An exposure management company, has announced the launch of several new distinctive Identity Security products that use the power of Artificial Intelligence (AI) and Machine Learning (ML) to provide a unified view of all user identities and entitlement risks.
According to a study conducted by Forrester Consulting on behalf of Tenable, half (50 percent) of surveyed IT and security professionals worldwide say they lack an effective way to integrate user rights data into their vulnerability management. This poses a serious problem, since Active Directory is typically something of the single source of truth for most mission-critical applications and services in an organization. AD attacks and access abuse are popular methods used in ransomware and other attacks.
Identity security in real time
Traditional AD security tools run point-in-time scans and collate millions of event logs, but these provide only an outdated view of the directory services security posture. Tenable Identity Exposure enables organizations to close the gaps that have existed in AD security for decades. Tenable Identity Exposure now helps customers reduce their Active Directory attack surface by providing continuous AD assessment, real-time attack detection, AI-driven exposure and risk prioritization, and detailed remediation guidance.
Tenable Identity Exposure now enables organizations to manage their AD security posture across hybrid cloud environments at any time and visualize all active threats to their identities. Some of the new features of Tenable Identity Exposure include:
- Identity unification and Identity Explorer - A view of the permissions in on-premises and cloud-based AD installations. This provides a particularly accurate assessment of identity risk and valuable information to prevent the use of identity details. This feature provides the most comprehensive understanding of how to prevent identities from being used for privilege escalation or other attack vectors.
- Identity Risk Score (powered by Tenable's Artificial Intelligence and Data Science Engine) – a new capability that uses sophisticated AI and machine language models to quantify an installation's risks by combining vulnerability, compromise, and identity credentials, and Tenable's industry-leading exposure management data used.
- Azure Active Director supporty - Expanded support for protecting Azure Active Directory implementations in public and hybrid clouds, enabling customers to unify identities across environments and manage cloud identity risks with Azure AD-specific indicators of compromise. As business applications move to the cloud, Azure AD has become a key access control point alongside Active Directory.
Full integration of these capabilities into Tenable One Exposure's management platform includes single sign-on, data sharing, and app switching between solutions. It provides identity awareness for vulnerabilities, analysis of attack paths, cloud issues and web application security practices.
Nico Popp, Chief Product Officer at Tenable, adds: “Access misconfigurations and weak identities are at the heart of ransomware attacks and corporate data breaches. Threat actors are often just one identity vulnerability away from breaking into SaaS applications and stealing data. Using modern AI techniques, Tenable can now quickly identify and prioritize identity and permissions-related issues across AD and Azure AD systems. The ability to protect identities both on-prem and in the cloud is critical to enabling customers to prevent attacks, rather than just remediating the consequences.”
More at Tenable.com
About Tenable Tenable is a Cyber Exposure company. Over 24.000 companies worldwide trust Tenable to understand and reduce cyber risk. Nessus inventors have combined their vulnerability expertise in Tenable.io, delivering the industry's first platform that provides real-time visibility into and secures any asset on any computing platform. Tenable's customer base includes 53 percent of the Fortune 500, 29 percent of the Global 2000, and large government agencies.