View Mitigations Details in Lumin

The following feature is not supported in Federal Risk and Authorization Management Program (FedRAMP) environments. For more information, see the FedRAMP Product Offering.

Required Additional License: Tenable Lumin

Required Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

If you run an authenticated scan based on the Basic Network Scan template or Advanced Network Scan template or an agent scan based on the Basic Agent Scan or Advanced Agent Scan template, Tenable automatically enables the plugins required to detect mitigations present on your assets. Lumin defines mitigations as endpoint protection agents, which include antivirus software, Endpoint Protection Platforms (EPPs), or Endpoint Detection and Response (EDR) solutions.

Then, you can use Lumin Mitigations data to assess whether your assets are covered properly with the endpoint protection agent software.

You must enable certain plugins in your authenticated and agent scans to detect endpoint protection agents on your assets. For more information, see Plugins for Mitigation Detection.

Before you begin:

  • Enable the required plugins in your scans.
  • Run your scans before checking the Mitigations page.

To view a list of endpoint protection agents on your assets:

  1. Navigate to the new interface, as described in  .

  2. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  3. In the left navigation plane, click Lumin.

    The Lumin dashboard appears.

  4. In the Mitigations widget, click More Details.

    The Lumin Mitigations page appears.

Note: All Lumin data reflects all assets within the organization's instance.

Section Action
Exports button Download previously generated export files.
Date range selector Change the date range for the mitigations table. For more information, see Tables.
Filters box

Filter the data displayed in the mitigations table.

Search box Search the mitigations table by product name. For more information, see Tables.
Mitigations table

In this table, you can:

  • Sort, increase or decrease the number of rows per page, or navigate to another page of the table. For more information, see Tables.
  • Export mitigations.
  • To view a list of assets with a specific endpoint protection agent present, click the asset count in the appropriate column:

    • All Assets to view all assets regardless of the asset ACR
    • Critical Assets to view Critical ACR assets
    • High Assets to view High ACR assets

    The Assets page appears, filtered by licensed assets, ACR severity, the mitigation product name, the mitigation vendor name, the mitigation version, and the past 90 days. For more information, see View Assets.