Tenable joins with IBM Security X-Force Red to disrupt attacks beforehand

Tenable®, Inc. has announced the expansion of its strategic partnership with IBM Security X-Force Red to provide complete Active Directory security services that continually identify and prevent attacks against the Active Directory and connected environment in real-time. Organizations may discover and disrupt attack opportunities before bad actors can use them by combining Tenable.ad’s capability with X-Force Red’s team of expert hackers.

“Vulnerable and misconfigured Active Directories are behind nearly every major cyberattack today. By leveraging known flaws and misconfigurations, bad actors can elevate privileges and move laterally through networks,” said Mark Thurmond, chief operating officer, Tenable. “We’re excited to partner with X-Force Red to find and fix Active Directory weaknesses before they become tomorrow’s attack path.”

“If you don’t understand your Active Directory attack surface, the risk of a compromise increases. And it’s not just an initial compromise. Attackers can leverage Active Directory to access other sensitive areas of your environment. That’s why continuously finding and fixing Active Directory vulnerabilities must be an essential part of every security program,” said Charles Henderson, Global Managing Partner and Head of X-Force.

Active Directory is a target-rich environment that, if left insecure, can provide attackers with access to domain privileges and control. Most organizations struggle with Active Directory security as domains get more complicated, resulting in security teams being unable to detect and address defects before they become business-impacting concerns.

The X-Force Red team uses Tenable.ad to identify Active Directory misconfigurations and other flaws and provides deployment, configuration, support, and tool management. The team then selects the most dangerous defects based on weaponization and oversees the entire remediation process from start to finish. As a result, the Active Directory infrastructure has been hardened, attack paths have been disrupted, and bad actors have no further steps.