Differences Between Attack Path Analysis and Tenable Identity Exposure

Attack Path Analysis and Tenable Identity Exposure overlap mainly on the Active Directory attack techniques. The Attack Path modules for Attack Path Analysis and Tenable Identity Exposure were designed to achieve different objectives.

Attack Path Analysis highlights exploitable and realistic attack paths, which an attacker would likely choose, whereas Tenable Identity Exposure enables thorough exploration and visualization of the underlying security relationships of Active Directory. Therefore, Attack Path Analysis is based on the MITRE ATT&CK™ framework and supports attack techniques across the endpoint, network, and cloud, whereas Tenable Identity Exposure focuses on Active Directory security.

When to Use Attack Path Analysis and Tenable Identity Exposure

Attack Path Analysis was developed from the attacker point of view and it best suits cybersecurity practitioners such as blue and red teams. For Tenable One users, you can use Attack Path Analysis when you want to search for all probable attack paths within the entire security stack across the Cyber Kill Chain.

Although most Tenable Identity Exposure Indicators of Exposure (IoEs) are included in the MITRE ATT&CK™ Framework and also supported in Attack Path Analysis, IT administrators and Active Directory Security Engineers should use Tenable Identity Exposure for full context and visibility to the bits and bytes of Active Directory.