Realize the Value of Your Data within Tenable Exposure Management

Exposure View

Access the Exposure View page, where you can gain critical business context by getting business-aligned cyber exposure score for critical business services, processes and functions, and track delivery against SLAs. Track overall VM risk to understand the risk contribution of assets to your overall Cyber Exposure Score, including by asset class, vendor, or by tags.

• View and manage cyber exposure cards.

• View CES and CES trend data for any exposure card.

  Tip: When viewing exposure cards, you can toggle between Score and Score (Beta) to compare the differences in your scoring using old and new Tenable data models. For more information, see View Your CES.

• View Remediation Service Level Agreement (SLA) data.

• View Tag Performance data.

• Configure the general settings for the Exposure View and its exposure cards:

  • Set your Sparkline Timespan

  • Set your default Benchmark Industry

  • Set your Card Targets and Category Targets

  • Set your default trend period

  • De-select the Overall SLA and Low SLA options

  • Adjust Graph Range SLA setting to see how it changes your scores

• Use the relevant tags that have been created in the Tagging view to create new custom exposure cards:

  • For example, after consideration, you may find that you want to include 20 tags within custom exposure cards.

For more information, see Exposure View in the Tenable Exposure Management User Guide.

Exposure Signals

Access the Exposure Signals page, where you can generate exposure signals that use queries to search for asset violations. Simply put, if an asset is impacted by a weakness related to the query, then the asset is considered a violation. Using this, you can gain visibility into your most critical risk scenarios.

• Find top active threats in your environment with up-to-date feeds from Tenable Research.

• View, generate, and interact with the data from queries and their impacted asset violations.

• Create custom exposure signals to view business-specific risks and weaknesses

For more information, see Exposure Signals in the Tenable Exposure Management User Guide.

Inventory

Access the Inventory page, where you can enhance asset intelligence by accessing deeper asset insights, including related attack paths, tags, exposure cards, users, relationships, and more. Improve risk scoring by gaining a more complete view of asset exposure, with an asset exposure score that assesses total asset risk and asset criticality.

• View and interact with the data on the Assets tab:

  • Unify all assets in a single view to simplify analysis, understand relationships, and discover exposures across the attack surface.

  • Familiarize yourself with the Global Asset Search and its objects and properties. Bookmark custom queries for later use.

  • Find devices, user accounts, software, cloud assets, SaaS applications, networks, and their weaknesses.

  • Drill down into the Asset Details page to view asset properties and all associated context views.

• View and interact with the data on the Weaknesses tab:

  • View key context on vulnerability and misconfiguration weaknesses to make the most impactful remediation decisions.

• View and interact with the data on the Software tab:

  • Gain full visibility of the software deployed across your business and better understand the associated risks.

  • Identify what software may be out of date, and which pieces of software may soon be End of Life (EoL).

• View and interact with the data on the Findings tab:

  • View instances of weaknesses (vulnerabilities or misconfigurations) appearing on an asset, identified uniquely by plugin ID, port, and protocol.

  • Review insights into those findings, including descriptions, assets affected, criticality, and more to identify potential security risks, visibility on under-utilized resources, and support compliance efforts.

For more information, see the Inventory in the Tenable Exposure Management User Guide.

Attack Path

Access the Attack Path page, where you can optimize risk prioritization by exposing risky attack paths that traverse the attack surface, including web apps, IT, OT, IoT, identities, ASM, and prevent material impact. Streamline mitigation by identifying choke points to disrupt attack paths with mitigation guidance, and gain deep expertise with AI insights (Not available in FedRAMP environments).

• View the Dashboard tab for a high-level view of your vulnerable assets such as the number of attack paths leading to these critical assets, the number of open attack techniques and their severity, a matrix to view paths with different source node exposure score and ACR target value combinations, and a list of trending attack paths.

  • Review the Top Attack Path Matrix and click the Top Attack Paths tile to view more information about paths leading to your “Crown Jewels”, or assets with an ACR of 7 or above.

  You can adjust these if needed to ensure you’re viewing the most critical attack path data.

• On the Top Attack Techniques tab, view all attack techniques that exist in one or more attack paths that lead to one or more critical assets by pairing your data with advanced graph analytics and the MITRE ATT&CK® Framework to create attack techniques, which allow you to understand and act on the unknowns that enable and amplify threat impact on your assets and information.

• On the Top Attack Paths tab, generate attack path queries to view your assets as part of potential attack paths:

  • Generate an Attack Path with a Built-in Query

  • Generate an Attack Path Query with the Attack Path Query Builder

  • Generate an Asset Query with the Asset Query Builder

  Then, you can view and interact with the Attack Path Query and Asset Query data via the query result list and the interactive graph.

• Interact with the MITRE ATT&CK Heatmap tab.

For more information, see the Attack Path in the Tenable Exposure Management User Guide.

Tagging

View and interact with the data in the Tagging page:

• Create and manage tags to highlight or combine different asset classes.

• View the Tag Details page to gain further insight into the tags associated with your assets.

Third-Party Connectors

Access the Connectors page, where you can view, manage, and add third-party connector integrations to Tenable Exposure Management.

Tenable Exposure Management ingests data from existing security tools, such as vulnerability scanners, cloud providers, inventory tools, SCA/SAST/DAST, and more. Tenable Exposure Management integrates with the vendor tool to pull asset and vulnerability data into the application and display it seamlessly alongside your Tenable application data. Once the integration is complete, the platform analyzes the data to correlate, consolidate, and contextualize the ingested data to impact risk and remediation priority.

• Create and manage connectors to ingest your third-party application directly into Tenable Exposure Management.

• View those connector assets, weaknesses, and findings on the Inventory page.