Get Started with Attack Path Analysis

Tenable recommends following these steps to get started with Attack Path Analysis data and functionality.

Tip: For additional information on getting started with Tenable One products, check out the Tenable One Deployment Guide.


Before you begin:

Ensure you have the following:

  • Tenable Vulnerability Management Basic Network Scan with credentials.
  • One of the following:

    • A Tenable Vulnerability Management basic scan using one of the following the scan templates:

      • Active Directory Identity — This scan type requires fewer permissions, and provides a basic overview of your active directory entities.

      • Active Directory Starter Scan — This scan type requires more permissions, and provides a thorough set of scan data and entity information including permissions, operating systems, and other properties that might lead to an attack.

      Note: You can run this scan type on its own, or as part of a Basic Network Scan. In a Basic scan, you must ensure the Collect Identity Data from Active Directory option is enabled in the Discovery section.
    • Tenable Identity Exposure SaaS deployed.

  • A default Tenable Web App Scanning scan, including injection plugins.

  • An AWS connection with a Tenable Cloud Security scan policy including all vulnerabilities and available AWS resources.

  • Tenable recommends the following:

    • Have at least 60% of assets scanned via an authenticated scan.

    • Select maximum verbosity in the Basic Network Scan.

    • A scan frequency of at least once a week.

For a demonstration on getting started with Attack Path Analysis, see the following video:

License, Access, and Log In

  • Acquire a license:

    1. Determine the interface that best suits your business objectives. For more information on use cases, see Welcome to Attack Path Analysis.

    2. Contact your Tenable representative to purchase the appropriate package.

Configure Attack Path Analysis for Use

Assess Your Exposure

Review your CES and perform analysis:

  • Access Attack Path Analysis, where you can:

    • Generate custom, built-in, asset exposure graph, or blast radius queries to view attack path data.

    • Interact with the attack path data.