Security & IT Ops Dashboards

The pre-built Value-Oriented Dashboards include the following Security & IT Ops dashboards:

• Certificate Summary. This dashboard displays information about SSL certificates, including information about the key algorithms, expiry dates, CA, and certificate versions.

• Crown Jewels. Crown Jewels is a term for the most critical assets in your organization. This dashboard displays information about the current status of Crown Jewels, including details about Crown Jewels with CVEs, KEVs, and fixable KEVs.
• EOL Operating Systems (By Dept). This dashboard provides information about Windows, macOS, and Linux operating systems that have reached end-of-life (EOL) and are still online.

• EOL Operating Systems (KEVs). This dashboard provides information about Windows, macOS, and Linux operating systems that have reached end-of-life (EOL) and those EOL operating systems that have known exploited vulnerabilities (KEVs).

• EOL Summary. This dashboards provides an overview of the OS versions in your environment, with an emphasis on end-of-life operating systems in your environment.
• Exposed Assets. The Exposed Assets dashboard displays assets that are publicly exposed with an external port.

• Priorities: All KEVs. Displays information about assets with Known Exploited Vulnerabilities (KEVs), including which of those KEVs are high or critical and which of those KEVs have solutions or workarounds.

• Priorities: Fixable KEVs. Displays information about assets with Known Exploited Vulnerabilities (KEVs), including which of those KEVs are high or critical, which of those KEVs have solutions or workarounds, and which assets in the environment are not scanned for KEVs.

• Priorities: Highs & Crits. Displays information about assets with High or Critical CVEs, including information about KEVs in the environment and which of those KEVs have solutions or workarounds.

Required Connectors #

To find all the assets in your environment, including certificate information about those assets and operating system information about those assets, Lucidum recommends you configure Lucidum connectors for:

• The Endpoint Management solutions in your environment (for example, Jamf, Intune, Citrix Endpoint Management, Symantec Endpoint Management, Hexnode)

• The Endpoint Protection solutions in your environment (for example, Trellix Endpoint Security, Symantec Endpoint Protection, SentinelOne, Crowdstrike Falcon, Microsoft Defender for Endpoint )

• The Endpoint Detection and Response solutions in your environment (for example, SentinelOne, Falcon Crowdstrike, Trend Micro XDR, Check Point Harmony Endpoint, Cortex XDR)

• The Mobile Device Management solutions in your environment (for example, Addigy, Citrix Endpoint, Jamf Pro, Kandji)

• The directory solutions in your environment (For example, Azure AD, Microsoft AD, Jump Cloud, PingOne, OpenLDAP,)

• The DHCP solutions in your environment (For example, Infoblox, Efficient IP, BlueCat)

• The VPN solutions in your environment (For example, Cisco AnyConnect, FortiClient, Palo Alto VPN, Citrix Gateway, Zscaler Private Access)

• The cloud solutions in your environment (for example, AWS, Azure, Google Cloud, Oracle Cloud)

Certificate Summary #

The Certificate Summary dashboard displays information about SSL certificates, including information about the key algorithms, expiry dates, CA, and certificate versions.

The Certificate Summary dashboard looks like this:

Base Query #

Most of the charts in this dashboard use a query like:

Asset Type match CERT

This query searches for all certificates in the environment.

Charts #

• Certificates Total. This chart displays the total number of certificates in the environment.

  • This chart queries the asset database and uses the query Asset Type match CERT. This query searches for all certificates.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Algorithms. This chart displays the type of key algorithms in use by all the certificates.

  • This chart queries the asset database and uses the query Asset Type match CERT. This query searches for all certificates.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Certificate Algorithm.

  • The Chart Type is “Pie”.

• Certificates: All Expiry Dates. This chart displays the next five expiry dates for certificates.

  • This chart queries the asset database and uses the query Asset Type match CERT. This query searches for all certificates.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Asset Expiry Time.

  • The Chart Type is “Bar”.

• Certificates by CA. This chart displays the certificate authorities in use and the number of certificates assigned to each CA.

  • This chart queries the asset database and uses the query Asset Type match CERT. This query searches for all certificates.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Vendor.

  • The Chart Type is “Bar”.

• Certificate Versions. This chart displays the versions for certificates (for example, SSLv2, SSLv3, TLS1.3) and the number of certificates assigned to each version.

  • This chart queries the asset database and uses the query Asset Type match CERT. This query searches for all certificates.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays Certificate Version.

  • The Chart Type is “Pie”.

• Expired Certs. This chart displays the number of certificates that have already expired.

  • This chart queries the asset database and uses the query Asset Type match CERT AND Asset Expiry time within past 999 years. This query searches for all expired certificates in the environment.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Asset Expiry Time.

  • The Chart Type is “Bar”.

• Expired Certs All Expired. This chart displays the domains that have expired certificates.

  • This chart queries the asset database and uses the query Asset Type match CERT AND Asset Expiry time within past 999 years. This query searches for all expired certificates in the environment.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, Full Domain Name and Asset Expiry Time.

  • The Chart Type is “Table”.

• Full Certificate List. This chart displays all domains with certificates.

  • This chart queries the asset database and uses the query Asset Type match CERT. This query searches for all certificates.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, Full Domain Name and Asset Expiry Time.

  • The Chart Type is “Table”.

• Upcoming Expirations. This table lists the expiry dates coming up in the next 60 days and the number of assets that will expire on those dates.

  • This chart queries the asset database and uses the query Asset Type match CERT AND Asset Expiry Time within future 60 days. This query searches for all certificates that will expire in the next 60 days

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Asset Expiry Time.

  • The Chart Type is “Bar”.

• Upcoming Expirations 60 Days Out. This chart displays the domains for which certificates will expire in the next 60 days.

  • This chart queries the asset database and uses the query Asset Type match CERT AND Asset Expiry Time within future 60 days. This query searches for all certificates that will expire in the next 60 days.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, Full Domain Name and Asset Expiry Time.

  • The Chart Type is “Table”.

Crown Jewels #

Crown Jewels is a term for the most critical assets in your organization. The Crown Jewels dashboard displays information about the current status of Crown Jewels, including details about Crown Jewels with CVEs, KEVs, and fixable KEVs.

Base Query #

Most of the charts in this dashboard use a query like:

Crown Jewels == True

This query searches for all assets where the field Crown Jewels contains the value True.

NOTE: Crown Jewels is a SmartLabel that you can clone and customize to meet your specific criteria for Crown Jewels. The default criteria is:

• Windows and Linux servers that are currently online

OR

• Windows and Linux servers that are in the production IP group

OR

• VMware EXSi hosts

OR

• Public FTP servers

OR

• Domain controllers

Charts #

• Assets Tagged as Crown Jewels. This chart displays the total number of Crown Jewels in the environment.

  • This chart queries the asset database and uses the query Crown Jewels == True. This query searches for all assets considered Crown Jewels.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets Tagged as Crown Jewels. This chart displays the Lucidum Asset Name Location, and Lucidum OS Version for each Crown Jewel.

  • This chart queries the asset database and uses the query Crown Jewels == True. This query searches for all assets considered Crown Jewels.

  • From the data returned by the query, the Categories field specifies the columns to display in the table. In this case, the table displays columns for Lucidum Asset Name, Location, and Lucidum OS Version.

  • The Chart Type is “Table”.

• Crown Jewels with CVEs. This chart displays the number of Crown Jewels that have either one or more critical CVEs or one or more High CVEs.

  • This chart queries the asset database and uses the query Crown Jewels == True AND Critical Vulns exists OR High Vulns exists. This query searches for all assets considered Crown Jewels that have one or more critical vulnerabilities or one or more high vulnerabilities.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Crown Jewels with CVEs: Crits & Highs. This chart displays the Lucidum Asset Name, Critical CVE List, and High CVE List for each Crown Jewels that has either one or more critical CVEs or one or more High CVEs.

  • This chart queries the asset database and uses the query Crown Jewels == True AND Critical Vulns exists OR High Vulns exists. This query searches for all assets considered Crown Jewels that have one or more critical vulnerabilities or one or more high vulnerabilities.

  •  From the data returned by the query, the Categories field specifies the columns to display in the table. In this case, the table displays columns for Lucidum Asset Name, Critical CVE List, and High CVE List.

  • The Chart Type is “Table”.

• Crown Jewels with KEVs. This chart displays the number of Crown Jewels that have either one or more Known Exploited Vulnerabilities (KEVs).

  • This chart queries the asset database and uses the query Crown Jewels == True AND Vulnerabilities matching all:: Known Exploited Vulnerability (True/False) == True. This query searches for all assets considered Crown Jewels that have one or more KEVs.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Crown Jewels with KEVs: Critical & High Vulnerabilities. This chart displays the Lucidum Asset Name and KEV List for each Crown Jewels that has one or more Known Exploited Vulnerabilities (KEVs).

  • This chart queries the asset database and uses the query Crown Jewels == True AND Vulnerabilities matching all:: Known Exploited Vulnerability (True/False) == True. This query searches for all assets considered Crown Jewels that have one or more KEVs.

  • From the data returned by the query, the Categories field specifies the columns to display in the table. In this case, the table displays columns for Lucidum Asset Name and KEV List.

  • The Chart Type is “Table”.

• Crown Jewels with Fixable KEVs. This chart displays the number of Crown Jewels that have either one or more Known Exploited Vulnerabilities (KEVs) that are fixable.

  • This chart queries the asset database and uses the query Crown Jewels == True AND Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True,  Known Vulnerability Fix (True/False) == True. This query searches for all assets considered Crown Jewels that have one or more KEVs AND one or more of the KEVs are fixable.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Crown Jewels with Fixable KEVs: Known Exploited Vulnerabilities w/Mitigations or Fixes. This chart displays the Lucidum Asset Name, Location, and Lucidum OS Version for each Crown Jewel that has one or more Known Exploited Vulnerabilities (KEVs) that are fixable.

  • This chart queries the asset database and uses the query Crown Jewels == True AND Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True,  Known Vulnerability Fix (True/False) == True. This query searches for all assets considered Crown Jewels that have one or more KEVs AND one or more of the KEVs are fixable.

  • From the data returned by the query, the Categories field specifies the columns to display in the table. In this case, the table displays columns for Lucidum Asset Name, Location, and Lucidum OS Version.

  • The Chart Type is “Table”.

EOL Operating Systems (By Dept.) #

The EOL Operating Systems (By Dept.) dashboard provides information about Windows, macOS, and Linux operating systems that have reached end-of-life (EOL) and are still online.

The EOL Operating Systems (By Dept.) dashboard looks like this:

• Windows Servers by OS Version. This chart displays the active or pending Windows servers by OS version.

  • This chart queries the asset database and uses the query Windows Server == True AND Last Time Seen within 3 months AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets where Windows Server is true, the asset was last seen within the last three months, and the status of the asset is online or pending.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL Windows Servers. This chart displays the total number of Windows servers that have EOL operating systems.

  • This chart queries the asset database and uses the query Windows Server == True AND OS Support Status is EOL AND Last Time Seen within 3 months AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets where Windows Server is true, the Support Status is EOL, the asset was last seen within the last three months, and the assets is online or pending.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• All MacOS Assets by OS Version. This chart displays the total number of Mac assets in your environment.

  • This chart queries the asset database and uses the query Luciudm OS Category match macOs AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running MacOS, that have been seen within the last three months, and have a status of online or pending.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name that match the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL macOS Assets. This chart displays the total number of MacOS servers that have EOL operating systems.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL. This query searches for all assets running MacOS operating systems, that have been seen within the last three months, are online or pending, and have a support status of EOL.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name that match the query.

  • The Chart Type is “Big Number”.

• EOL Windows Servers by OS Version. This chart displays all the end-of-life Windows server versions in the environment and the number of assets running each EOL version of Windows Server.

  • This chart queries the asset database and uses the query Windows Server == True AND OS Support Status match EOL AND Last Time Seen within 3 months AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all Windows Server assets with an OS Support Status of EOL, that have been seen within the last three months, and are online or pending.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL Windows Servers by Department (Excl. Versions in Extended Support). This chart displays the name of each department that has EOL windows assets and the number of such assets in each department.

  • This chart queries the asset database and uses the query Windows Server == True AND OS Support Status match EOL AND Last Time Seen within 3 months AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all Windows Server assets with an OS Support Status of EOL, that have been seen within the last three months, and are online or pending.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Department.

  • The Chart Type is “Bar”.

• EOL macOS Assets by OS Version. This chart displays all the end-of-life MacOS assets in the environment and the number of assets running each EOL version of macOS.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL. This query searches for all assets running MacOS operating systems, that have been seen in the last three months, that are running an EOL version of MacOS, and are online or pending.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL macOS Assets by Department. This chart displays the name of each department that has EOL MacOS assets and the number of such assets in each department.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending and OS Support Status match EOL. This query searches for all assets running MacOS operating systems, that have been seen in the last three months, that are online or pending, and that have an OS Support status of EOL.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Department.

  • The Chart Type is “Bar”.

• Windows Workstations by OS Version. This chart displays the active or pending Windows workstations by OS version.

  • This chart queries the asset database and uses the query Windows Workstation == True AND Last Time Seen within 3 months AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all Windows Workstation assets that have been seen within the last three months, and are online or pending.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL Windows Workstations. This chart displays the total number of Windows servers that have EOL operating systems.

  • This chart queries the asset database and uses the query Windows Workstation == True AND Last Time Seen within 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status is EOL AN. This query searches for all assets where Windows Workstation is true, the asset was last seen within the last three months, the assets is online or pending, and the OS Support Status is EOL.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Linux Assets by OS Version. This chart displays the total number of Mac assets in your environment.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Last Time Seen within last 3 months AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all Linux assets that have been seen within the last three months and have a status of online or pending.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL Linux Assets (Total EOL).This chart displays the total number of Linux servers that have EOL operating systems.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Last Time Seen within last 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL. This query searches for all Linux assets that have been seen within the last three months, have a status of online or pending, and have a Support Status of EOL

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name returned by the query.

  • The Chart Type is “Big Number”.

• EOL Workstations by OS Version. This chart displays all the end-of-life Windows Workstations in the environment and the number of assets running each EOL version of Windows.

  • This chart queries the asset database and uses the query Windows Workstation == True AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL. This query searches for all assets with that are Windows Workstations, have been seen in the last three months, are online or pending, and have a support status of EOL.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL Workstations By Department. This chart displays all the end-of-life Windows Workstations in the environment and the number of EOL Windows Workstations in each department.
  • This chart queries the asset database and uses the query Windows Workstation == True AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL. This query searches for all assets with that are Windows Workstations, have been seen in the last three months, are online or pending, and have a support status of EOL.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Department.

  • The Chart Type is “Bar”.

• EOL Linux Assets by OS Version. This chart displays the total number of Mac assets in your environment that are running end-of-life versions of their operating systems.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Last Time Seen within last 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL. This query searches for all Linux assets that have been seen within the last three months, have a status of online or pending, and have an OS Support Status of EOL.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL Linux Assets by Department. This chart displays the name of each department that has EOL Linux assets and the number of such assets in each department.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Last Time Seen within last 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL. This query searches for all Linux assets that have been seen within the last three months, have a status of online or pending, and have an OS Support Status of EOL.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Department.

  • The Chart Type is “Bar”.

EOL Operating Systems (KEVs) #

The The EOL Operating Systems (KEVs) dashboard provides information about Windows, macOS, and Linux operating systems that have reached end-of-life (EOL) and those EOL operating systems that have known exploited vulnerabilities (KEVs).

The EOL Operating Systems (KEVs) dashboard looks like this:

Base Query #

Most of the charts in this dashboard use a query like:

Windows Server == True AND OS Support Status match EOL AND Last Time Seen wihtin past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending

This query searches for Windows Servers that has a support status of EOL, are online or pending, and have been seen within the last 3 months.

If you want to edit this dashboard to monitor other operating systems, you can select a different value for OS and Version.

Charts #

• Windows Servers by OS Version. This chart displays the active or pending Windows servers by OS version.

  • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match server AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets with an OS Category of Microsoft Windows that are servers and are online or pending.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL Windows Servers. This chart displays the total number of Windows servers that have EOL operating systems.

  • This chart queries the asset database and uses the query Windows Server == True AND OS Support Status match EOL AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Windows operating systems, that are servers, are running an EOL version of Windows, and are online or pending.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• All macOS Assets by OS Version. This chart displays the total number of Mac assets in your environment.

  • This chart queries the asset database and uses the query Luciudm OS Category match macOs AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all Mac assets running MacOS.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name that match the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL MacOS Assets. This chart displays the total number of MacOS servers that have EOL operating systems.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND OS and Version exists AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL AND Last Time Seen within past 3 months. This query searches for all assets running MacOS operating systems, that running an EOL version of MacOS, and are online or pending.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name that match the query.

  • The Chart Type is “Big Number”.

• EOL Windows Servers by OS Version. This chart displays all the end-of-life Windows server versions in the environment and the number of assets running each EOL version of Windows Server.

  • This chart queries the asset database and uses the query Windows Server == True AND OS Support Status match EOL AND Last Time Seen withing past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Windows Server operating systems that are EOL and are online or pending.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL Windows Servers by KEV. This chart displays the number of assets running end-of-life Windows server versions and the number of KEVs associated with each EOL version of Windows Server.

  • This chart queries the asset database and uses the query Windows Server == True AND OS Support Status match EOL AND Last Time Seen within past 3 months AND KEV Count >= 1 AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Windows Server operating systems that are EOL, have more than one KEV, and are online or pending.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Kev List.

  • The Chart Type is “Bar”.

• EOL macOS Assets by OS Version. This chart displays all the end-of-life MacOS assets in the environment and the number of assets running each EOL version of macOS.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL. This query searches for all assets running MacOS operating systems, that have been seen within the last 3 months, that are online or pending, and are running an EOL version of MacOS.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL MacOS Assets by OS KEV. This chart displays the number of assets running end-of-life MacOS operating systems and the number of KEVs associated with each EOL version of MacOS.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL AND KEV Count >= 1. This query searches for all assets running MacOS operating systems, that have been seen within the last 3 months, that are online or pending, are running an EOL version of MacOS, and have at least one KEV.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Kev List.

  • The Chart Type is “Bar”.

• Windows Workstations by OS Version. This chart displays the active or pending Windows workstations by OS version.

  • This chart queries the asset database and uses the query Windows Workstation == True AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending. Status match Pending. This query searches for all assets with that are Windows Workstations, have been seen in the last three months, and are online or pending.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL Windows Workstation/Laptops. This chart displays the total number of Windows workstations or laptops that have EOL operating systems.

  • This chart queries the asset database and uses the query Windows Workstation == True AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL. This query searches for all assets with that are Windows Workstations, have been seen in the last three months, are online or pending, and have a support status of EOL.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Linux Assets by OS Version. This chart displays the total number of Mac assets in your environment.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Last Time Seen within last 3 months AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all Linux assets that have been seen within the last three months and have a status of online or pending.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL Linux Assets. This chart displays the total number of Linux servers that have EOL operating systems.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Last Time Seen within last 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL. This query searches for all Linux assets that have been seen within the last three months, have a status of online or pending, and have a Support Status of EOL

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name returned by the query.

  • The Chart Type is “Big Number”.

• EOL Workstations by OS Version. This chart displays all the end-of-life Windows versions in the environment and the number of assets running each EOL version of Windows.

  • This chart queries the asset database and uses the query Windows Workstation == True AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL. This query searches for all assets with that are Windows Workstations, have been seen in the last three months, are online or pending, and have a support status of EOL.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL Workstations by KEV. This chart displays Windows Workstations that are EOL and also have one or more KEVs. The chart shows the number of EOL Windows Workstations for each KEV.

  • This chart queries the asset database and uses the query Windows Workstation == True AND Last Time Seen within past 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND AND OS Support Status match EOL AND KEV Count >= 1. This query searches for all assets that are Windows workstations, that have been seen within the last 3 months, that are online or pending, are running an EOL version of MacOS, and have at least one KEV.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the KEV List.

  • The Chart Type is “Bar”.

• EOL Linux Assets by OS Ver. This chart displays all the end-of-life Linux assets in the environment and the number of assets running each EOL version of Linux.

• • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Last Time Seen within last 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL. This query searches for all assets running Linux operating systems, seen within the last 3 months, with a status of online or pending and with a support status of EOL.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• EOL Linux Assets by KEV. This chart displays the number of assets running end-of-life Linux operating systems and the number of KEVs associated with each EOL version of Linux.

• • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Last Time Seen within last 3 months AND Lucidum Status match Online OR Lucidum Status match Pending AND OS Support Status match EOL AND KEV Count >= 1. This query searches for all assets running Linux operating systems, that have been seen within the last three months, that have a support status of EOL and that have one or more KEVs.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the KEV List.

  • The Chart Type is “Bar”.

EOL Summary #

The EOL Summary dashboard provides a list of all operating system versions in your environment that have reached end-of-life status by their respective vendors or distro maintainers. Note that end-of-life operating systems can include those under extended support agreements negotiated with the vendor.

The EOL Summary dashboards looks like this:

Base Query #

Most of the charts in this dashboard use a query like:

Lucidum OS Category match Linux AND OS Support Status exists and Lucidum Status match Online

This query looks for assets with an operating system of category “Linux” that are online and include a value for the OS Support Status field. The operating system category is specific to each chart.

Charts #

• EOL Windows Server. This pie chart displays the percentage of Windows Servers that are EOL and the percentage of Windows Servers that are not EOL.

  • This chart queries the asset database and uses the query Windows Server == True AND OS Support Status exists AND Lucidum Status match Online. This query searches for all assets running a Windows Server operating system that are online and include a value in the OS Support Status field.

  • From the data returned by the query, the Category field specifies the value for the entire pies. In this case, the pie represents all Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the attribute that you want to apply to the members of the pie (the slices). In this case, the slices are the values from OS Support Status.

  • The Chart Type is “Pie”.

• EOL Windows Workstation. This pie chart displays the percentage of Windows Workstations that are EOL and the percentage of Windows Workstations that are not EOL.

  • This chart queries the asset database and uses the query Windows Workstation == True AND OS Support Status exists AND Lucidum Status match Online. This query searches for all assets running a Windows Workstation operating system that are online and include a value in the OS Support Status field.

  • From the data returned by the query, the Category field specifies the value for the entire pies. In this case, the pie represents all Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the attribute that you want to apply to the members of the pie (the slices). In this case, the slices are the values from OS Support Status.

  • The Chart Type is “Pie”.

• EOL Linux Systems. This pie chart displays the percentage of Linux systems that are EOL and the percentage of Linux systems that are not EOL.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND OS Support Status exists AND Lucidum Status match Online. This query searches for all assets running a Linux operating system that are online and include a value in the OS Support Status field.

  • From the data returned by the query, the Category field specifies the value for the entire pies. In this case, the pie represents all Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the attribute that you want to apply to the members of the pie (the slices). In this case, the slices are the values from OS Support Status.

  • The Chart Type is “Pie”.

• EOL macOs Systems. This pie chart displays the percentage of macOS systems that are EOL and the percentage of macOs systems that are not EOL.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND OS Support Status exists AND Lucidum Status match Online. This query searches for all assets running a macOS operating system that are online and include a value in the OS Support Status field.

  • From the data returned by the query, the Category field specifies the value for the entire pies. In this case, the pie represents all Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the attribute that you want to apply to the members of the pie (the slices). In this case, the slices are the values from OS Support Status.

  • The Chart Type is “Pie”.

• EOL Unix Systems. This pie chart displays the percentage of Unix systems that are EOL and the percentage of Unix systems that are not EOL.

  • This chart queries the asset database and uses the query Lucidum OS Category match Unix AND OS Support Category exists AND Lucidum Status match Online. This query searches for all assets running a Unix operating system that are online and include a value in the OS Support Status field.

  • From the data returned by the query, the Category field specifies the value for the entire pies. In this case, the pie represents all Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the attribute that you want to apply to the members of the pie (the slices). In this case, the slices are the values from OS Support Status.

  • The Chart Type is “Pie”.

• EOL VMware Systems. This pie chart displays the percentage of VMware systems that are EOL and the percentage of VMware systems that are not EOL.

  • This chart queries the asset database and uses the query Lucidum OS Category match VMware AND OS Support Status exists AND Lucidum Status match Online. This query searches for all assets running a VMware operating system that are online and include a value in the OS Support Status field.

  • From the data returned by the query, the Category field specifies the value for the entire pies. In this case, the pie represents all Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the attribute that you want to apply to the members of the pie (the slices). In this case, the slices are the values from OS Support Status.

  • The Chart Type is “Pie”.

• Windows Server EOL OS Counts. This table lists the Windows Server versions that are EOL and the number of assets in the environment that are running that EOL OS.
  • This chart queries the asset database and uses the query Windows Server == True AND OS Support Status match EOL AND Lucidum Status match Online. This query searches for all assets running a Windows Server operating system that are online and have a OS Support Status of EOL.

  • From the data returned by the query, the Category field the columns. In this case, the column is a count of Lucidum Asset Name returned by the query (Asset Count column).

  • From the data returned by the query, the Series field specifies each row. In this case, the table includes a row for each Lucidum OS Version.

  • The Chart Type is “Table”.

• Windows Workstation EOL Counts. This table lists the Windows Workstation versions that are EOL and the number of assets in the environment that are running that EOL OS.
  • This chart queries the asset database and uses the query Windows Workstation == True AND OS Support Status match EOL AND Lucidum Status match Online. This query searches for all assets running a Windows Workstation operating system that are online and have a OS Support Status of EOL.

  • From the data returned by the query, the Category field the columns. In this case, the column is a count of Lucidum Asset Name returned by the query (Asset Count column).

  • From the data returned by the query, the Series field specifies each row. In this case, the table includes a row for each Lucidum OS Version.

  • The Chart Type is “Table”.

• Linux EOL Counts. This table lists the Linux versions that are EOL and the number of assets in the environment that are running that EOL OS.
  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND OS Support Status match EOL AND Lucidum Status match Online. This query searches for all assets running a Linux operating system that are online and and have a OS Support Status of EOL.

  • From the data returned by the query, the Category field the columns. In this case, the column is a count of Lucidum Asset Name returned by the query (Asset Count column).

  • From the data returned by the query, the Series field specifies each row. In this case, the table includes a row for each Lucidum OS Version.

  • The Chart Type is “Table”.

• macOS EOL Counts. This table lists the macOS versions that are EOL and the number of assets in the environment that are running that EOL OS.
  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND OS Support Status match EOL AND Lucidum Status match Online. This query searches for all assets running a macOS operating system that are online and and have a OS Support Status of EOL.

  • From the data returned by the query, the Category field the columns. In this case, the column is a count of Lucidum Asset Name returned by the query (Asset Count column).

  • From the data returned by the query, the Series field specifies each row. In this case, the table includes a row for each Lucidum OS Version.

  • The Chart Type is “Table”.

• Unix EOL Counts. This table lists the Unix versions that are EOL and the number of assets in the environment that are running that EOL OS.
  • This chart queries the asset database and uses the query Lucidum OS Category match Unix AND OS Support Category match EOL AND Lucidum Status match Online. This query searches for all assets running a Unix operating system that are online and and have a OS Support Status of EOL.

  • From the data returned by the query, the Category field the columns. In this case, the column is a count of Lucidum Asset Name returned by the query (Asset Count column).

  • From the data returned by the query, the Series field specifies each row. In this case, the table includes a row for each Lucidum OS Version.

  • The Chart Type is “Table”.

• VMware EOL Counts. This table lists the VMware versions that are EOL and the number of assets in the environment that are running that EOL OS.
  • This chart queries the asset database and uses the query Lucidum OS Category match VMware AND OS Support Status match EOL AND Lucidum Status match Online. This query searches for all assets running a VMware operating system that are online and and have a OS Support Status of EOL.

  • From the data returned by the query, the Category field the columns. In this case, the column is a count of Lucidum Asset Name returned by the query (Asset Count column).

  • From the data returned by the query, the Series field specifies each row. In this case, the table includes a row for each Lucidum OS Version.

  • The Chart Type is “Table”.

• Windows Server All OS Counts. This table lists the versions of Windows Server in the environment and the number of assets for each version.
  • This chart queries the asset database and uses the query Windows Server == True AND OS Support Status exists AND Lucidum Status match Online. This query searches for all assets running a Windows Server operating system that are online and include a value in the OS Support Status field.

  • From the data returned by the query, the Category field the columns. In this case, the column is a count of Lucidum Asset Name returned by the query (Asset Count column).

  • From the data returned by the query, the Series field specifies each row. In this case, the table includes a row for each Lucidum OS Version.

  • The Chart Type is “Table”.

• Windows Workstation All OS Counts. This table lists the versions of Windows Workstation in the environment and the number of assets for each version.
  • This chart queries the asset database and uses the query Windows Workstation == True AND OS Support Status exists AND Lucidum Status match Online. This query searches for all assets running a Windows Workstation operating system that are online and include a value in the OS Support Status field.

  • From the data returned by the query, the Category field the columns. In this case, the column is a count of Lucidum Asset Name returned by the query (Asset Count column).

  • From the data returned by the query, the Series field specifies each row. In this case, the table includes a row for each Lucidum OS Version.

  • The Chart Type is “Table”.

• Linux All OS Counts. This table lists the Linux versions in the environment and the number of assets for each version.
  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND OS Support Status exists AND Lucidum Status match Online. This query searches for all assets running a Linux operating system that are online and include a value in the OS Support Status field.

  • From the data returned by the query, the Category field the columns. In this case, the column is a count of Lucidum Asset Name returned by the query (Asset Count column).

  • From the data returned by the query, the Series field specifies each row. In this case, the table includes a row for each Lucidum OS Version.

  • The Chart Type is “Table”.

• macOS All OS Counts. This table lists the macOS versions in the environment and the number of assets for each version.
  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND OS Support Status exists AND Lucidum Status match Online. This query searches for all assets running a macOS operating system that are online and include a value in the OS Support Status field.

  • From the data returned by the query, the Category field the columns. In this case, the column is a count of Lucidum Asset Name returned by the query (Asset Count column).

  • From the data returned by the query, the Series field specifies each row. In this case, the table includes a row for each Lucidum OS Version.

  • The Chart Type is “Table”.

• Unix All OS Counts. This table lists the Unix versions in the environment and the number of assets for each version.
  • This chart queries the asset database and uses the query Lucidum OS Category match Unix AND OS Support Category exists AND Lucidum Status match Online. This query searches for all assets running a Unix operating system that are online and include a value in the OS Support Status field.

  • From the data returned by the query, the Category field the columns. In this case, the column is a count of Lucidum Asset Name returned by the query (Asset Count column).

  • From the data returned by the query, the Series field specifies each row. In this case, the table includes a row for each Lucidum OS Version.

  • The Chart Type is “Table”.

• VMware All OS Counts. This table lists the VMware versions in the environment and the number of assets for each version.
  • This chart queries the asset database and uses the query Lucidum OS Category match VMware AND OS Support Status exists AND Lucidum Status match Online. This query searches for all assets running a VMware operating system that are online and include a value in the OS Support Status field.

  • From the data returned by the query, the Category field the columns. In this case, the column is a count of Lucidum Asset Name returned by the query (Asset Count column).

  • From the data returned by the query, the Series field specifies each row. In this case, the table includes a row for each Lucidum OS Version.

  • The Chart Type is “Table”.

Exposed Assets #

The Exposed Assets dashboard displays assets that are publicly exposed with an external port.

The Exposed Assets dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use a query like:

External Port exists

The query searches for all assets with an external port.

Charts #

• Assets w/Exposed Ports Total. This chart displays the number of assets with one or more external ports.

  • This chart queries the asset database and uses the query External Ports exists. This query searches for all assets that include an external port.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets w/Exposed Ports Critical Vulns Exist. This chart displays the number of assets with one or more external ports and a Critical CVEs.

  • This chart queries the asset database and uses the query External Ports exists AND Critical CVE List exists. This query searches for all assets that include an external port and also include critical CVEs.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets w/Exposed Ports TOR Node or SANS Malicious IP. . This chart displays the number of assets with one or more external ports and an IP from a TOR node.

  • This chart queries the asset database and uses the query External Ports exists AND TOR Node IP (yes/no) != no. This query searches for all assets that include an external port and also include an IP from a TOR node.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets w/Exposed Ports Listing. This chart lists the assets with one or more external ports.

  • This chart queries the asset database and uses the query External Ports exists. This query searches for all assets that include an external port.

    • From the data returned by the query, the Category fields specifies the columns in the table. In this case, Cloud Account, Critical Vulns, Exposed Ports, Full Domain Name, High Vulns, KEV Count, Lucidum Asset Name, Lucidum OS Category, Public IP Address, Tag::Value

  • The Chart Type is “Table”.

• Assets by External Ports. This chart displays the number of assets with one or more external ports, organized by external port.

  • This chart queries the asset database and uses the query External Ports exists. This query searches for all assets that include an external port and have a critical CVE.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the External Ports.

  • The Chart Type is “Bar”.

• Assets w/Exposed Ports 90-Day History. This chart displays the total number of assets with one or more external ports, each day for the last 90 days.

  • This chart queries the asset database and uses the query External Ports exists AND Record Generated Time within past 3 months. This query searches for all assets that include an external port within the last 3 months.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Record Generated Time.

  • The Chart Type is “Bar”.

Priorities: All KEVs #

The Priorities: All KEVs dashboard displays information about assets with Known Exploited Vulnerabilities (KEVs), including which of those KEVs are high or critical and which of those KEVs have solutions or workarounds.

The Priorities: All KEVs dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use a query like:

Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True

or

KEV Count >= 1

The first query searches for information about assets with any KEVs.

The second query returns a count of assets with KEVs.

Charts #

• Total Assets. This chart displays a count of the total assets in the environment.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix. This query searches for all compute assets.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets w/High or Critical Vulns. This chart displays a count of assets with critical vulnerabilities or high vulnerabilities.

  • This chart queries the asset database and uses the query Critical CVE list exists OR High CVE lists exists. This query searches for all assets with critical CVEs or high CVEs.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets with Known Exploited Vulnerabilities. This chart displays a count of assets with known exploited vulnerabilities (KEVs).

  • This chart queries the asset database and uses the query KEV Count >= 1. This query searches for all assets with one or more KEVs.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• KEV Assets with Solutions or Workarounds. This chart displays a count of assets with known exploited vulnerabilities (KEVs) that have fixes or workarounds.

  • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Fixable (True/False) == True. This query searches for all assets that include a KEV that has a workaround or fix.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Windows Server Assets w/KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

  • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Lucidum OS Version match windows server. This query searches for all Windows server assets that include a KEV.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

    Windows Workstation Assets w/KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

    • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Lucidum OS Version not match windows server AND Lucidum OS match windows. This query searches for all Windows workstation assets that include a KEV.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

• Linux Assets w/KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

  • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Lucidum OS CAtegory match Linux. This query searches for all Linux assets that include a KEV.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

• Apple Assets w/KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

  • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Lucidum OS CAtegory in iOS,macOS,tvOS,iPadOS. This query searches for all Apple assets that include a KEV.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

• Unix Assets w/KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

  • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Lucidum OS Category match Unix. This query searches for all Unix assets that include a KEV.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

Priorities: Fixable KEVs #

The Priorities: Fixable KEVs dashboard displays information about assets with Known Exploited Vulnerabilities (KEVs), including which of those KEVs are high or critical, which of those KEVs have solutions or workarounds, and which assets in the environment are not scanned for KEVs.

The Priorities: Fixable KEVs dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use a query like:

Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Known Exploited Vulnerability Fix (True/False) == True

The first query searches for assets with KEVs that have a fix or workaround.

Charts #

• Total Assets. This chart displays a count of the total assets in the environment.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix. This query searches for all compute assets.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets w/High or Critical Vulns. This chart displays a count of assets with critical vulnerabilities or high vulnerabilities.

  • This chart queries the asset database and uses the query Critical CVE list exists OR High CVE lists exists AND Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix. This query searches for all compute assets with critical CVEs or high CVEs.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets with Known Exploited Vulnerabilities. This chart displays a count of assets with known exploited vulnerabilities (KEVs).

  • This chart queries the asset database and uses the query KEV Count >= 1 AND Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix. This query searches for all compute assets with one or more KEVs.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• KEV Assets with Solutions or Workarounds. This chart displays a count of assets with known exploited vulnerabilities (KEVs) that have fixes or workarounds.

  • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Fixable (True/False) == True AND Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix. This query searches for all compute assets that include a KEV that has a workaround or fix.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Unscanned Assets. This chart displays a count of assets that have not been scanned for vulnerabilities.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix AND Data Sources not match Rapid7 AND AND Data Sources not match Lackework AND Data Sources not match Crowdstrike AND Data Sources not match SentinelOne AND Data Sources not match Tenable AND Data Sources not match Symantec. This query searches for all compute assets that do not have at least one of the following installed: Lacework, Rapid7, CrowdStrike, SentinelOne, Tenable, or Symantec.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Unscanned Assets by OS Category. This chart displays assets that have not been scanned for vulnerabilities, organized by operating system category (for example, Microsoft, Linux, MacOS, Unix).

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix AND Data Sources not match Rapid7 AND AND Data Sources not match Lackework AND Data Sources not match Crowdstrike AND Data Sources not match SentinelOne AND Data Sources not match Tenable AND Data Sources not match Symantec. This query searches for all compute assets that do not have at least one of the following installed: Lacework, Rapid7, CrowdStrike, SentinelOne, Tenable, or Symantec.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Lucidum OS Category.

  • The Chart Type is “Pie”.

• Windows Server Assets w/Fixable KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

  • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Vulnerability Fix (True/False) == True AND Known Exploited Vulnerability (True/False) == True AND Lucidum OS Version match windows server. This query searches for all Windows server assets that include a KEV with a known fix or workaround.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

• Windows Workstation Assets w/Fixable KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

  • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Vulnerability Fix (True/False) == True AND Known Exploited Vulnerability (True/False) == True AND Lucidum OS Version not match windows server AND Lucidum OS Version match windows. This query searches for all Windows workstation assets that include a KEV with a known fix or workaround.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

• Linux Assets w/Fixable KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

  • This chart queries the asset database and uses the query Lucidum Os Category match Linux ANd Vulnerabilities matching all: Known Vulnerability Fix (True/False) == True AND Known Exploited Vulnerability (True/False) == True. This query searches for all Linux server assets that include a KEV with a known fix or workaround.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

• Apple Assets w/Fixable KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

  • This chart queries the asset database and uses the query Lucidum OS Category in iOS,macOS,tvOS,iPadOS AND Vulnerabilities matching all: Known Vulnerability Fix (True/False) == True AND Known Exploited Vulnerability (True/False) == True. This query searches for all Apple server assets that include a KEV with a known fix or workaround.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

• Unix Assets w/Fixable KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

  • This chart queries the asset database and uses the query Lucidum OS Category match Unix AND Vulnerabilities matching all: Known Vulnerability Fix (True/False) == True AND Known Exploited Vulnerability (True/False) == True. This query searches for all Unix assets that include a KEV with a known fix or workaround.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

Priorities: Highs & Crits #

The Priorities: Highs & Crits dashboard displays information about assets with High or Critical CVEs, including information about KEVs in the environment and which of those KEVs have solutions or workarounds.

The Priorities: Highs & Crits dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use a query like:

Critical CVE list exists OR High CVE lists exists

The query searches assets with either one or more critical CVEs or one or more high CVEs.

Charts #

• Total Assets. This chart displays a count of the total assets in the environment.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix. This query searches for all compute assets.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets w/High or Critical Vulns. This chart displays a count of assets with critical vulnerabilities or high vulnerabilities.

  • This chart queries the asset database and uses the query Critical CVE list exists OR High CVE lists exists. This query searches for all assets with critical CVEs or high CVEs.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets with Known Exploited Vulnerabilities. This chart displays a count of assets with known exploited vulnerabilities (KEVs).

  • This chart queries the asset database and uses the query KEV Count >= 1. This query searches for all assets with one or more KEVs.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• KEV Assets with Solutions or Workarounds. This chart displays a count of assets with known exploited vulnerabilities (KEVs) that have fixes or workarounds.

  • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Fixable (True/False) == True. This query searches for all assets that include a KEV that has a workaround or fix.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Windows Server Assets w/High or Critical Vulns. This chart displays a list of Windows Server assets that have critical or high vulnerabilities. The table also includes details about KEVs and the asset.

  • This chart queries the asset database and uses the query Lucidum OS Version match windows server AND Critical Vulns exists OR High Vulns exists. This query searches for all Windows server assets that have one or more critical vulnerabilities or high vulnerabilities.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

• Windows Workstation Assets w/High or Critical Vulns. This chart displays a list of Windows Server assets that have critical or high vulnerabilities. The table also includes details about KEVs and the asset.

  • This chart queries the asset database and uses the query Lucidum OS Version not match windows server AND Lucidum OS Version match windows AND Critical Vulns exists OR High Vulns exists. This query searches for all Windows workstation assets that have one or more critical vulnerabilities or high vulnerabilities.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

• Linux Assets w/High or Critical Vulns. This chart displays a list of Windows Server assets that have critical or high vulnerabilities. The table also includes details about KEVs and the asset.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Critical Vulns exists OR High Vulns exists. This query searches for all Linux assets that have one or more critical vulnerabilities or high vulnerabilities.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

• Apple Assets w/High or Critical Vulns. This chart displays a list of Windows Server assets that have critical or high vulnerabilities. The table also includes details about KEVs and the asset.

  • This chart queries the asset database and uses the query Lucidum OS Category in iOS,macOS,tvOS,iPadOS AND Critical Vulns exists OR High Vulns exists This query searches for all Apple assets that have one or more critical vulnerabilities or high vulnerabilities.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.

• Unix Assets w/High or Critical Vulns. This chart displays a list of Windows Server assets that have have critical or high vulnerabilities. The table also includes details about KEVs and the asset.

  • This chart queries the asset database and uses the query Lucidum OS Category match Unux AND Critical Vulns exists OR High Vulns exists. This query searches for all Unix assets that have one or more critical vulnerabilities or high vulnerabilities.

  • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

  • The Chart Type is “Table”.