Tenable.ad 3.13 Release Notes (2022-01-12) Early Access

New Features (Early Access)

Tenable.ad version 3.13 includes the following new features:

  • New graphical representations to explore Active Directory relationships:

    • Blast Radius: Evaluates lateral movements in the AD from a potentially exposed asset.

    • Attack Path: Anticipates privilege escalation techniques to reach an asset from a specific entry point.

    • Asset Exposure: Measures an asset's vulnerability using asset exposure visualization and tackles all escalation paths.

  • New ability to adjust the workload quota which limits the number of Indicators of Attack running simultaneously.

  • New API endpoint to allow you to extract Active Directory objects from the database.

  • New Indicators of Attack:

    • Massive Computers Reconnaissance: Detects reconnaissance attacks that generate a massive number of authentication requests to Active Directory targets.

    • Enumeration of Local Administrators: Detects Active Directory data enumeration attacks.

Bug Fixes

Tenable.ad version 3.13 contains the following bug fixes:

Bug Fix Defect ID
Tenable.ad now supports Windows LTS versions. N/A
Deleted sites no longer appear in deviances. N/A
Tenable.ad updates group members when they change OUs. N/A
When the Active Directory is slow, the regular crawling no longer starts if a crawling is already in progress. N/A


Tenable.ad version 3.13 contains the following patches:

Patch Defect ID
Migration from 3.1 to 3.11 does not generate false positives deviances on GPOs. N/A