Get Started with Attack Path Analysis
Tenable recommends following these steps to get started with Tenable One data and functionality.
Prepare
Before you begin:
Ensure you have the following:
- Tenable.io Basic Network Scan with credentials.
-
One of the following:
-
Tenable.ad SaaS deployed.
-
Tenable.io Active Directory Identity Scan — You can run it separately or via the Basic Network Scan with the Collect Identity Data from Active Directory option enabled in the Discovery section.
-
-
Tenable recommends the following:
-
Have at least 60% of assets scanned via an authenticated scan.
-
Select maximum verbosity in the Basic Network Scan.
-
A scan frequency of at least once a week.
-
-
Familiarize yourself with the Tenable One key terms.
-
Familiarize yourself with the categories and data metrics within Tenable One.
-
Review the Tenable One Example Workflow.
For a demonstration on getting started with Attack Path Analysis, see the following video:
License, Access, and Log In
-
Acquire a license:
-
Determine the interface that best suits your business objectives. For more information on use cases, see Welcome to Tenable One Attack Path Analysis.
-
Contact your Tenable representative to purchase the appropriate package.
-
Configure Attack Path Analysis for Use
-
Configure your Attack Path Analysis settings.
-
View your data sources.
Assess Your Exposure
Review your CES and perform analysis:
-
Access the Attack Path Analysis section, where you can:
-
Generate custom, built-in, asset exposure graph, or blast radius queries to view attack path data.
-
Interact with the attack path data.
-