Get Started with Attack Path Analysis
Tenable recommends following these steps to get started with Attack Path Analysis data and functionality.
Prepare
Before you begin:
Ensure you have the following:
- Tenable Vulnerability Management Basic Network Scan with credentials.
-
One of the following:
-
A Tenable Vulnerability Management basic scan using one of the following the scan templates:
-
Active Directory Identity — This scan type requires fewer permissions, and provides a basic overview of your active directory entities.
-
Active Directory Starter Scan — This scan type requires more permissions, and provides a thorough set of scan data and entity information including permissions, operating systems, and other properties that might lead to an attack.
Note: You can run this scan type on its own, or as part of a Basic Network Scan. In a Basic scan, you must ensure the Collect Identity Data from Active Directory option is enabled in the Discovery section. -
-
Tenable Identity Exposure SaaS deployed.
-
-
A default Tenable Web App Scanning scan, including injection plugins.
-
An AWS connection with a Tenable Cloud Security scan policy including all vulnerabilities and available AWS resources.
-
Tenable recommends the following:
-
Have at least 60% of assets scanned via an authenticated scan.
-
Select maximum verbosity in the Basic Network Scan.
-
A scan frequency of at least once a week.
-
-
Familiarize yourself with the Attack Path Analysis key terms.
-
Familiarize yourself with the categories and data metrics within Attack Path Analysis.
-
Review the Tenable One Example Workflow.
For a demonstration on getting started with Attack Path Analysis, see the following video:
License, Access, and Log In
-
Acquire a license:
-
Determine the interface that best suits your business objectives. For more information on use cases, see Welcome to Attack Path Analysis.
-
Contact your Tenable representative to purchase the appropriate package.
-
Configure Attack Path Analysis for Use
-
Configure your Attack Path Analysis settings.
-
View your data sources.
Assess Your Exposure
Review your CES and perform analysis:
-
Access Attack Path Analysis, where you can:
-
Generate custom, built-in, asset exposure graph, or blast radius queries to view attack path data.
-
Interact with the attack path data.
-