

      The Add columns to table window appears.

      • (Optional) Use the search bar to search for a column property.

        The list of column properties updates based on your search query.

      • Select the check box next to any column or columns you want to add to the table.

      • Click Add.

        The column appears in the Customize columns window.

  1. Click Apply Columns.

    Tenable saves your changes to the columns in the table.

Default Columns

The default layout of columns ensures that key data is easily accessible while offering flexibility for customization.

  • Weakness Name
  • Provider Name

  • Description

  • Severity Level

  • Remediation Cost

  • Impacted Assets

  • Sources

  • Last Seen

  • Impacted Tenants

To reset to default columns:

  • Click Reset to Defaults to reset all columns to their defaults.

See Also