Identity 360 — Comprehensive Identity Risk Management

• Unified Identity View — Identity 360 aggregates identities from multiple identity providers, starting with Active Directory and Entra ID.

• Risk-Based Ranking — Leveraging advanced analytics, Identity 360 enables you to rank identities across your organization from most risky to least risky. This prioritization allows security teams to focus their efforts where they matter most, optimizing resource allocation and improving overall security posture.

• Contextual Identity Insights — Gain a deep understanding of each identity through various contextual lenses:

  • Associated accounts

  • Identified weaknesses

  • Connected devices

  • Access privileges

  • Activity patterns

  This multi-faceted approach provides a full perspective of each identity, enabling more accurate risk assessments and targeted security measures.

• Actionable Intelligence — By consolidating identity information from disparate sources, Identity 360 provides actionable insights that enable security teams to:

  • Identify and remediate vulnerabilities associated with high-risk identities

  • Implement more effective access control policies

  • Detect and respond to potential insider threats more quickly

  • Streamline compliance reporting and audits

By centralizing identity risk management and providing a holistic view of your organization's identity landscape, Identity 360 helps reduce the attack surface, improve operational efficiency, and strengthen your overall security posture.

An identity is the digital representation of a human (or non-human).

• Who they are (name, job title, department, etc.)

• What they can access (files, systems, data)

• How they interact with your organization's digital world

An account, on the other hand, is just one part of an identity. It's like a key that lets the person log into a specific system or service. For example, someone might have a work email account, a customer database account, and a project management tool account - all of these are different pieces of their overall digital identity.

By looking at the whole identity instead of just individual accounts, Identity 360 gives you a more complete picture of each person's digital presence and potential risks.

Identity 360 leverages data from the Tenable Platform, providing Tenable Identity Exposure with unprecedented access to data for assessing your organization’s security posture.

In the Tenable ecosystem, entities are referred to as Asset. Tenable Identity Exposure continues to highlight vulnerabilities associated with these assets while revealing their relationships through detailed Asset pages.

Identity Gathering

Identity 360 consolidates IDP Accounts under a unified Person entity. To determine whether it should associate accounts, Identity 360 compares several attributes such as account email addresses and User Principal Names (UPNs).

Tenable prioritizes high-quality matches to prevent erroneous associations, even if it means occasionally missing matches that seem obvious to a human observer. For instance, Tenable excludes first and last names from matching because the high likelihood of homonyms in large organizations significantly increases the risk of false positives.

Note: When the IDP removes the last account associated with a Person, the Tenable Identity Exposure user interface may take up to 12 hours to remove the corresponding Person Asset. Identity 360 may also display duplicate relationships between a Person and their associated accounts.

IDP Tenant, Domain, and Organization

Tenable uses the term Tenant to encompass various IDP concepts, including "tenant" (e.g., in Microsoft Entra ID), "organization" (e.g., in Okta), and "domain" (e.g., in Microsoft Active Directory).

To use Identity 360, you must activate Identity 360 support in Tenable Identity Exposure settings.

• Optional: To submit your Active Directory data for analysis, you must also activate the Tenable Cloud Service.

Caution: To use this feature, you must not apply IP address filtering in Tenable Vulnerability Management to allow API access to Tenable Identity Exposure. See API Access Security for more information.

To open the Identity Overview page:

• In Tenable Identity Exposure, click in the left navigation bar.

  The Identity Overview page opens with a dashboard for managing and monitoring identities within an organization's system.

Main Elements

This dashboard allows you to view, search, and manage identity information, with a focus on security metrics like weaknesses and attack exposure. It provides both a high-level overview (in the header) and detailed information for individual identities in the table format.

• Key Metrics

  • Number of Identities

  • New Identities in Last 7 Days

  • Updated Identities in Last 7 Days

• Navigation and Search

  • Search bar for querying identities

  • Options for Query, Filter, Export, and Columns customization

    For complete information on how to use the search function, see the Global Search Quick Reference Guide.

• Data Table of all identity assets from your Identity Providers (IDP) . This view focuses specifically on identity-type assets, unlike Tenable One which shows all asset types. Each row represents a unique identity with this information: (default column display)

  • Name, Providers, AES (Asset Exposure Score), Weaknesses, Accessible Resources, Associated Tags, Account Status, Last Updated, Identity Tenant Names, and Details

• Data Visualization

  • Bar graphs or indicators in the AES and Weaknesses columns, providing visual representation of data

• Status Indicators

  • "ENABLED/DISABLED" tag in the Account Status column

The interface for Identity 360 is similar in appearance and functionality to Tenable One Inventory, with specific adaptations for identity management. The layout and many features will be familiar if you already use Tenable One.

For more information, see Tenable One Exposure Management Platform Deployment Guide.