View Mitigations Details in Tenable Lumin

The following is not supported in Tenable FedRAMP Moderate environments. For more information, see the Tenable FedRAMP Moderate Product Offering.

Required Additional License: Tenable Lumin

Required Tenable Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

If you run an authenticated scan based on the Basic Network Scan template or Advanced Network Scan template or an agent scan based on the Basic Agent Scan or Advanced Agent Scan template, Tenable automatically enables the plugins required to detect mitigations present on your assets. Tenable Lumin defines mitigations as endpoint protection agents, which include antivirus software, Endpoint Protection Platforms (EPPs), or Endpoint Detection and Response (EDR) solutions.

Then, you can use Tenable Lumin Mitigations data to assess whether your assets are covered properly with the endpoint protection agent software.

You must enable certain plugins in your authenticated and agent scans to detect endpoint protection agents on your assets. For more information, see Plugins for Mitigation Detection.

Before you begin:

Enable the required plugins in your scans.
Run your scans before checking the Mitigations page.

To view a list of endpoint protection agents on your assets:

In the Workspace menu, click Lumin.

The Lumin dashboard appears.
In the Mitigations widget, click More Details.

The Tenable Lumin Mitigations page appears.

Note: All Tenable Lumin data reflects all assets within the organization's Tenable Vulnerability Management instance.

Section	Action
Exports button	Download previously generated export files.
Date range selector	Change the date range for the mitigations table. For more information, see Tenable Vulnerability Management Tables.
Filters box	Filter the data displayed in the mitigations table.
Search box	Search the mitigations table by product name. For more information, see Tenable Vulnerability Management Tables.
Mitigations table	In this table, you can: View information about each endpoint protection agent. Product Name — The name of the endpoint protection agent. Vendor Name — The name of the vendor that maintains the endpoint protection agent. All Assets — The total number of assets with the endpoint protection agent present. Critical Assets — The total number of Critical ACR assets with the endpoint protection agent present. High Assets — The total number of High ACR assets with the endpoint protection agent present. Version — The version of the endpoint protection agent. Last Detected — The date that a scan last detected the endpoint protection agent on an asset. Sort, increase or decrease the number of rows per page, or navigate to another page of the table. For more information, see Tenable Vulnerability Management Tables. Export mitigations. To view a list of assets with a specific endpoint protection agent present, click the asset count in the appropriate column: All Assets to view all assets regardless of the asset ACR Critical Assets to view Critical ACR assets High Assets to view High ACR assets The Assets page appears, filtered by licensed assets, ACR severity, the mitigation product name, the mitigation vendor name, the mitigation version, and the past 90 days. For more information, see Assets.