FORGOT YOUR DETAILS?

Cyber Exposure Analytics

Tenable Lumin

Solution Overview

An advanced visualization, analytics and measurement solution, to understand and reduce the Cyber Exposure.

Tenable Lumin

Calculate, communicate and compare cyber exposure while managing risk with Tenable Lumin. For the first time ever, user can visualize and explore the Cyber Exposure, track risk reduction over time, and benchmark against their peers.

Use Tenable Lumin, an advanced visualization, analytics and measurement solution, to understand and reduce the Cyber Exposure. Tenable Lumin transforms vulnerability data into meaningful insights to help user manage cyber risk across the entire organization.

It is add-on to Tenable.io platform or Tenable.sc by translating Vulnerability Management Into the Language of Business. To help business executives and the board understand their organization’s cyber risk, and prioritize patching to address the vulnerabilities representing the greatest risk to the organization.

This add-on help to translating technical nature of vulnerability management tools which primary in the lanaguge of vulnerabilities into business risk and cyber exposure that C-suite business and management can be understand. Tenable Lumin, as add-on, bridge between the language of vulnerability management and the language of business. Tenable.io and Tenable.sc customers can use Tenable Lumin to transform raw technical data into business insights by combining inputs such as threat intelligence, vulnerability data and asset criticality into a single platform to accurately measure and benchmark cyber risk. This risk-based approach to cybersecurity enables CISOs and their teams to prioritize remediation efforts, effectively communicate cyber risk to internal stakeholders and make data-driven decisions to reduce risk.

Tenable Lumin enables organizations to effectively measure and benchmark their cyber exposure internally and externally against peer organizations. To accomplish this, vulnerability data is correlated with other risk indicators, such as threat intelligence and asset criticality, to automatically score, trend and benchmark an organization’s cyber risk. Lumin transforms technical data into business insights for better strategic decisions.

CISOs can use Tenable Lumin to quickly and accurately assess the organization’s cyber exposure risk and compare their health and remediation performance to that of other enterprises.

Tenable Lumin uses a variety of metrics to help users understand the following:

  • Where they are exposed
  • Where to prioritize remediation
  • How the organization is reducing risk
  • How these efforts compare to others

With Tenable Lumin, users receive a Cyber Exposure Score for their own organization, an average score for peers within the same industry as well as the general population. This allows users to compare their organization to others and provides additional context around the score. The higher the score, the higher the risk.

Users can use Tenable Lumin to access the data most relevant for a particular audience. For example:

  • The Cyber Exposure Score trend view provides trending data about the organization’s score over time. Users can also see whether their peers and the greater population are improving over time.
  • The Cyber Exposure Score by business context view allows users to map a group of assets to a Cyber Exposure Score.

Gathering current, accurate data is critical to assessing your risk.

Tenable Lumin Dashboard Overview

Gaining Fresh Insights Into Your Cyber Risk with Tenable Lumin
Lumin uses several metrics to help you assess your cyber risk:

  • Vulnerability Priority Rating (VPR)
  • Asset Criticality Rating (ACR)
  • Cyber Exposure Score

Here’s what each score reveals:

  • Vulnerability Priority Rating. A dynamic companion to the static data provided by the vulnerability’s CVSS score and severity, the VPR is generated dynamically per vulnerability. Tenable’s algorithms update the VPR to reflect the current threat landscapes. Values range from .1 to 10. A higher value represents higher likelihood of exploit.
  • Asset Criticality Rating. Tenable assigns an ACR to each asset on your network to represent the asset’s relative risk as an integer from 1 to 10. A higher ACR value indicates higher risk. Tenable assesses scan output and measures asset risk based on the following: exposure due to the location on your network and proximity to the internet, device type and device capabilities.
  • Cyber Exposure Score. The score is automatically generated through machine learning algorithms which combine the Tenable Vulnerability Priority Rating (VPR), for the likelihood of exploitability, with the Tenable Asset Criticality Rating (ACR), for the business criticality of the impacted asset. This score represents the organization’s overall cyber exposure risk as an integer between 0 and 1,000, based on asset exposure score values for assets scanned in the past 90 days. A higher CES value indicate higher risk.

Tenable Lumin Metrics Overview

Calculate and Communicate Cyber Exposure

Assessment Maturity Metrics

Cyber ExposureTrending

External Benchmarking

Process Integrity Risk Management

Business Context Analysis

Remediation Guidance Workflow

Seamless Integration with Vulnerability Management

Backed by Tenable Research

Features Overview

Calculate and Communicate Cyber Exposure. Tenable Lumin provides an objective measure of cyber risk via the Cyber Exposure Score (CES), which combines vulnerability data with other risk indicators, such as threat intelligence and asset criticality. The score is automatically generated through machine learning algorithms that factors in likelihood of vulnerability exploitability and the business criticality of the impacted asset. CES can be applied to any group of assets, from a single asset to all assets across the entire organization,for detailed analysis and decision-making.

Assessment Maturity Metrics. Tenable Lumin summarizes key assessment maturity metrics to help improve assessment capabilities and security responsiveness.The product provides detailed analysis into asset scan distribution, asset scan frequency and vulnerability age to strengthen program effectiveness and focus on process maturity. Interactive widgets allow you to drill into assessment maturity data to investigate the security posture of underlying assets.

Cyber Exposure Trending. Tenable Lumin delivers advanced visualizations to help understand trend improvements over time as a measure of security program effectiveness. The product shows the CES of your organization over the past 6 months and highlights 7-day changes of scoring to flag potential issues.

External Benchmarking. Tenable Lumin enables organizations to benchmark themselves against industry peers to quickly identify shortcomings and strengths. The product benchmarks a number of key metrics, such as CES and assessment maturity, based on industry and overall averages to analyze how organizations compare. Tenable Lumin benchmarking is based on the industry’s most extensive vulnerability intelligence, processing over 1.5 billion instances of vulnerabilities per week, and coupled with data science to provide comprehensive and accurate insights.

Process Integrity Risk Management. Tenable Lumin reduces process integrity risk by providing an Assessment Maturity score. This single metric allows you to quantify and compare how well your organization is assessing your environment, allowing you to implement policy & process improvements that reduce your cyber exposure.

Business Context Analysis. Because CES can be applied to any group of assets, Tenable Lumin enables security teams to benchmark internal operational groups (e.g., business units, computing environments, branch locations) against one other.This analysis helps to focus attention and resources to address areas of high exposure and identify best practices across the organization. Assets grouping scan be fully customized by leveraging existing tags, which allow you to filter and analyze segments of your organization.

Remediation Guidance Workflow. Tenable Lumin provides security teams with a list of the top recommended actions that reduce the most cyber exposure, to translate business decisions on risk appetite to technical guidance for teams to action. For additional information, teams can drill down into specific vulnerabilities or assets for business and risk context to enable more effective remediation.

Seamless Integration with Vulnerability Management. Tenable Lumin seamlessly integrates with Tenable.io and Tenable.scto provide both the breadth of visibility into cyber risk across IT, cloud, IoT and OT environments and the depth of analytics to measure and communicate cyber risk in business terms to make better strategic decisions. This enables Lumin to become a single pane of glass for a holistic view of cyber risk.

Backed by Tenable. Research Tenable.io and Tenable.sc are backed by Tenable Research, delivering world-class Cyber Exposure intelligence, data science insights, alerts, and security advisories. Frequent updates from Tenable Research ensure the latest vulnerability checks, zero-day research, and configuration benchmarks are immediately available to help you secure your organization.

Benefits

Quantify Cyber Risk. Provide an objective measure of cyber risk across the organization and within internal operational groups to make more informed decisions
Measure Cyber Risk Performance. Understand trend improvements over time as a measure of security program effectiveness to communicate results.
Benchmark Against Peers. Understand how cyber risk and assessment maturity compare to industry peers to quickly identify shortcomings and strengths.
Boost Productivity. Take advantage of the top recommended remediation actions to reduce the most cyber exposure and improve IT effectiveness.

Reduce Product Sprawl. Get more insights out of your vulnerability management data without the need for a separate point solution in your security stack.

All Solutions in Lumin

Required Additional License: Tenable Lumin

Required User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

Tenable provides recommended solutions for all vulnerabilities on your network. You can identify solutions for vulnerabilities with the highest VPR, then drill into the solution details to understand the steps to address the vulnerability on your network.

Addressing a vulnerability instance lowers your CES and AES metrics.

Tip: A vulnerability instance is a single instance of a vulnerability appearing on an asset, identified uniquely by plugin ID, port, and protocol.

To view recommended Lumin solutions:

  1. Navigate to the new Tenable.io interface, as described in Access the New Tenable.io Interface.
  2. In the upper-left corner, click the Menu button.The left navigation plane appears.
  3. In the left navigation plane, in the Lumin section, click Solutions.The Lumin Solutions page appears.

    Note: All data in Lumin (except the CES and Assessment Maturity grade for your entire organization) reflects only the assets shared with your user account.

    Section Action
    Solutions table
    • View information about each solution.
      • Summary — A description for the solution.
      • Assets Affected — The total number of assets affected by the vulnerabilities included in the solution.
      • Vulnerabilities — The total number of vulnerabilities addressed by the solution.
      • VPR — The highest VPR for the vulnerabilities addressed by the solution.
      • CVSS — The highest CVSSv2 score (or CVSSv3 score, when available) for the vulnerabilities addressed by the solution.
    • To view details for a solution, click a solution row.The Lumin Solution Details page appears. For more information, see Solution Details.
    • To filter the data displayed in the table, see Filter a Table.Tenable.io refreshes the table.
    • To sort, increase or decrease the number of rows per page, or navigate to another page of the table, see Navigate a Table.

Solution Details

Required Additional License: Tenable Lumin

Required User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

You can use this page to view details for a solution, including asset and vulnerability information.

To view Lumin solution details:

  1. Navigate to the new Tenable.io interface, as described in Access the New Tenable.io Interface.
  2. In the upper-left corner, click the Menu button.The left navigation plane appears.
  3. In the left navigation plane, in the Lumin section, click Solutions.The Lumin Solutions page appears.
  4. Click a solution row.The Lumin Solution Details page appears.

    Note: All data in Lumin (except the CES and Assessment Maturity grade for your entire organization) reflects only the assets shared with your user account. For more information, see Access Groups.

    Section Action
    Summary panel
    Metrics summary View summary statistics for the recommended solution.

    • Assets Affected — The total number of assets affected by the vulnerabilities included in the solution.
    • Vulnerabilities — The total number of vulnerabilities addressed by the solution.
    • Vuln Instances — The total number of vulnerability instances that need the solution.

      Tip: A vulnerability instance is a single instance of a vulnerability appearing on an asset, identified uniquely by plugin ID, port, and protocol.

    • VPR — The highest VPR for a vulnerability included in the solution.
    • CVSS V2/V3 Base Score — The highest CVSSv2 score (or CVSSv3 score, when available) for a vulnerability included in the solution.
    Vulnerabilities Included (#) table
    • View all vulnerabilities related to the recommended solution, sorted by decreasing VPR.
    • To view details about an included vulnerability's VPR, click one of the vulnerability rows.The Lumin vulnerability details plane appears.
      • View the VPR key drivers.
      • View a graph that shows the VPR adjustments over the past 30 days, compared to the static CVSSv2 score (or CVSSv3 score, when available).
    • To navigate to another page of the table, see Navigate a Table.
    Assets Affected tab
    ACR tiles View the ACR severity tiles, which summarize the number of affected assets in the LowMediumHigh, or Critical, or Unclassified ACR category.
    Assets Affected table
    • View asset information.
      • Asset — The asset identifier: the agent name (if agent-scanned) or the NetBIOS name, FQDN, or IP address.
      • IP — The asset's IP address.
      • ACR — The asset's ACR.
      • OS — The asset's operating system.
      • Detection Source — The scanner type that first scanned the asset.
    • To view details for an asset, click one of the rows in the table.The Lumin Asset Details page appears. For more information, see Asset Details.
    • To filter the assets displayed in the table, see Filter a Table.Tenable.io refreshes the table.
    • To sort, increase or decrease the number of rows per page, or navigate to another page of the table, see Navigate a Table.

Cyber Exposure Score (CES)

Tenable calculates a dynamic CES that represents Cyber Exposure risk as an integer between 0 and 1000, based on the Asset Exposure Score (AES) values for assets scanned in the last 90 days. Higher CES values indicate higher risk.

You can view CES for different groups of assets, including:

  • the CES for your entire organization (e.g., the CES displayed in the Cyber Exposure Score widget)
  • the CES for assets in a specific business context (e.g., the CES displayed in the Cyber Exposure Score by Business Context widget).

To view the CES for your entire organization or for a group of assets, view the widgets on the View the Lumin Dashboard.

Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for most vulnerabilities. The VPR is a dynamic companion to the static data provided by the vulnerability's CVSS score and severity, since Tenable updates the VPR to reflect the current threat landscape. VPR values range from 0.1-10.0, with a higher value representing a higher likelihood of exploit.

VPR Category VPR Range
Critical 9.0 to 10.0
High 7.0 to 8.9
Medium 4.0 to 6.9
Low 0.1 to 3.9

Note: Vulnerabilities without CVEs in the National Vulnerability Database (NVD) (e.g., many vulnerabilities with the Info severity) do not receive a VPRTenable recommends remediating these vulnerabilities according to their CVSS-based severity.

Note: You cannot edit VPR values.

Tenable.io provides a VPR value the first time you scan a vulnerability on your network. Then, Tenable.io automatically provides new and updated VPR values daily.

Tenable recommends prioritizing vulnerabilities with the highest VPRs that are present on your assets with the highest ACRs.

To view the VPR for a specific vulnerability, view vulnerabilities as described in View All Vulnerabilities in Lumin.

VPR Key Drivers

Tenable uses the following key drivers to calculate a vulnerability's VPR.

Note: Tenable does not customize these values for your organization; VPR key drivers reflect a vulnerability's global threat landscape.

Key Driver Description
Age of Vuln The number of days since the National Vulnerability Database (NVD) published the vulnerability.
CVSSv3 Impact Score The NVD-provided CVSSv3 impact score for the vulnerability. If the NVD did not provide a score, Tenable.io displays a Tenable-predicted score.
Exploit Code Maturity The relative maturity of a possible exploit for the vulnerability based on the existence, sophistication, and prevalence of exploit intelligence from internal and external sources (e.g., Reversinglabs, Exploit-db, Metasploit, etc.). The possible values (HighFunctionalPoC, or Unproven) parallel the CVSS Exploit Code Maturity categories.
Product Coverage The relative number of unique products affected by the vulnerability: LowMediumHigh, or Very High.
Threat Sources A list of all sources (e.g., social media channels, the dark web, etc.) where threat events related to this vulnerability occurred. If the system did not observe a related threat event in the past 28 days, the system displays No recorded events.
Threat Intensity The relative intensity based on the number and frequency of recently observed threat events related to this vulnerability: Very LowLowMediumHigh, or Very High.
Threat Recency The number of days (0-730) since a threat event occurred for the vulnerability.

Threat Event Examples

Common threat events include:

  • An exploit of the vulnerability
  • A posting of the vulnerability exploit code in a public repository
  • A discussion of the vulnerability in mainstream media
  • Security research about the vulnerability
  • A discussion of the vulnerability on social media channels
  • A discussion of the vulnerability on the dark web and underground
  • A discussion of the vulnerability on hacker forums

Asset Criticality Rating (ACR)

Tenable assigns an ACR to each asset on your network to represent the asset's relative criticality as an integer from 1 to 10. A higher ACR indicates higher criticality.

ACR Category ACR Range
Critical 9 to 10
High 7 to 8
Medium 4 to 6
Low 1 to 3

Tenable provides an ACR value the first time you scan an asset on your network. Then, Tenable automatically provides new and updated ACR values daily.

Note: Tenable recommends reviewing your Tenable-provided ACR values and overriding them, if necessary. You can customize ACR values to reflect the unique infrastructure or needs of your organization, as described in Edit an ACR.

If an asset receives multiple ACR values, Tenable.io prioritizes the values in the following order:

  1. If set, the manually overridden ACR value.
  2. The Tenable-provided ACR value.

To view the ACR for a specific asset, view the asset details as described in View Asset Details.

ACR Key Drivers

Tenable uses the following key drivers to calculate an asset's Tenable-provided ACR.

Note: Tenable does not customize these values for your organization; ACR key drivers reflect the global threat landscape associated with the asset's characteristics.

Key Driver Description
device_type The device type. For example:

  • hypervisor — The device is a Type-1 hypervisor that hosts a virtual machine (e.g., Microsoft Hyper-V, VMware ESX/ESXi, or Xen).
  • printer — The device is a networked printer or a printing server.
device_capability The device's business purpose. For example:

  • file_server — The device is a server that provides file sharing services (e.g., an FTP, SMB, NFS, or NAS server).
  • mail_server — The device is a server designated for sending and receiving emails.
internet_exposure The device's location on your network and proximity to the internet. For example:

  • internal — The device is located within your local area network (LAN), possibly behind a firewall.
  • external — The device is located outside your LAN and not behind a firewall.

Asset Exposure Score (AES)

Tenable calculates a dynamic AES for each asset on your network to represent the asset's relative exposure as an integer between 0 and 1000. A higher AES indicates higher exposure.

Tenable calculates AES based on the current ACR (Tenable-provided or custom) and the VPRs associated with the asset.

Assessment Maturity Grade

Assessment Maturity provides a high-level summary of how effectively you are scanning for vulnerabilities. Tenable calculates a dynamic Assessment Maturity grade that represents your assessment scanning health as a letter grade between A and F. An A grade indicates you are assessing your assets frequently and thoroughly.

Assessment Maturity Letter Grade Numerical Range
A 80 to 100
B 60 to 79
C 35 to 59
D 15 to 34
F 0 to 15

Your Assessment Maturity grade is the combination of your Assessment Maturity depth grade and your Assessment Maturity frequency gradeTenable provides an Assessment Maturity grade the first time you scan. Then, Tenable.io automatically provides an updated Assessment Maturity grade daily.

Depth Grade

Tenable calculates your depth grade as the combination of your scan policy coverage and authentication coverage.

  • Scan policy coverage — How many plugins were enabled in your scan policies?
  • Authentication coverage — How many of your scans successfully used authentication for full vulnerability detection?

A high depth grade indicates you are using policies with full plugin coverage and successfully running those plugins on your assets.

Frequency Grade

Tenable calculates your frequency grade based on how often you scan assets on your network. A high frequency grade indicates you are scanning your assets often.

To view your Assessment Maturity grade, depth grade, and frequency grade, see View Assessment Maturity Details.

Tenable Vulnerability Indicator (TVI)

Tenable assigns a TVI (TVI-####-#####) to all unique, publicly disclosed vulnerabilities to uniquely identify an individual vulnerability on your network.

Vulnerabilities With TVIs Vulnerabilities Without TVIs
  • Vulnerabilities that are CVE-published
  • Vulnerabilities that are not CVE-published
  • Vulnerabilities that are covered by Tenable plugins
  • Vulnerabilities that are not covered by Tenable plugins
  • General security weaknesses (e.g., unsupported software)
  • Vulnerabilities within your in-house, custom applications

Tip: Tenable.io identifies a vulnerability by CVE, if available. If no CVE is available, Tenable.io displays the TVI. If no TVI is available, Tenable.io displays the plugin ID.

To view the TVI for a specific vulnerability, view the vulnerability details as described in View Vulnerability Details.

  • Remediation Maturity
    • Quantifies how an organization is performing at remediating vulnerabilities in their environment. It provides insight by assessing two underlying components.
      • Remediation Responsiveness indicates you are quickly remediating the most critical vulnerabilities on your assets.
      • Remediation Coverage indicates you are remediating a high percentage of the most critical vulnerabilities on your assets.
    • Organizations are assigned a grade along with comparisons to their industry peers and overall population. With this grading, organizations can compare their efforts to others and improve processes as needed.
    • Recommended Actions based on improved Remediation Maturity will be provided for overall remediation hygiene.
    • This bookends Assessment Maturity (released earlier this year) to give a comprehensive view into program and process maturity.
  • CES Trending by Business Context
    • Highlights CES trending performance by tagged asset group, giving additional context to how a group is performing.
    • New 6-month sparkline and 14-day trend added to the Business Context table on the Lumin dashboard.
    • CES trendline added to the Business Context details page per tag.

 

  • The Assessment Maturity grade and details are now available for any tagged group of assets in the Lumin dashboard. For more information, see View the Lumin Dashboard in the Tenable.io Vulnerability Management User Guide.
  • The Highest Impact Recommended Actions are now available for any tagged group of assets in the Lumin dashboard. For more information, see View the Lumin Dashboard in the Tenable.io Vulnerability Management User Guide.
  • The historical asset and vulnerability totals on the Cyber Exposure Score will start re-populating over time. The first new historical data point will appear within a few weeks. Fore more information, see View CES Details in the Tenable.io Vulnerability Management User Guide.
  • The list of vulnerabilities (CVEs) included in a solution has been added back to the Solution Details page. For more information, see View Solution Details in the Tenable.io Vulnerability Management User Guide.

 

  • The Asset Distribution by Asset Exposure Score (AES) widget replaces the Cyber Exposure Score Distribution and Vulnerability Age widgets on the Business Context Asset Details page. This allows for quick access to a list of assets and solutions grouped and ordered by risk.

    For more information, see View Business Context Tag Asset Details in the Tenable.io User Guide.

  • For simplification, the Assets, Vulnerabilities, and Solutions views in the Tenable Luminworkspace are merged with the corresponding Tenable.io Vulnerability Management (VM) views.
    • The links to these pages have been removed from the Tenable Lumin area and are now only within VM area.
    • Any links within Tenable Lumin to assets, vulnerabilities, and solutions will now navigate to the VM workspace.

      For more information, see Get Started with Lumin in the Tenable.io User Guide.

  • Historical vulnerability and asset data in the Cyber Exposure Score details panel have been removed temporarily.

    For more information, see View CES Details in the Tenable.io User Guide.

  • The Vulnerability Age > 7 days column has been removed from the Cyber Exposure by Business Context table on the Tenable Lumin dashboard.

    For more information, see View the Lumin Dashboard in the Tenable.io User Guide.

 

  • CES Impact for Recommended Actions

    This feature gives customers the ability to identify the most impactful solutions across their entire organization and how those solutions will affect their CES score.

    For more information, see View Recommended Actions for All Assets in the Tenable.io Vulnerability Management User Guide.

  • Assessment Maturity

    Assessment Maturity is a single metric that quantifies how an organization is scanning their environment. It provides this insight by computing two underlying components:

    1. Scan Frequency — How frequently organizations scan each asset in their network
    2. Scan Depth — How deeply or thoroughly they scan each asset for vulnerabilities

    Organizations are assigned a grade for their scan frequency, scan depth, and overall assessment maturity scores along with comparisons to their industry peers and the overall population. Via such grading, organizations can compare their efforts to others and improve their processes accordingly.

    For more information, see View the Lumin Dashboard and View Assessment Maturity Details in the Tenable.io Vulnerability Management User Guide.

 

  • Asset and Vulnerability percentages for past dates now appear on the Cyber Exposure Score Trend widget on the Lumin dashboard; if no historical data is available, a "No historical data available now" message will appear.

 

E-SPIN Value Proposition

E-SPIN have actively promoted Tenable's full range of products and technologies as part of the company Vulnerability Management solution portfolio – for infrastructure, network, server, host and application vulnerability assessment and reporting and Security Management solution portfolio – for security and risk compliance audit and configuration check/reporting. E-SPIN is active in providing consulting, supplying, training and maintaining Tenable products for the enterprise, government and military customers (or distribute and resell as part of the complete package) in the region E-SPIN do business. The enterprise range from university to listed corporation IT security professionals on the vulnerability assessment and penetration testing, security audit, or IT security company on the security operation center (SOC) for configuration security check and audit for security risk compliance or red team / cyber security / cyber warfare / military security defense applications and infrastructure network audit.

Please feel free to contact E-SPIN for your inquiry and requirement, so we can assist you on the exact requirement in the packaged solutions that you may require for your operation or project needs.

CORPORATE

SOLUTIONS & PRODUCTS

STORE & SUPPORT

PRODUCTS & SERVICES

FOLLOW US

© 2005 - 2023 E-SPIN Group of Companies | All rights reserved.
E-SPIN refers to the global organisation, and may refer to one or more of the member firms of E-SPIN Group of Companies, each of which is a separate legal entity.
TOP