Get Started with Tenable Lumin

You can use Tenable Lumin to quickly and accurately assess your risk and compare your health and remediation performance to other Tenable customers in your Salesforce industry and the larger population. Tenable Lumin correlates raw vulnerability data with asset business criticality and threat context data to support faster, more targeted analysis workflows than traditional vulnerability management tools.

Tenable recommends the following to get started with Tenable Lumin data and functionality.

License and Enable

Acquire a Tenable Lumin license and enable Tenable Lumin in Tenable Vulnerability Management.

  1. To add Tenable Lumin to your Tenable Vulnerability Management license, contact your Tenable representative.

  2. In your browser, disable features that may prevent you from enabling Tenable Lumin:
    • Ad blocker extensions
    • Do Not Track (Mozilla Firefox, Google Chrome, Apple Safari, or Microsoft Internet Explorer)

    • Protected Mode (Microsoft Internet Explorer)

    Tip: You can re-enable these features after you fully enable Tenable Lumin.

  3. Log in to Tenable Vulnerability Management, as described in Log In to Tenable Lumin.

    The Tenable Lumin welcome window appears.

  4. Follow the wizard to enable Tenable Lumin.

    The Lumin dashboard appears.

Prepare

Generate data and learn about Tenable Lumin terminology.

Tenable Vulnerability Management Only Tenable Security Center + Tenable Vulnerability Management Tenable Lumin

  1. Run an authenticated assessment scan in Tenable Vulnerability Management to generate vulnerability data.

    Note: You must run scans to start seeing data in Tenable Lumin views; Tenable Lumin shows scan result data generated after you licensed Tenable Lumin. For more information, see Tenable Lumin Data Timing.

    Note: Tenable Lumin does not support third-party integration data.

  2. Create tags in Tenable Vulnerability Management to add business context to your assets.

  3. Review the metrics terminology to understand Vulnerability Priority Rating (VPR) and Asset Criticality Rating (ACR) values and how they impact your Asset Exposure Score (AES), Assessment Maturity grade, and Cyber Exposure Score (CES).

  4. Allow sufficient time for your metrics to calculate. For more information, see Tenable Lumin Data Timing.

  1. Sync repositories to Tenable Lumin from Tenable Security Center. All vulnerability data is synced immediately.

    Note: Tenable Lumin does not support third-party integration data.

  2. Create assets in Tenable Security Center to add business context to your assets.

  3. Configure Tenable Security Center to Tenable Lumin synchronization.

    Allow sufficient time for the synchronization to complete. For more information, see Tenable Lumin Data Timing.

  4. View your assets as business context tags in Tenable Vulnerability Management. For more information, see Manage Asset Tags.
  5. Review the metrics terminology to understand Vulnerability Priority Rating (VPR) and Asset Criticality Rating (ACR) values and how they impact your Asset Exposure Score (AES), Assessment Maturity grade, and Cyber Exposure Score (CES).
  6. Allow sufficient time for your metrics to calculate. For more information, see Tenable Lumin Data Timing.

Assess Your Exposure

Note: All Tenable Lumin data reflects all assets within the organization's Tenable Vulnerability Management instance.

Review your CES and perform vulnerability management analysis.

  1. Use the Tenable Lumin dashboard to understand your CES and access details pages.

    • Cyber Exposure Score widget — How does your overall risk compare to other Tenable customers in your Salesforce industry and the larger population?

    • Cyber Exposure Score Trend widget — How has the overall risk for your entire organization changed over time?
    • Assessment Maturity widget — How frequently and thoroughly are you scanning your assets?
    • Remediation Maturity widget — How quickly and thoroughly are you remediating vulnerabilities on your assets?
    • Reduce Cyber Exposure Score widget — What would the impact be if you addressed all of your top 20 recommended actions?
    • Asset Criticality Rating Breakdown widget — How critical are your assets?
    • Asset Scan Distribution widget — What types of scans have run on your assets?
    • Mitigations widget — What endpoint protection agents are running on your assets?

    • Cyber Exposure Score by Business Context/Tag widget — How do assets with different tags (unique business context) compare?

  2. To browse the most critical vulnerabilities on your network, sort your vulnerabilities by VPR.
  3. To browse the most critical assets on your network, sort your assets by ACR.

Customize Your ACR Values

Review the Tenable-provided ACR values and customize them to reflect the unique infrastructure or concerns of your organization.

  1. Use the Assets page to review the Tenable-provided ACR values for your assets.

    • Do any of your assets have ACR values that seem too high for the relative criticality of that asset?
    • Do any of your assets have ACR values that seem too low for the relative criticality of that asset?
  2. If necessary, manually customize your asset ACR values.

Lower Your CES and AES

You must address vulnerabilities on your network to lower your CES and AES.

Important: Private findings are excluded from all scores in Tenable Lumin. For more information see Findings.

  1. View lists of Tenable-recommended action items:

  2. Follow the recommendations and take steps to address the vulnerabilities on your network.

Mature

Mature your vulnerability management strategy.

  • Continue monitoring and addressing vulnerabilities to lower your CES and AES.
  • Continue exporting and sharing recommended actions (solutions) data with others in your organization to refine your vulnerability management strategy.