Device & IoTIdentity & AccessPress ReleaseThreat Detection & Defense

Tenable Unveils AI-Driven Identity Security Integration for Enhanced Exposure Management Platform

Tenable®, the Exposure Management company, announced the addition of several new identity-aware features that harness the power of artificial intelligence (AI) and machine learning to provide a unified view of all user identities and entitlement risks, whether on-prem or in the cloud. Tenable Identity Exposure now gives customers the most advanced vulnerability and asset risk prioritization capabilities to identify and disrupt attack paths through Active Directory (AD). The solution is fully integrated within the Tenable One Exposure Management Platform.

According to a study conducted by Forrester Consulting on behalf of Tenable, half (50%) of surveyed IT and security professionals globally say they lack an effective way to integrate user privilege data into their vulnerability management practices. This is a problem, as AD is typically the central source of truth for most critical business applications and services within an enterprise. Compromising AD and abusing access are popular methods used in ransomware and other attacks.

Traditional AD security tools provide point-in-time scans and aggregate millions of event logs only to deliver out-of-date visibility into the security posture of directory services. Tenable Identity Exposure enables organizations to address the gaps that have existed in AD security for decades. It helps customers reduce the attack surface of their AD, providing continuous AD assessment, real-time attack detection, AI-driven exposure and risk prioritization, and detailed remediation instructions.

Tenable Identity Exposure now allows companies to manage their AD security posture across hybrid cloud environments at all times and visualize any active threats to their identities. New Tenable Identity Exposure features include:

  • Identity Unification and Identity Explorer – a view of entitlements across on-premises and cloud-based AD deployments. This provides the most accurate assessment of identity risk and unmatched intelligence to help prevent exploited identity exposures. This feature provides the most complete understanding of how to prevent identities from being used for privilege escalation or other attack vectors.
  • Identity Risk Score (powered by Tenable’s Artificial Intelligence and Data Science Engine) – new capability that uses mature AI and machine language models to quantify the risk of an asset by combining the vulnerability, exposure and identity entitlements of an asset, leveraging Tenable’s industry leading exposure management data.
  • Azure Active Directory support – extended support for protecting public and hybrid cloud Azure Active Directory deployments, so customers can unify identities across environments and manage cloud identity risk with Indicators of Exposure specific to Azure AD. With the shift of business applications to the cloud, alongside Active Directory, Azure AD has become a critical access control point.

Full integration of these capabilities within the Tenable One Exposure Management Platform includes single sign-on, data sharing and app switching between solutions, providing identity awareness for vulnerability, attack path analysis, cloud posture and web application security practices.

“Access misconfiguration and weak identities are at the heart of ransomware attacks and corporate data breaches. Threat actors are only one identity vulnerability away from breaking into SaaS applications and stealing data. By leveraging modern AI techniques, Tenable can now quickly identify and prioritize identity and entitlement-related problems across AD and Azure AD,” said Nico Popp, chief product officer. “The ability to safeguard identities both on-prem and in the cloud is essential for empowering customers to prevent attacks rather than just clean up the aftermath.”

More information on identity security from Tenable is available at: https://www.tenable.com/products/tenable-ad

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *