this post was submitted on 09 Aug 2023
1 points (100.0% liked)

The War Room

1 readers
1 users here now

Community for various OSINT news and subject matter for open discussion or dissemination elsewhere

founded 1 year ago
MODERATORS
 

Introducing ExposureAI in Tenable One: Meet the Future of Preventive Cybersecurity

The Tenable One Exposure Management Platform is already transforming how organizations practice preventive cybersecurity. Now, with the introduction of Exposure AI, users can unleash the full potential of generative artificial intelligence to stay one step ahead of attackers.

Today, we unveiled ExposureAI in the Tenable One Exposure Management Platform, giving you new generative AI capabilities that will boost your preventive cybersecurity by elevating your cyber expertise. ExposureAI will help you accelerate how you search, analyze and make decisions so you can stay ahead of attackers.

Generative AI tools will change the way cybersecurity teams operate at a time when you’re facing unprecedented pressure as cyber defenders:

We believe the future of preventive security is Exposure Management, powered by AI.

Search, explain and drive action faster with ExposureAI

ExposureAI will provide new insights to make exposure management more accessible, turning all analysts into expert defenders. Delivering the best AI-based capabilities requires having the best data, and we have the largest repository of contextual exposure data in the world. Specifically, ExposureAI leverages 1 trillion unique exposures, assets and security findings encompassing:

  • 60 billion exposure events
  • 800 million different security configurations
  • 1 billion assets

This massive data platform that fuels the ExposureAI engine is called the Tenable Exposure Graph, our Snowflake-powered data lake.

Tenable One Exposure Management Platform

ExposureAI will enhance exposure management programs in three important ways over the coming weeks and months:

Search

Finding needles in a haystack is hard, and so is searching for specific exposure and asset data. It often requires figuring out what filters are available, understanding which assets and exposures are supported by those filters, and running through an iterative exercise to whittle down the data until you discover exactly what you need. More skilled users could also take advantage of APIs and scripts to automate some of those tasks. But either approach takes significant time and resources.

ExposureAI introduces new ways to discover the data you’re looking for. Now, you will simply be able to ask questions using natural language search queries to accelerate the search process. Need to know your exposure to Log4Shell? No need to toggle through nested filters to create the query. Just type in, “How many assets have log4j installed,” and ExposureAI using generative AI will translate the question into a SQL-like query in the background to pull the relevant data. Are you focused only on users with keys to the kingdom? Just modify your query accordingly: “How many assets with Domain Administrator access have log4j installed?”

Tenable Cyber Asset Management1

Example of natural language search queries in Tenable One

Tenable Cyber Asset Management2

Sample results from natural language search query

Explain

Understanding exposures in the proper context can also be challenging and time intensive. Many factors must be considered as part of the analysis, such as exposure details, asset or resource characteristics, user entitlements, external accessibility and attack path details. Let’s use attack path analysis to illustrate this point. Typical attack path analysis solutions provide comprehensive insight from the threat actor’s perspective pertaining to specific attacker entry points, asset targets and threats. This information is generally displayed in a visual format to easily show and toggle between all potential paths with asset and user relationships. To understand the full attack sequence, analysts need to click on each node for step-by-step details, which requires elevated expertise to interpret the results and is extremely time consuming.

Attack Path Analysis in Tenable One uses ExposureAI to help eliminate that manual analysis by incorporating generative AI to summarize the complete attack path in a written narrative. Each narrative describes the attacker's tactics, techniques and procedures (TTPs) from the initial entry point all the way to the asset target. ExposureAI translates the attack path visualization details for faster explanation and analysis so that users can quickly make judgments on each attack path. This enables security generalists who don’t have PhDs in attack path analysis to understand powerful attacker-centric context into different exposures and use those insights to take precise and effective action.

Tenable One Attack Path Analysis

Example of how ExposureAI explains an attack path from entry point to critical asset

Action

Making decisions regarding what security issues to address first is an age-old challenge. As mentioned above, organizations are bombarded with vulnerability and misconfiguration overload. Prioritizing and taking action to remediate high-risk exposures often requires you to know exactly where to look. And given today’s highly dynamic threat landscape, it’s important that practitioners constantly stay updated as threats evolve.

ExposureAI will help security teams be much more proactive in addressing emerging cyber risks. By using generative AI to continuously analyze exposure and asset data, ExposureAI will surface high-risk exposure insights and recommend actions, such as addressing software vulnerabilities, cloud misconfigurations, web app flaws and identity weaknesses. That’ll help you stay ahead of emerging threats. Stay tuned for more about this use case in the coming months.

Join Us at Black Hat USA 2023!

If you’re attending Black Hat USA 2023, please stop by booth #1632 to see ExposureAI demos of Tenable One and attend talks with our subject matter experts about generative AI.

Stay tuned for more information in the coming weeks. We’ll be providing additional product details in upcoming Tenable webinars, Tenable Community posts and Tenable Product Education videos.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here