Key Terms

The following key terms apply to the Attack Path Analysis user interface.

Term Definition
Active Directory (AD) Attack Path Analysis integrates AD data from Tenable Identity Exposure.
Asset Any IT or security element in your organization such as user accounts, computers, and software. The Discover section represents an asset as a node in the graph.
Asset Exposure Graph

A visualization of an attack path from multiple assets down to one asset.

Asset Exposure Score (AES)

Tenable calculates a dynamic AES for each asset on your network to represent the asset's relative exposure as an integer between 0 and 1000. A higher AES indicates higher exposure

Asset Vulnerability Rating (AVR) An aggregation of all Vulnerability Priority Rating (VPR) scores for vulnerabilities detected on an asset.
Benchmark

A group of scores to which you can compare your scores and assess your performance.

Blast Radius A visualization of one or more attack paths from one asset to multiple other assets.
CES Trend A measurement that defines how your CES improves or regresses over time.
Chief Information Security Officer (CISO) The head of cybersecurity for a company. A CISO can use the Exposure View to quickly quantify the overall enterprise risk exposure, measure its progress or regression over time and easily communicate impact and ROI to key stakeholders.
Choke Point Priority A choke point is a place where potential attack paths merge together before reaching a critical asset. Attack Path Analysis uses Choke Point Priority as a prioritization metric for attack techniques based on the number of attack paths exploiting the attack, the number of critical assets it leads to, and complexity of the attack. Attack Path Analysis categorizes priority levels as Low, Medium, High, and Critical. Tenable recommends focusing on areas with higher choke points first, as remediating those will negate the largest number of critical items within your organization.
Cyber Exposure Score (CES) Your CES quantifies the relative risk of your organization based on the threat exposure and criticality of your licensed assets. CES values range from 0 - 1000, where higher values indicate higher exposure and higher risk.
Data Source A product that feeds data into Tenable One (for example, Tenable Vulnerability Management).
Evidence The empirical data from different data sources confirming the feasibility of a Step as part of an attack path.
Exposure Card

An Exposure card represents the incoming data from your configured tags and data sources. It aggregates and normalizes the data to provide a visualization of your Cyber Exposure Score (CES) and other metrics. Users can create custom cards, or use Tenable-provided cards to gain insight and guidance on what areas need their attention most.

Exposure Card View The section of the Exposure View that includes data about the selected exposure card. This section includes CES, trend, Remediation SLA, and business context information.
Exposure View A holistic and unified view combining internal and external data sources to provide a complete view of risk in a singular location.
Finding
  • Within the Lumin Exposure View interface: A single instance of a vulnerability appearing on an asset, uniquely identified by plugin ID, port, and protocol.

  • Within the Attack Path Analysis interface: A technique or sub-technique in that exists in one or more attack paths that lead to one or more critical assets. Each finding has a Choke Point Priority that determines its urgency and potential impact.

Industry Benchmark A benchmark based on members of your Tenable-assigned industry to which you can compare your scores and assess your performance.
MITRE ATT&CK® MITRE ATT&CK® is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations. The MITRE ATT&CK® knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.
Node Exposure Score (NES) A metric produce by Tenable One to understand the blast radius exposure of a node. This metric considers the Vulnerability Priority Rating of all vulnerabilities on the asset as well as other relationships such as software installed, sub-networks to which the asset belongs, internet exposure, etc.
Path Priority Rating A prioritization metric for attack paths based on the exposure of the source, criticality of the target and the number of steps of the attack path.
Population Benchmark A benchmark based on members of the entire population to which you can compare your scores and assess your performance.
Query Builder A customizable visualization of one or more attack paths based on configurable source and target assets.
Query Library Predefined queries that visualize scenarios of potential attack paths based on real-world attacks.
Operational Technology (OT) Tenable One integrates OT data from OT Security.
Security Practitioner A Security Practitioner can use the Asset Inventory to evaluate the impact of unsecured assets, proactively identify hidden security issues in assets relationships, and quickly locate areas where a breach or risk is likely to happen.
Service Level Agreement (SLA) A control by which you can identify whether assets comply with customer security requirements.
Step A feasible implementation of a technique or sub-technique in an attack path that an adversary can leverage. The Discover section illustrates a step as a "bracket" between two or more assets.
Technique / Sub-Technique Represents "how" an adversary achieves a tactical goal by performing an action. For example, an adversary can dump credentials to achieve credential access.
Tags A way to group assets by business context. For example, you can group assets by product, permissions, business owner, etc.
Top Attack Path An attack path that leads to one or more critical assets.
Vulnerability Management (VM) Tenable One integrates VM data from Tenable Vulnerability Management and Tenable Security Center.
Web Application Scanning (WAS) Tenable One integrates web app scanning data from Tenable Web App Scanning.