Welcome to the Tenable One Exposure Management Platform Deployment Guide

Last updated: November 19, 2024

Tenable One is an exposure management platform that helps organizations to gain visibility across the modern attack surface, focus efforts to prevent likely attacks, and accurately communicate exposure risk to support optimal business performance.

The Tenable One platform enables you to:

  • Get comprehensive visibility of all assets and vulnerabilities, whether on-premises or in the cloud, and understand where they are exposed to risk.

  • Anticipate threats and prioritize efforts to prevent attacks by using generative AI and the industry's largest data set of vulnerability and exposure context.

  • Communicate exposure risk to business leaders and stakeholders with clear KPIs, benchmarks, and actionable insights.

  • Leverage the broadest vulnerability coverage spanning IT assets, cloud resources, containers, web apps, and identity systems.

  • Integrate with third-party data sources and tools for enhanced exposure analysis and remediation.

Before you Begin

Before you begin, review the following customer education materials:

In this document, you'll be guided step-by-step how to:

  • Guide you through deploying each product within your Tenable One package.

  • Navigate any caveats or limitations between these products.

  • Get the most out of your data in the Lumin Exposure View, Tenable Inventory, and Attack Path Analysis products.

Important: At the bottom of each page, look for the What to do Next steps. Here, you can see which application you should install next based on which Tenable One licensing package you purchased.

The Tenable One package includes the following products:

Tenable One Product Architecture

When configuring Tenable One, you must first deploy the "Point Products":

  • Tenable Vulnerability Management

  • Tenable Security Center

  • Tenable Web App Scanning

  • Tenable Cloud Security

  • Tenable Identity Exposure

  • Tenable Attack Surface Management

Once you deploy these products, Tenable integrates your data into the Tenable database. From there, the following interfaces pull the data, where you can then interact with and assess the data:

  • Lumin Exposure View

  • Tenable Inventory

  • Attack Path Analysis

Things to Consider Before Deploying Tenable One Products

Users and Settings

Most product settings, including user creation, live within the Tenable Vulnerability Management User Interface. This means that managing user roles and permissions for all Tenable One products can be managed directly via the Tenable Vulnerability ManagementSettings > Access Control workflow. For more information, see Access Control in the Tenable Vulnerability Management User Guide.

Tip: Looking for information on how to add additional contacts to your Tenable Community portal account? Check out the Tenable Community Guide for Account, Contact, and Product Management.

SAML

Tenable One supports several forms of multi-factor authentication, including SAML. For detailed information on how to configure SAML for Tenable One, see the Tenable SAML Quick Reference Guide.

Tags

  • Tags within Tenable Vulnerability Management can include assets from Tenable Vulnerability Management, Tenable Web App Scanning, and Tenable Cloud Security (NOT Tenable Identity Exposure) and sync these assets within Tenable One.

  • Tags within Tenable One can include data types from Tenable Vulnerability Management, Tenable Web App Scanning, Tenable Identity Exposure, and Tenable Cloud Security. This means you can break down an application that includes one or more assets from any or all of these data sources. This does not, however, mean that you can bring Tenable Identity Exposure tag data back into Tenable Vulnerability Management.

  • The way you tag your data is how you ultimately visualize that data on your Exposure Cards within the Lumin Exposure View. Exposure Cards can include one or more tags. Therefore, the tags you create dictate the custom exposure cards you can create within the Lumin Exposure View.

Frequently Asked Questions

A: You can set SLAs to best align with your organization's policy when configuring the Lumin Exposure View. For more information, see Configure the Exposure View in the Lumin Exposure View User Guide.

A: At an executive level, reporting within the Lumin Exposure View is different from reporting within the "point products" (i.e., Tenable Vulnerability Management, Tenable Cloud Security). Tenable recommends that you educate leaders in your organization on how these changes can improve your organization's efforts.

Tip: When you recast a finding within the Tenable Vulnerability Management interface, Tenable One updates your Cyber Exposure Score (CES) accordingly.