Exposure Overview

Tenable Identity Exposure provides comprehensive visibility into weaknesses and misconfigurations across various identity providers, including Active Directory (AD) and Entra ID.

By continuously scanning and identifying critical weaknesses in privileged accounts, password policies, delegation configurations, and more, Tenable Identity Exposure enables organizations to address security gaps proactively.

This overview allows you to prioritize issues based on severity, impacted assets, and recent detection, ensuring a focused and efficient approach to identity security management.

To access the Exposure Overview page:

  1. In Tenable Identity Exposure's left navigation pane, click the Exposure Center icon .

  2. From the submenu, click on Exposure Overview.

    The Exposure Overview page appears.

Header Information

  • Number of Weaknesses: Shows a total of weaknesses detected.

  • New in Last 7 Days: Highlights the new weaknesses detected in the past week.

List of Weaknesses

The following columns appear in the list of weaknesses:

  • Weakness Name: Lists specific weaknesses or misconfigurations detected. Example: "Not protected against delegation", "Too many privileged accounts", etc.

  • Description: Provides a brief explanation of the issue. Example: "Privileged accounts have to be protected...", "Too many administrators are present...".

  • Severity: Displays the criticality of each weakness (Critical, High, Medium, Low).

  • Impacted Assets: Shows the number of assets affected by each weakness.

  • Sources: The systems or platforms that detected the data. This data could come from multiple products.

  • Last Seen: Displays the last time each weakness was detected or reported. Example: "September 10, 2024", "September 29, 2024".

  • See Details: Allows you to view more information on each weakness.

    Tip: The "See Details" arrow takes you to Tenable Inventory. For more granular details on the specific weakness, see Weaknesses in Tenable Inventory.

    Note: The Exposure Overview feature currently displays weakness-related data based on the default Tenable profile and does not automatically reflect the status of deviances on AD objects you whitelisted in other profiles.

    Therefore:

    • If you have whitelisted an AD object for a specific Indicator of Exposure (e.g., "Native admin group member"), Exposure Overview will still flag it as a security weakness if the default profile identified it as deviant.

    • This can create the impression that the issue has not been addressed, even though the object has already been whitelisted under a different profile.

    • If a remediation action (such as removing group membership) is taken based on the Exposure Overview display, the object will disappear from the view— but this may not have been necessary if the object was already whitelisted elsewhere.

Search, Filter, Export, and Column Display Options

A filter function in Exposure Overview allows you to narrow down or refine displayed data by applying specific criteria.

To apply a filter to the list of weaknesses:

  1. In the header of the Exposure Overview page, click the icon.

    The Add Filter button appears.

  1. Click Add Filter +.

    A menu appears.

  1. Do one of the following:

    • To search the list of weaknesses by tag, click Tags (applicable only with Tenable One license and managed in Tenable Inventory.)

    • To search the list of weaknesses by property, click Properties.

  1. In the search box, type the criteria by which you want to search.

    Tenable Inventory populates a list of options based on your criteria.

  2. Click the tag or property by which you want to filter the list of weaknesses.

    A menu appears.

  3. Select how to apply the filter. For example, if you want to search for a weakness whose name is "Weakness14", select the contains radio button and in the text box, type "Weakness14".

  4. Click Add filter .

    The filter appears above the list of weaknesses.

  5. Repeat these steps for each additional filter you want to apply.

  6. Click Apply filters.

    The page filters the identity list by the designated criteria.

You can export the data displayed in the table to an Excel file.

To export data:

  1. In the header of the Exposure Overview page, click the icon.

  2. In the Export Table window, select the columns to export. You have the option to export the current page or selected rows.

  1. Click Export.

You can add, remove, or reorder columns to tailor your view to your preferences. If you want to revert any changes, you can always reset to the default settings.

To customize column displays:

  1. In the header of the Exposure Overview page, click .

    The Customize columns window appears.

  2. Optional:

    • In the Reorder added columns section, click and drag any column name to reorder the columns.

    • In the Show/Hide section, select/delesect the check boxes to show or hide columns in the table.

    • In the Remove section, click (-) to permanently remove a column from the table.

    • To add columns to the table, click Add Columns.

      The Add columns to table window appears.

      • (Optional) Use the search bar to search for a column property.

        The list of column properties updates based on your search query.

      • Select the check box next to any column or columns you want to add to the table.

      • Click Add.

        The column appears in the Customize columns window.

  1. Click Apply Columns.

    Tenable saves your changes to the columns in the table.

Default Columns

The default layout of columns ensures that key data is easily accessible while offering flexibility for customization.

  • Weakness Name

  • Description

  • Severity

  • Impacted Assets

  • Sources

  • Last Seen

To reset to default columns:

  • Click Reset to Defaults to reset all columns to their defaults.

See also