Recently Viewed Topics
Get Started with Lumin
You can use Tenable Lumin to quickly and accurately assess your Cyber Exposure risk and compare your health and remediation performance to other Tenable customers in your Salesforce industry and the larger population. Lumin correlates raw vulnerability data with asset business criticality and threat context data to support faster, more targeted analysis workflows than traditional vulnerability management tools.
Tenable recommends the following to get started with Lumin data and functionality.
To add Lumin to your Tenable.io license, contact your Tenable representative.
Before you begin, generate data and learn about Lumin terminology.
Run scans in Tenable.io to generate vulnerability data.
Note: You must run scans to start seeing data in Lumin views; Lumin displays scan result data generated after you licensed Lumin.
- Create tags in Tenable.io to add business context to your assets.
- Review the metrics terminology to understand what Vulnerability Priority Rating (VPR) and Asset Criticality Rating (ACR) values are and how they impact your Asset Exposure Score (AES) and Cyber Exposure Score (CES).
Assess Your Exposure
Review your CES and perform vulnerability management analysis.
Use the Lumin dashboard to understand your CES.
Cyber Exposure Score widget — How does your overall risk compare to other Tenable customers in your Salesforce industry and the larger population?
- Cyber Exposure Score Trend widget — How has your overall risk changed over time?
Cyber Exposure Score by Business Context widget — Which of your assets, grouped by business context tag, have the highest and lowest risk?
Assess your vulnerabilities:
Assess your assets:
Customize Your ACR Values
Review the Tenable-provided ACR values and customize them to reflect the unique infrastructure or concerns of your organization.
Use the Lumin Assets view to review the Tenable-provided ACR values for your assets.
- Do any of your assets have ACRs that seem too high for the relative criticality of that asset?
- Do any of your assets have ACRs that seem too low for the relative criticality of that asset?
- Customize your asset ACR values.
Lower Your CES and AES
You must address vulnerabilities on your network to lower your CES and AES.
Export recommended actions data, as necessary.
- Follow the recommendations and take steps to address the vulnerabilities on your network.
Mature your vulnerability management strategy.
- Continue monitoring and addressing vulnerabilities to lower your CES and AES.
- Export and share recommended actions (solutions) data with others in your organization to refine your vulnerability management strategy.