Tenable Network Security Japan Co., Ltd. announced new features for “Tenable Identity Exposure” to strengthen identity security on the 6th. The new features will identify identity risks and prevent attacks that exploit identities before they occur.
Tenable Country Manager Naoya Kijima lists four areas of focus for the company in Japan in 2025: Continuous Threat Exposure Management (CTEM), cloud security , vulnerability management, and identity exposure. The new features announced this time address the fourth point, identity exposure. “Many of the reasons for the success of cyber attacks are identity violations. Therefore, Tenable will focus on this area to support our customers in Japan,” said Kijima. The new features are “Identity 360,” which provides a unified view of identity analysis, an enhanced compliance dashboard, and a new security exposure analysis engine, “Exposure Center.” Identity 360 complements the traditional control plane functions, is equipped with identity-centric functions, and “assess identities 360 degrees,” said Junpei Abe, a senior security engineer at Tenable. For example, it performs identity-based assessments and risk analysis, such as whether identity settings are safe. If you have both on-premises Active Directory and cloud-based Entra ID as a common identity, you can perform risk analysis from both sides. “Risks are determined by thoroughly visualizing identities, such as which assets the identity can access and which groups it belongs to,” Abe explained.
The enhanced dashboard corresponds to the security guidance issued by the Five Eyes (an information sharing agreement between the United States, the United Kingdom, Canada, Australia, and New Zealand) for Active Directory in September 2023. The dashboard allows you to check the status of measures against the guidance. “In addition to being able to check the number of violations of the guidance, the compliance status is displayed as a percentage. You can also see the improvement or deterioration of the response over time,” said Abe. The Exposure Center is a newly built analysis engine that was previously available in Tenable Identity Exposure. “Previously, we mainly focused on on-premise Active Directory, but the Exposure Center has strengthened the risk reporting function, focusing on cloud-based Entra ID,” Abe said. With this Exposure Center, countermeasure information for identity-related weaknesses discovered through research and analysis will also be reflected immediately in the system. “We provide scripts, such as reports on countermeasures for problems, so you can run the scripts and fix them immediately,” Abe said.
In addition, the evaluation items for Entra ID, which were previously only seven items, have been expanded to 40 items, and the Japanese UI is also supported. As for the latest information other than Tenable Identity Exposure, Takashima mentioned Vulcan Cyber, which was acquired in February, and said , “With the acquisition of Vulcan Cyber, we will be able to manage third-party information on the Tenable platform .” Takashima spoke about future plans, saying, “We will integrate the UI within this month, and update it so that we can input third-party information in the second quarter, from April to June.”
SOURCE: Yahoo