Identifying Tier 0 Assets

Tier 0 assets include accounts, groups, and other assets that have direct or indirect administrative control of the Active Directory forests and domains.

Tenable Identity Exposure lists your Tier 0 assets and accounts with potential attack paths leading to that asset.

To list Tier 0 assets:

  1. In Tenable Identity Exposure, click on the Attack Path icon in the left navigation bar.

    The Attack Path pane opens.

  2. Click on the tile "What are my privileged assets?".

    Tenable Identity Exposure shows a list of Tier 0 assets in your AD.

    List of Tier 0 assets in AD

    Each line gives the asset name, its domain, and the following information:

    • Accounts with Attack Path: The number of assets that have an attack path leading to the Tier 0 asset.

    • Exposure: The accounts that have an attack path leading to the Tier 0 asset as a percentage of the total number of accounts in the domain.

To filter the assets for any specific domain:

  1. Click the n/n button.

    The Forest and Domains pane opens. You can do either of the following:

    • In the Search box, type the name of a forest or domain.

    • Select the Expand all box and select the forest or domain that you want.

  1. Click Filter on selection.

    Tenable Identity Exposure updates the list of assets.

To list the accounts with attack paths leading to the Tier 0 asset:

  • At the end of line of the Tier 0 asset name, click the icon.

    Tenable Identity Exposure shows a list of accounts with attack paths leading to that Tier 0 asset.

To see the asset exposure of the Tier 0 asset:

  • At the end of line with the Tier 0 asset name, click the icon.

    Tenable Identity Exposure opens the Asset Exposure page for that Tier 0 asset. For more information, see Attack Relations