Disrupting Attack Paths: Why Tenable's Acquisition of Alsid Matters

This acquisition allows us to combine Tenable's ability to assess the state of the digital infrastructure with Alsid's ability to assess the state of Active Directory, helping security professionals answer the question: how secure are we?

Today, with great pride, I'm pleased to announce Tenable's acquisition of Alsid has been approved. Founded in 2016 by Emmanuel Gras and Luc Delsalle, former incident responders from the French National Cybersecurity Agency (ANSSI), Alsid represents the finest of French innovation: a pioneering technology solution which aims to resolve a critical cybersecurity challenge that has been top-of-mind for CISOs and IT leaders for over two decades. Exploiting user privileges via Active Directory is a favorite and predictable tactic used for everything from the most sophisticated compromises to the most quotidian hacks.

The majority of Alsid employees are based in Paris and our presence in France remains a priority for Tenable as we recognize the incredible pool of cybersecurity talent the country has to offer. We welcome Gras and Delsalle to the Tenable management team and we welcome the organization's talented professionals to team Tenable, where we'll work together to continue developing innovative solutions for Active Directory security.

While its roots are in France, Alsid's mission is decidedly global: 90% of the Fortune 1000 use Active Directory as their primary method of user authentication and authorization.

I've personally followed Alsid for some time now and I'm honored to welcome the company into the Tenable fold. Recent events, including the SolarWinds breach and the Microsoft Exchange hack, emphasize the need for Active Directory security. Successful breaches are followed by attacks on Active Directory to escalate privileges, move laterally, install malware, and exfiltrate data. Tenable's acquisition of Alsid positions us to not only enable our existing customer base to reduce cyber risk but also to help expand the potential market for this best-in-class technology. By combining Tenable's ability to assess the state of the digital infrastructure with Alsid's ability to assess the state of Active Directory, we give security professionals in even the most complex enterprise user environments a more holistic view of risk and the ability to predict which issues to fix first.

To that end, I'm pleased to introduce Tenable.ad, a new solution leveraging Alsid technology to secure Active Directory environments and disrupt one of the most common attack paths in both advanced persistent threats and common hacks.

By combining vulnerability and misconfiguration data, threat intelligence and account permissions, Tenable.ad offers users a risk-based, proactive approach to finding and fixing weaknesses in Active Directory. It detects ongoing attacks without the need to deploy agents or leverage privileged accounts.

With Tenable.ad, users can:

• Discover and map their entire Active Directory attack surface and identify vulnerabilities and misconfigurations as they are introduced 

• Prioritize their remediation of Active Directory vulnerabilities and misconfigurations 

• Detect and respond to Active Directory attacks and hunt for threats in the system

• Measure their Active Directory security posture and active threats at all times


Tenable.ad, now generally available, is a Software as a Service (SaaS) solution with an on-premises deployment option. Existing Alsid SaaS customers have the option of upgrading to Tenable.ad immediately.

Improving Active Directory security is the next critical step in Risk-based Vulnerability Management. By empowering organizations to prioritize their vulnerability management results based on the privileges afforded to each end-user in the system, we're effectively disrupting the attack paths hackers use to install malware, move laterally and exfiltrate data. With Tenable.ad, organizations around the world will be better prepared than ever to answer the critical question: How secure are we?

Learn more:

• Read the blog: Disrupting the Pervasive Attacks Against Active Directory and Identities
• Find out more about Tenable.ad here: https://www.tenable.com/products/tenable-ad
• Attend the webinar: Introducing Tenable.ad: Secure Active Directory and Disrupt Attack Paths