On-Demand Webinar / Exposure Management

Exposure Management Training

点播

A technical deep-dive into operationalizing Tenable One (3 hours)

Join us for a free hands-on workshop to experience Tenable One, the exposure management platform that unifies visibility, provides deep context, and enables decisive action across your entire attack surface.

You’ll learn through a combination of presentations and hands-on labs how Tenable One transcends traditional vulnerability management by unifying siloed security data into a single, context-aware platform. We will shift the focus from merely finding CVEs to understanding the complex relationships between assets, identities, and configurations—allowing you to prioritize and eradicate the risks that actually matter.

This session provides tips and tricks needed to move beyond basic data - allowing you to know your vulnerabilities, expose true threats, and close your most critical gaps.

Agenda:

  • The Shift to Exposure Management: Why "vulnerability management" is no longer enough in a world of Cloud, OT, and AI.
  • The Universal Asset Inventory: Break down silos by unifying Cloud (CNAPP), Identity (AD), IT, and OT into a single, comprehensive view of your attack surface.
  • Exposure Response: Upskill your team to react swiftly to newly discovered high-priority exposures by providing actionable insights and automated workflows.
  • Attack Path Analysis: A deep-dive lab into identifying "Toxic Combinations"—where minor misconfigurations and identities collide to create a direct path to your crown jewels.
  • Mobilization and Reporting: Accelerate collaboration between security and remediation teams by transforming complex exposure data into prioritized, actionable workflows. Quantify the impact of your Exposure Management Program with clear, high-level reporting on program health and progress.

Who Should Watch? 
Security practitioners, analysts, and managers who are looking to evolve their program from reactive vulnerability scanning to a proactive, platform-driven Exposure Management strategy.

Click here to review the webinar summary

TENABLE ONE:Transforming Vulnerability Management into Exposure Management

This webinar provides a comprehensive overview of how Tenable One shifts organizations from traditional vulnerability management to a proactive exposure management strategy, detailing its capabilities for unified visibility, risk prioritization, and streamlined remediation.

[00:00:00] Understanding Exposure Management and the Evolving Threat Landscape

This section discusses the strategic importance of exposure management, outlining the challenges faced by organizations in a rapidly expanding attack surface and introducing Tenable's approach to consolidating disparate security insights.

  • Shift to Exposure Management: Explores the move from managing individual vulnerabilities and misconfigurations to identifying "toxic combinations" that pose the greatest impact on an organization's crown jewels and mission-critical applications.
  • Common VM Challenges: Addresses issues like tool and vendor sprawl, lack of an attack path perspective, rapid technology adoption (cloud, OT, AI), and the overwhelming noise from siloed security findings.
  • Attack Perspective: Emphasizes that attackers don't operate in silos; they exploit relationships between assets, identities, and misconfigurations, highlighting the need for a holistic view of potential attack paths.
  • Tenable One's Approach: Introduces Tenable One as a platform that unifies vision by collecting data from Tenable and third-party tools, unifies insight through normalization and business context, and mobilizes action with reporting and automated remediation.

[00:30:41] The Tenable Journey: Evolving from VM to Exposure Management

This segment shares Tenable's own successful transition to an exposure management framework, illustrating the tangible benefits of a unified approach and tracing the maturation path from basic vulnerability management to a comprehensive exposure management strategy.

  • Tenable's Transformation: Highlights Tenable's internal experience in unifying visibility across 15 tools in 48 hours, leading to a 10x increase in attack surface visibility and a massive reduction in alerts (15,000 to 10 tickets).
  • Evolution Stages: Details the progression from Traditional Vulnerability Management (tactical, large reports), to Risk-Based Vulnerability Management (adding business context and threat intelligence), Unified Vulnerability Management (bringing all attack surface types together), and finally to Exposure Management (incorporating identity, permissions, and attack path analysis).
  • Identity's Critical Role: Stresses the importance of identity as the connective tissue in attack paths, enabling a better understanding of lateral movement and privilege escalation possibilities, which traditional vulnerability management often misses.
  • Future Directions: Discusses the potential for integrating compensating controls (like firewalls and other security solutions) into the exposure management model to further enhance risk reduction.

[00:46:27] Unified Asset Inventory and Software Management

This section delves into the core of Tenable One's unified asset inventory, demonstrating how it consolidates diverse asset and software data, normalizes risk scoring, and provides deep, actionable insights across the entire attack surface.

  • Consolidated Asset View: Provides a single pane of glass for all assets, including those across multiple cloud environments (AWS, Azure, GCP, Oracle Cloud), OT, and IT, offering complete visibility.
  • Asset Exposure Scoring (AES): Explains the normalized AES, which combines vulnerability data with automatically assigned asset criticality to quickly identify the riskiest assets in the environment.
  • Detailed Asset Insights: Shows how to drill down into specific asset details, including associated users, relationships, attack paths, operating system information, open ports, and installed software, consolidating data from various sources including third-party connectors.
  • Unified Software Inventory: Demonstrates the ability to view all software across assets, filter by end-of-life status, versions, and hosts, and efficiently answer queries about software presence and deployment.
  • Centralized Findings: Illustrates a unified view of vulnerabilities and weaknesses (misconfigurations), emphasizing the use of Tenable's Vulnerability Priority Rating (VPR) for prioritization, even for findings from third-party tools like Microsoft Defender for Endpoint.

[01:31:01] Leveraging Exposure Signals for Laser-Focused Remediation

This segment explains how Exposure Signals in Tenable One enable organizations to pinpoint the most critical risks by combining vulnerability data with business context, thereby facilitating a more strategic and effective remediation approach.

  • Targeted Risk Identification: Shows how Exposure Signals move beyond generic "patch all criticals" directives to a more focused approach, such as "patch criticals on externally facing assets," enabling teams to prioritize work that truly reduces exposure.
  • Built-in Signals: Presents pre-configured exposure signals like "Web app with end-of-life technologies" or "Crown jewels with attack paths," which provide immediate insights into critical risk combinations from various data sources.
  • Custom Signals (Future Capability): Mentions the ability to create custom exposure signals, allowing organizations to define their own specific risk combinations based on their unique environment and business context.
  • Advanced Vulnerability Intelligence: Highlights how the platform incorporates advanced telemetry, such as whether a functional exploit exists, if a vulnerability is part of an active campaign by a specific hacking group, or if it targets particular geographies or industries, to further refine prioritization.

[02:00:16] Visualizing and Mitigating Attack Paths

Discover the power of Attack Path Analysis within Tenable One, which visualizes potential attacker routes to critical assets, helps understand lateral movement, and identifies key "choke points" for effective mitigation strategies.

  • Visualizing Attack Routes: Demonstrates a matrix view of attack paths based on the exposure score of source nodes and the criticality of target assets, offering a clear visual representation of high-risk routes.
  • Understanding Attack Techniques: Explores how Tenable One identifies and categorizes attack techniques (e.g., RDP, exploitation of remote services), providing detailed information about each step in a potential attack chain.
  • MITRE ATT&CK Integration: Shows the mapping of identified attack techniques to the MITRE ATT&CK framework, allowing security teams to understand their vulnerabilities in the context of known adversary tactics and techniques for enterprise and ICS environments.
  • Choke Point Analysis with AI: Illustrates the AI assistant's capability to analyze complex attack paths and recommend optimal "choke points" – specific vulnerabilities or misconfigurations where remediation would most effectively disrupt the entire attack path, along with recommended mitigations.

[02:26:01] Streamlining Action with Ticketing and Reporting

This section explores how Tenable One facilitates actionable remediation through automated ticketing system integrations and provides comprehensive, business-aligned reporting to track security posture and operational efficiency.

  • Automated Ticketing: Demonstrates the ability to automatically create and manage tickets in IT service management (ITSM) systems like Jira and ServiceNow directly from Tenable One, integrating remediation workflows seamlessly into existing operational processes.
  • Custom Initiatives: Shows how to define exposure initiatives based on specific tags (e.g., business units, locations) and vulnerability types (e.g., remotely exploitable, ransomware vulnerabilities), allowing for targeted remediation campaigns.
  • Global Exposure Cards: Introduces the concept of global cyber exposure scorecards, providing an overall risk rating (A-F), allowing organizations to set target scores, and benchmarking their security posture against Tenable's overall customer population and industry peers.
  • Benchmarking and Trends: Highlights the ability to track trends in the exposure score over time, with clear indicators of events that cause score changes, enabling security teams to understand and communicate the impact of their efforts.
  • Remediation SLAs and Velocity: Illustrates how to set and track remediation Service Level Agreements (SLAs) for different risk levels and visualize remediation velocity, providing insights into team performance and identifying bottlenecks in the patching process.

Watch the Full Webinar

Dive deeper into how Tenable One can revolutionize your organization's cybersecurity posture by providing unparalleled visibility and actionable insights across your entire attack surface.


演讲嘉宾

Richard Najdecki
Richard Najdecki

高级安全工程师 Tenable

资源

白皮书
A strategic briefing on frontier AI and exposure management
产品资料
Tenable Hexa AI:Tenable One 暴露风险管理的代理式引擎
解决方案
使用 Tenable One Cloud Exposure 实现全面的左移安全