Tenable Lumin
Expose your cyber risk
Identify, understand and quantify cyber weaknesses that pose the greatest threat to your business value, reputation and trust.
Power your risk reduction engine with vulnerability data
Quickly and accurately assess your risk with Tenable Lumin. Then compare your health and remediation performance to other Tenable customers in your Salesforce industry and the larger population. Tenable Lumin correlates raw vulnerability data with asset business criticality and threat-context data to support faster, more targeted analysis workflows than traditional vulnerability management tools.
Download the data sheetGain business insights into your organization’s overall cyber risk
- Advanced risk-based cyber risk analysis and scoring weighs vulnerabilities, threat data, asset criticality along with remediation and assessment maturity. Provides clear guidance on where to focus remediation efforts.
- Gain insights through a single, comprehensive view of your entire attack surface (including traditional IT, public and private clouds, web applications and containers, IoT and OT).
- See how your organization’s cyber risk is changing over time. Manage risk based on quantifiable metrics aligned to the business. Quickly determine the actions you need to take to reduce your exposure.
- Track cyber risk reduction over time and compare your cybersecurity effectiveness within your organization and to industry peers. Insight into your exposure to new critical vulnerabilities.
View business context for cyber risk reduction efforts
- Detailed analysis of exposure scores for individual assets and recommended remediation solutions.
- Machine learning predicts potential risk of assets that have yet to receive an in-depth assessment.
- Insight and perspective into your security processes. Measure and benchmark your assessment and remediation maturity. Quantify how well you’re scanning your environment and your effectiveness in remediating vulnerabilities.
Answer critical questions through your cyber risk command center
With Tenable Lumin, organizations can answer four critical questions for the first time:
Only Tenable Lumin provides the insight needed to manage and reduce cyber risk across the modern attack surface.
Powered by Tenable ExposureAI machine learning and predictive analytics
Available through Tenable One: The world’s only AI-powered exposure management platform
Tenable One solves the central challenge of modern security: a deeply divided approach to seeing and doing battle against cyber risk. We remove risk by unifying security visibility, insight and action across the attack surface to rapidly expose and close gaps. Customers use Tenable One to eradicate priority cyber weaknesses and protect against attacks—from IT infrastructure to cloud environments to critical infrastructure and everywhere in between.
Learn moreFAQs
What is Tenable Lumin?
-
Tenable Lumin enables organizations to effectively measure their cyber risk and benchmark their performance internally against different groups as well as externally against industry peers. To accomplish this, Tenable combines data about the real-world threat vulnerabilities pose with asset criticality context to calculate a Cyber Exposure Score, transforming raw technical data into business insights.
How does Tenable Lumin work?
-
Tenable Lumin combines a number of data sources, such as vulnerability data, threat intelligence and asset criticality, to help security leaders quantify cyber risk and maximize cyber risk reduction. Tenable Exposure.ai technology utilizes the industry’s most extensive vulnerability intelligence and one of the industry’s largest data science organizations, which enables us to deliver comprehensive benchmarking capabilities to compare your cyber risk with peers and machine learning algorithms to provide accurate cyber risk calculations.
What is the Cyber Exposure Score (CES) and how is it derived?
-
The Cyber Exposure Score is an objective measure of cyber risk, derived through data science-based measurement of vulnerability data together with threat intelligence and asset criticality. The score is automatically generated through machine learning algorithms which combine the Tenable Vulnerability Priority Rating (VPR), for the likelihood of exploitability, with the Tenable Asset Criticality Rating (ACR), for the business criticality of the impacted asset. Organizations can also leverage scoring to trend improvement over time as a measure of security program effectiveness. It is a number between 0 and 1000, where 0 is least exposed and 1000 is most exposed. A Cyber Exposure Score can be applied to any group of assets, either a single asset, a subset or an entire organization. For more information on CES, please read this white paper.
What is the Asset Criticality Rating (ACR) and how is it derived?
-
The Asset Criticality Rating is an objective measure of the criticality of an asset to an organization. The rating is calculated via a machine learning algorithm and based on asset attributes derived from vulnerability scan results, such as whether the device is exposed to the Internet, the type of device and device functionality. The ratings are calculated automatically after each scan and are updated every 24 hours. ACR is a number between 0 and 10, where 0 is the lowest criticality level and 10 is the highest criticality level. For more information on ACR, please read this white paper.
What Is Predictive Scoring?
-
Predictive Scoring in Tenable Lumin employs machine learning technologies to accurately prioritize the remediation of assets that have yet to receive an authenticated scan. By examining the criticality of vulnerabilities found on devices receiving authenticated scans, Predictive Scoring can infer the Asset Exposure Score of similar devices that have yet to receive authenticated scans. The result is a much more accurate and comprehensive insight into an organization’s overall Cyber Exposure.
What is the Assessment Maturity Score and how is it derived?
-
Assessment Maturity is a single metric that quantifies how an organization is scanning their environment. It provides this insight by computing two underlying components:
- Scan Frequency How frequently organizations scan each asset in their network
- Scan Depth How deeply or thoroughly they scan each asset for vulnerabilities
Organisations are assigned a grade for their Scan Frequency, Scan Depth and overall Assessment Maturity scores along with comparisons to their industry peers and the overall population. Via such grading, organizations can compare their efforts to others and improve their processes accordingly.
What is the Remediation Maturity Score and how is it derived?
-
Remediation Maturity measures your speed and efficiency in remediating vulnerabilities found in your organization.
It answers such questions as:
- How quickly am I remediatiating vulnerabilities?
- What is the % of assets remediated, the % of vulnerabilities remediated?
- How targeted am I with my remediation efforts? Am I focusing on Critical and High vulnerabilities?
Organizations are assigned a grade for their Remediation Responsiveness and Remediation Coverage along with comparisons to their industry peers and the overall population. Via such grading, organizations can compare their efforts to others and improve their processes accordingly.
How are benchmarking scores derived?
-
Benchmarking in Tenable Lumin is based on the most extensive vulnerability data and intelligence in the industry. Tenable processes over 1.5 billion instances of vulnerabilities per week and analyzes exposure trends and cyber hygiene maturity from more than 4.5 petabytes of data to create the benchmarking knowledge base.
Can I customize the factors that influence my Cyber Exposure Score (CES)?
-
Yes, you are able to manually adjust the Asset Criticality Rating of your assets, which will automatically recalculate your CES based on your customized input. In the future, we will introduce product enhancements that will allow you to customize additional CES factors.
How is Tenable Lumin different from Tenable Vulnerability Management and Tenable Security Center?
-
Tenable Lumin is a separate application that helps you translate raw vulnerability data into business insights by objectively measuring your Cyber Exposure to help guide your strategic decision making. Tenable Lumin works in conjunction with both Tenable Vulnerability Management and Tenable Security Center to incorporate asset and vulnerability data to quantify and analyze your cyber risk.
What vulnerability management products are supported today in Tenable Lumin?
-
Tenable Lumin is supported by both Tenable Vulnerability Management and Tenable Security Center.
What is the Tenable Lumin pricing model?
-
Tenable Lumin pricing is based on the total assets count of the Tenable Vulnerability Management container and/or Tenable Security Center deployment. Example pricing is available on request.
Is Tenable Lumin available in both cloud and on-prem deployments?
-
Tenable Lumin is available as a cloud-based, software-as-a-service (SaaS) solution.
Related resources
Get started with Tenable Lumin
Contact a sales representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.
- Tenable Lumin