TOC & Recently Viewed

Recently Viewed Topics

Get Started with Lumin

You can use Tenable Lumin to quickly and accurately assess your Cyber Exposure risk and compare your health and remediation performance to other Tenable customers in your Salesforce industry and the larger population. Lumin correlates raw vulnerability data with asset business criticality and threat context data to support faster, more targeted analysis workflows than traditional vulnerability management tools.

Tenable recommends the following to get started with Lumin data and functionality.

License

To add Lumin to your Tenable.io license, contact your Tenable representative.

Prepare

Before you begin, generate data and learn about Lumin terminology.

  • Run scans in Tenable.io to generate vulnerability data.

    Note: You must run scans to start seeing data in Lumin views; Lumin displays scan result data generated after you licensed Lumin.

  • Create tags in Tenable.io to add business context to your assets.
  • Review the metrics terminology to understand what Vulnerability Priority Rating (VPR) and Asset Criticality Rating (ACR) values are and how they impact your Asset Exposure Score (AES) and Cyber Exposure Score (CES).

Assess Your Exposure

Note: All data in Lumin (except the CES for your entire organization) reflects only the assets shared with your user account. For more information, see Access Groups.

Review your CES and perform vulnerability management analysis.

  1. Use the Lumin dashboard to understand your CES.

    • Cyber Exposure Score widget — How does your overall risk compare to other Tenable customers in your Salesforce industry and the larger population?

    • Cyber Exposure Score Trend widget — How has your overall risk changed over time?
    • Cyber Exposure Score by Business Context widget — Which of your assets, grouped by business context tag, have the highest and lowest risk?

  2. Assess your vulnerabilities:

  3. Assess your assets:

Customize Your ACR Values

Review the Tenable-provided ACR values and customize them to reflect the unique infrastructure or concerns of your organization.

  1. Use the Lumin Assets view to review the Tenable-provided ACR values for your assets.

    • Do any of your assets have ACRs that seem too high for the relative criticality of that asset?
    • Do any of your assets have ACRs that seem too low for the relative criticality of that asset?
  2. Customize your asset ACR values.

Lower Your CES and AES

You must address vulnerabilities on your network to lower your CES and AES.

  1. View a Tenable-provided list of top 20 recommended actions or a complete list of all solutions for your network.

    Export recommended actions data, as necessary.

  2. Follow the recommendations and take steps to address the vulnerabilities on your network.

Mature

Mature your vulnerability management strategy.

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.