Key security metrics in Tenable Lumin reveal how effectively your team scans for vulnerabilities and remediates critical issues, so you can make process improvements where they matter most.
If you’ve made the move from legacy vulnerability management (VM) to a risk-based strategy, you already know the power of prioritizing your remediation efforts. The best way to start reducing risk across your attack surface is to stop wasting time on vulnerabilities that don’t pose any immediate risk. At Tenable, that means combining trillions of threat, vulnerability and asset data points to predict the 3% of vulnerabilities that are most likely to be exploited in the near future
While the ability to prioritize the vulnerabilities and assets that matter most is an essential step in maximizing your team’s efficiency and effectiveness, there are also next-level capabilities in Tenable Lumin that can help ensure your business processes are running at peak efficiency:
Are you scanning often enough? Is your scan coverage broad enough? Are you assessing enough of your assets using authenticated scans? Your assessment maturity grade will let you know, so you can make necessary adjustments.
Assessment Maturity provides a high-level summary of how effectively you are scanning for vulnerabilities. To be effective, you must assess all your assets frequently and thoroughly. That means traditional, on-premises IT assets, as well as assets in cloud, container and operational technology (OT) environments. And while conventional wisdom assumes that a monthly scan is sufficient, Tenable recommends that you conduct a thorough scan of your entire environment two to three times per week to ensure that you’re taking action on the most current intelligence. At least 85% of your scans should be authenticated.
If your assessment maturity grade is low, Tenable Lumin will tell you what needs to be done to improve. It also compares your grade with industry peers and all Tenable customers for a vertical and global benchmark of assessment performance.
Are you fixing issues quickly enough? How thoroughly do you fix your most critical vulnerabilities? The answers to these questions will be reflected in your remediation maturity grade.
Remediation Maturity is a high-level summary of how effectively you are protecting your assets. This grade comprises your remediation responsiveness, or the average time it takes you to remediate vulnerabilities; it also assesses your remediation coverage, which measures both the average percentage of vulnerabilities remediated on your assets and the average number of open vulnerabilities per asset. Tenable recommends that you prioritize assets with a high Asset Criticality Rating (ACR), and then remediate all associated vulnerabilities with a critical or high Vulnerability Priority Rating (VPR) within eight to 14 days.
Similar to your assessment maturity grade, Tenable Lumin will tell you what needs to be done to improve your remediation maturity grade, as well as how your grade compares with industry and global peers.
For some assets, remediation may not be feasible, due to technical constraints or excessive costs. In addition to discovering vulnerabilities, your authenticated agent scans can also detect and record the installed endpoint protection agents throughout your environment. The Mitigations feature in Tenable Lumin shows the percentage of your assets where one or more endpoint protection agents have been detected. This inventory of security controls provides you with a more complete picture of your overall cyber risk, so you can assess and validate that mitigation tactics are working as intended.
Tenable Lumin can help you make dramatic improvements to the efficiency and effectiveness of your security program. By adding Lumin, you can take your risk-based VM program from good to great, so you can reduce the greatest amount of risk with the least amount of effort.
Want to see how Lumin can help you take the next step in your risk-based VM program? Try Lumin for free for 30 days.