View Your CES

By default, the Lumin Exposure View displays your Global Cyber Exposure Score. You can select a specific card via the Exposure Cards library to view your Cyber Exposure Score for that card. CES data is available for the following categories:

  • Tenable-provided exposure cards, which include:

    • Global — All internal and external data within Lumin Exposure View.

    • Computing Resources — All data from Tenable Vulnerability Management sources.

    • Identities — All data from Tenable Identity Exposure sources.

    • Web Application — All data from Tenable Web App Scanning sources.

    • Cloud Resources — All data from Tenable Cloud Security sources.

  • Data from user-created custom exposure cards.

Note: Because exposure card scores are globally calculated, role-based access control (RBAC) does not affect card data in the Lumin Exposure View.

Note: Lumin Exposure View does not include assets older than 90 days in your CES.

To view your CES for an exposure card:

  1. Access the Exposure Cards library.

    A list of exposure cards appears.

  2. Select the exposure card for which you want to view your CES.

    The Exposure View displays the CES details for the selected card.

While viewing the CES details for a card, you can:

  • In the upper-left corner of the page, view the time at which the Lumin Exposure View last updated the CES.

  • In the upper-left corner of the page, click Details to view the following exposure card information:

    • The number of assets associated with the exposure card.

      • Click the asset number to view the assets directly in the Asset Overview.

    • The user that created the exposure card.

    • The date and time at which the exposure card was created.

    • Where applicable, the card description.

  • View a graphical representation of your CES grade as it compares to your industry and the total population:

    • To view your total CES regardless of the data source, below the circle graph, click Total.

    • To view your CES separated based on the source of the data, below the circle graph, click Per Category.

      The CES graph splits into sections that represent each category. For more information, see Lumin Exposure View Metrics.

      • Within the CES graph, click an individual category name to view additional category information, connected assets, and to filter the Lumin Exposure View by the selected category.

    • To view the top tags driving your score, below the circle graph, click Per Tag.

      Note: The Lumin Exposure View displays up to 10 tags within the graph.

      The CES graph splits into sections that represent each tag. For more information on tags, see View Your Tag Overview.

  • To the right of the CES graph, view a small blurb that:

    • Indicates how your score compares to the baseline target.

    • Identifies the performance of your categories. For example, this blurb may explain that you have two critical categories.

  • On the right side of the page, in the Benchmarks section, view how your CES compares to others is your industry and in the total population.

  • In the Change section, view how your CES has changed within the last 30 days.

  • In the Asset Risk Breakdown section, view tiles that indicate your asset risk:

    • The Critical Risks tile shows the percentage of your assets with associated vulnerabilities of critical severity, as well as the data source(s) of those assets.

    • The High Risks tile shows the percentage of your assets with associated vulnerabilities of high severity, as well as the data source(s) of those assets.

    • The Medium/Low Risks tile shows the percentage of your assets with associated vulnerabilities of medium or low severity, as well as the data source(s) of those assets.

    Click any tile to navigate to the Asset Inventory filtered by the asset severity type you selected.

    Caution: Data in the Asset Risk Breakdown section is based on your Vulnerability Priority Rating (VPR). As a result, if you configure your Tenable Vulnerability Management vulnerability severity setting to use CVSS, data in this section may be inconsistent.

    Note: Since an asset can have multiple risks across all severities, the sum of the percentages in the Asset Risk Breakdown section may exceed 100%.