Lucidum’s cyber beard is thriving! A Rising in Cyber 2025 Honoree! See the wisdom behind the whiskers → [Learn More!]

Lucidum’s cyber beard is thriving! A Rising in Cyber 2025 Honoree! See the wisdom behind the whiskers → [Learn More!]
View Categories

Security & IT Ops Dashboards

Estimated Reading Time: 63 min read

The pre-built Value-Oriented Dashboards include the following Security & IT Ops dashboards:

  • Certificate Summary. This dashboard displays information about SSL certificates, including information about the key algorithms, expiry dates, CA, and certificate versions.

  • Crown Jewels. Crown Jewels is a term for the most critical assets in your organization. This dashboard displays information about the current status of Crown Jewels, including details about Crown Jewels with CVEs, KEVs, and fixable KEVs.

  • EOL Operating Systems (KEVs). This dashboard provides information about Windows, macOS, and Linux operating systems that have reached end-of-life (EOL) and those EOL operating systems that have known exploited vulnerabilities (KEVs).

  • EOL Operating Systems (Online Assets). This dashboard provides information about Windows, macOS, and Linux operating systems that have reached end-of-life (EOL) and are still online.

  • Exposed Assets. The Exposed Assets dashboard displays assets that are publicly exposed with an external port.

  • Priorities: All KEVs. Displays information about assets with Known Exploited Vulnerabilities (KEVs), including which of those KEVs are high or critical and which of those KEVs have solutions or workarounds.

  • Priorities: Fixable KEVs. Displays information about assets with Known Exploited Vulnerabilities (KEVs), including which of those KEVs are high or critical, which of those KEVs have solutions or workarounds, and which assets in the environment are not scanned for KEVs.

  • Priorities: Highs & Crits. Displays information about assets with High or Critical CVEs, including information about KEVs in the environment and which of those KEVs have solutions or workarounds.

Required Connectors #

To find all the assets in your environment, including certificate information about those assets and operating system information about those assets, Lucidum recommends you configure Lucidum connectors for:

  • The Endpoint Management solutions in your environment (for example, Jamf, Intune, Citrix Endpoint Management, Symantec Endpoint Management, Hexnode)

  • The Endpoint Protection solutions in your environment (for example, Trellix Endpoint Security, Symantec Endpoint Protection, SentinelOne, Crowdstrike Falcon, Microsoft Defender for Endpoint )

  • The Endpoint Detection and Response solutions in your environment (for example, SentinelOne, Falcon Crowdstrike, Trend Micro XDR, Check Point Harmony Endpoint, Cortex XDR)

  • The Mobile Device Management solutions in your environment (for example, Addigy, Citrix Endpoint, Jamf Pro, Kandji)

  • The directory solutions in your environment (For example, Azure AD, Microsoft AD, Jump Cloud, PingOne, OpenLDAP,)

  • The DHCP solutions in your environment (For example, Infoblox, Efficient IP, BlueCat)

  • The VPN solutions in your environment (For example, Cisco AnyConnect, FortiClient, Palo Alto VPN, Citrix Gateway, Zscaler Private Access)

  • The cloud solutions in your environment (for example, AWS, Azure, Google Cloud, Oracle Cloud)

Certificate Summary #

The Certificate Summary dashboard displays information about SSL certificates, including information about the key algorithms, expiry dates, CA, and certificate versions.

The Certificate Summary dashboard looks like this:

vods_security_itops_certificate_summary_24.0.png

Base Query #

Most of the charts in this dashboard use a query like:

Asset Type match CERT

This query searches for all certificates in the environment.

Charts #

  • Certificates Total. This chart displays the total number of certificates in the environment.

    • This chart queries the asset database and uses the query Asset Type match CERT. This query searches for all certificates.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Algorithms. This chart displays the type of key algorithms in use by all the certificates.

    • This chart queries the asset database and uses the query Asset Type match CERT. This query searches for all certificates.

    • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

    • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Certificate Algorithm.

    • The Chart Type is “Pie”.

  • Certificates: All Expiry Dates. This chart displays the next five expiry dates for certificates.

    • This chart queries the asset database and uses the query Asset Type match CERT. This query searches for all certificates.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Asset Expiry Time.

    • The Chart Type is “Bar”.

  • Certificates by CA. This chart displays the certificate authorities in use and the number of certificates assigned to each CA.

    • This chart queries the asset database and uses the query Asset Type match CERT. This query searches for all certificates.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Vendor.

    • The Chart Type is “Bar”.

  • Certificate Versions. This chart displays the versions for certificates (for example, SSLv2, SSLv3, TLS1.3) and the number of certificates assigned to each version.

    • This chart queries the asset database and uses the query Asset Type match CERT. This query searches for all certificates.

    • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

    • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays Certificate Version.

    • The Chart Type is “Pie”.

  • Expired Certs. This chart displays the number of certificates that have already expired.

    • This chart queries the asset database and uses the query Asset Type match CERT AND Asset Expiry time within past 999 years. This query searches for all expired certificates in the environment.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Asset Expiry Time.

    • The Chart Type is “Bar”.

  • Expired Certs All Expired. This chart displays the domains that have expired certificates.

    • This chart queries the asset database and uses the query Asset Type match CERT AND Asset Expiry time within past 999 years. This query searches for all expired certificates in the environment.

    • From the data returned by the query, the Category fields specifies the columns in the table. In this case, Full Domain Name and Asset Expiry Time.

    • The Chart Type is “Table”.

  • Full Certificate List. This chart displays all domains with certificates.

    • This chart queries the asset database and uses the query Asset Type match CERT. This query searches for all certificates.

    • From the data returned by the query, the Category fields specifies the columns in the table. In this case, Full Domain Name and Asset Expiry Time.

    • The Chart Type is “Table”.

  • Upcoming Expirations. This table lists the expiry dates coming up in the next 60 days and the number of assets that will expire on those dates.

    • This chart queries the asset database and uses the query Asset Type match CERT AND Asset Expiry Time within future 60 days. This query searches for all certificates that will expire in the next 60 days

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Asset Expiry Time.

    • The Chart Type is “Bar”.

  • Upcoming Expirations 60 Days Out. This chart displays the domains for which certificates will expire in the next 60 days.

    • This chart queries the asset database and uses the query Asset Type match CERT AND Asset Expiry Time within future 60 days. This query searches for all certificates that will expire in the next 60 days.

    • From the data returned by the query, the Category fields specifies the columns in the table. In this case, Full Domain Name and Asset Expiry Time.

    • The Chart Type is “Table”.

Crown Jewels #

Crown Jewels is a term for the most critical assets in your organization. The Crown Jewels dashboard displays information about the current status of Crown Jewels, including details about Crown Jewels with CVEs, KEVs, and fixable KEVs.

vods_security_itops_crown_jewels_24.0.png

Base Query #

Most of the charts in this dashboard use a query like:

Crown Jewels == True

This query searches for all assets where the field Crown Jewels contains the value True.

NOTE: Crown Jewels is a SmartLabel that you can clone and customize to meet your specific criteria for Crown Jewels. The default criteria is:

  • Windows and Linux servers that are currently online

OR

  • Windows and Linux servers that are in the production IP group

OR

  • VMware EXSi hosts

OR

  • Public FTP servers

OR

  • Domain controllers

Charts #

  • Assets Tagged as Crown Jewels. This chart displays the total number of Crown Jewels in the environment.

    • This chart queries the asset database and uses the query Crown Jewels == True. This query searches for all assets considered Crown Jewels.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Assets Tagged as Crown Jewels. This chart displays the Lucidum Asset Name Location, and Lucidum OS Version for each Crown Jewel.

    • This chart queries the asset database and uses the query Crown Jewels == True. This query searches for all assets considered Crown Jewels.

    • From the data returned by the query, the Categories field specifies the columns to display in the table. In this case, the table displays columns for Lucidum Asset Name, Location, and Lucidum OS Version.

    • The Chart Type is “Table”.

  • Crown Jewels with CVEs. This chart displays the number of Crown Jewels that have either one or more critical CVEs or one or more High CVEs.

    • This chart queries the asset database and uses the query Crown Jewels == True AND Critical Vulns exists OR High Vulns exists. This query searches for all assets considered Crown Jewels that have one or more critical vulnerabilities or one or more high vulnerabilities.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Crown Jewels with CVEs: Crits & Highs. This chart displays the Lucidum Asset Name, Critical CVE List, and High CVE List for each Crown Jewels that has either one or more critical CVEs or one or more High CVEs.

    • This chart queries the asset database and uses the query Crown Jewels == True AND Critical Vulns exists OR High Vulns exists. This query searches for all assets considered Crown Jewels that have one or more critical vulnerabilities or one or more high vulnerabilities.

    •  From the data returned by the query, the Categories field specifies the columns to display in the table. In this case, the table displays columns for Lucidum Asset Name, Critical CVE List, and High CVE List.

    • The Chart Type is “Table”.

  • Crown Jewels with KEVs. This chart displays the number of Crown Jewels that have either one or more Known Exploited Vulnerabilities (KEVs).

    • This chart queries the asset database and uses the query Crown Jewels == True AND Vulnerabilities matching all:: Known Exploited Vulnerability (True/False) == True. This query searches for all assets considered Crown Jewels that have one or more KEVs.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Crown Jewels with KEVs: Critical & High Vulnerabilities. This chart displays the Lucidum Asset Name and KEV List for each Crown Jewels that has one or more Known Exploited Vulnerabilities (KEVs).

    • This chart queries the asset database and uses the query Crown Jewels == True AND Vulnerabilities matching all:: Known Exploited Vulnerability (True/False) == True. This query searches for all assets considered Crown Jewels that have one or more KEVs.

    • From the data returned by the query, the Categories field specifies the columns to display in the table. In this case, the table displays columns for Lucidum Asset Name and KEV List.

    • The Chart Type is “Table”.

  • Crown Jewels with Fixable KEVs. This chart displays the number of Crown Jewels that have either one or more Known Exploited Vulnerabilities (KEVs) that are fixable.

    • This chart queries the asset database and uses the query Crown Jewels == True AND Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True,  Known Vulnerability Fix (True/False) == True. This query searches for all assets considered Crown Jewels that have one or more KEVs AND one or more of the KEVs are fixable.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Crown Jewels with Fixable KEVs: Known Exploited Vulnerabilities w/Mitigations or Fixes. This chart displays the Lucidum Asset Name, Location, and Lucidum OS Version for each Crown Jewel that has one or more Known Exploited Vulnerabilities (KEVs) that are fixable.

    • This chart queries the asset database and uses the query Crown Jewels == True AND Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True,  Known Vulnerability Fix (True/False) == True. This query searches for all assets considered Crown Jewels that have one or more KEVs AND one or more of the KEVs are fixable.

    • From the data returned by the query, the Categories field specifies the columns to display in the table. In this case, the table displays columns for Lucidum Asset Name, Location, and Lucidum OS Version.

    • The Chart Type is “Table”.

EOL Operating Systems (KEVs) #

The The EOL Operating Systems (KEVs) dashboard provides information about Windows, macOS, and Linux operating systems that have reached end-of-life (EOL) and those EOL operating systems that have known exploited vulnerabilities (KEVs).

The EOL Operating Systems (KEVs) dashboard looks like this:

vods_security_itops_eol_os_kev_24.0.png

Base Query #

Most of the charts in this dashboard use a query like:

OS and Version match windows AND Asset Type not match VM_Image

This query searches for Windows OS version on assets that are not VM images.

If you want to edit this dashboard to monitor other operating systems, you can select a different value for OS and Version.

Charts #

  • Windows Servers by OS Version. This chart displays the active or pending Windows servers by OS version.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match server AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets with an OS Category of Microsoft Windows that are servers and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL Windows Servers. This chart displays the total number of Windows servers that have EOL operating systems.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum Os Versino match server AND Lucidum OS Version match NT,2016,NT,2016,2012,2008,2000,2003 AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Windows operating systems, that are servers, are running an EOL version of Windows, and are online or pending.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • All MacOS Assets by OS Version. This chart displays the total number of Mac assets in your environment.

    • This chart queries the asset database and uses the query OS and Version in apple,macos,catalina,monterey,ventura,big sur,mac os,os x,sonoma,mojave,high sierra,sierra,el capitan,yosemite,mavericks,mountain lion,snow leopard,leopard,panther,jaguar,puma,cheetah,kodiak OR Luciudm OS Category match macOs AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all Mac assets running MacOS.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name that match the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL MacOS Assets. This chart displays the total number of MacOS servers that have EOL operating systems.

    • This chart queries the asset database and uses the query Lucidum OS Category match macOS Windows AND OS and Version exists AND OS and Version match 10. AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running MacOS operating systems, that running an EOL version of MacOS, and are online or pending.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name that match the query.

    • The Chart Type is “Big Number”.

  • EOL Windows Servers by OS Version. This chart displays all the end-of-life Windows server versions in the environment and the number of assets running each EOL version of Windows Server.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match server AND Lucidum OS Version match  NT,2016,2012,2008,2000,2003 AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Windows Server operating systems that are EOL and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL Windows Servers by KEV. This chart displays the number of assets running end-of-life Windows server versions and the number of KEVs associated with each EOL version of Windows Server.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match server AND Lucidum OS Version match  NT,2016,2012,2008,2000,2003 AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Windows Server operating systems that are EOL and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Kev List.

    • The Chart Type is “Bar”.

  • EOL MacOS Assets by OS Version. This chart displays all the end-of-life MacOS assets in the environment and the number of assets running each EOL version of macOS.

    • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND OS and Version exists AND OS and Version match 10. AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running MacOS operating systems, that running an EOL version of MacOS, and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL MacOS Assets by OS KEV. This chart displays the number of assets running end-of-life MacOS operating systems and the number of KEVs associated with each EOL version of MacOS.

    • Lucidum OS Category match macOS AND OS and Version exists AND OS and Version match 10. AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running MacOS operating systems, that running an EOL version of MacOS, and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Kev List.

    • The Chart Type is “Bar”.

  • Windows Workstations by OS Version. This chart displays the active or pending Windows workstations by OS version.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version not match server AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets with an OS Category of Microsoft Windows that are not servers and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL Windows Workstations. This chart displays the total number of Windows servers that have EOL operating systems.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match windows 7, windows xp, windows nt, windows 8 OR OS match 1507,1511,1607,1703,1709,1803,1809,1903,1909,2004,20H2,21H1 AND Lucidum OS Version not match serve AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Windows operating systems, that workstations running a Windows workstation OS, running an EOL Windows workstation OS, and are online or pending.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Linux Assets by OS Version. This chart displays the total number of Mac assets in your environment.

    • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all Linux assets that are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL Linux Assets. This chart displays the total number of Linux servers that have EOL operating systems.

    • This chart queries the asset database and uses the query Lucidum OS Type match Linux AND Lucidum OS Version match Centos Linux 5 or Lucidum OS Version match CentOS Linux 6 or Lucidum OS Version match CentOS Linux 8 or Lucidum OS Version match Red Hat Enterprise Linux 3 or Lucidum OS Version match Red Hat Enterprise Linux 4 or Lucidum OS Version match Red Hat Enterprise Linux 5 or Lucidum OS Version match Red Hat Enterprise Linux 6 or Lucidum OS Version match Debian Linux 1.0 or Lucidum OS Version match Debian Linux 2.0 or Lucidum OS Version match Debian Linux 3.0 or Lucidum OS Version match Debian Linux 4.0 or Lucidum OS Version match Debian Linux 5.0 or Lucidum OS Version match Debian Linux 6.0 or Lucidum OS Version match Debian Linux 7.0 or Lucidum OS Version match Debian Linux 8.0 or Lucidum OS Version match Debian Linux 9.0 or Lucidum OS Version match Debian Linux 10.0 or Lucidum OS Version match Ubuntu Linux 4. or Lucidum OS Version match Ubuntu Linux 5. or Lucidum OS Version match Ubuntu Linux 6. or Lucidum OS Version match Ubuntu Linux 7. or Lucidum OS Version match Ubuntu Linux 8. or Lucidum OS Version match Ubuntu Linux 9. or Lucidum OS Version match Ubuntu Linux 10. orLucidum OS Version match Ubuntu Linux 11. or Lucidum OS Version match Ubuntu Linux 12. or Lucidum OS Version match Ubuntu Linux 13. or Lucidum OS Version match Ubuntu Linux 14. or Lucidum OS Version match Ubuntu Linux 15. or Lucidum OS Version match Ubuntu Linux 16. or Lucidum OS Version match Ubuntu Linux 17. or Lucidum OS Version match Ubuntu Linux 18. or Lucidum OS Version match Ubuntu Linux 19. or Lucidum OS Version match Ubuntu Linux 20.10 or Lucidum OS Version match Ubuntu Linux 21.04 or Lucidum OS Version match Ubuntu Linux 21.10 or Lucidum OS Version match SuSE Linux 10 or Lucidum OS Version match SuSE Linux 11 or Lucidum OS Version match Oracle Linux 6. AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Linux operating systems, that are also running an EOL version of Linux, and are online or pending.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name returned by the query.

    • The Chart Type is “Big Number”.

  • EOL Windows Workstations by OS Ver. This chart displays all the end-of-life Windows versions in the environment and the number of assets running each EOL version of Windows.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match windows 7, windows xp, windows nt, windows 8 OR OS match 1507,1511,1607,1703,1709,1803,1809,1903,1909,2004,20H2,21H1 AND Lucidum OS Version not match serve AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running a Windows workstation OS that is EOL , and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL Windows Workstations by KEV. This chart displays the number of assets running end-of-life Windows Workstation operating systems and the number of KEVs associated with each EOL version of Windows Workstation.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match windows 7, windows xp, windows nt, windows 8 OR OS match 1507,1511,1607,1703,1709,1803,1809,1903,1909,2004,20H2,21H1 AND Lucidum OS Version not match serve AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running a Windows workstation OS that is EOL , and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the KEV List.

    • The Chart Type is “Bar”.

  • EOL Linux Assets by OS Ver. This chart displays all the end-of-life Linux assets in the environment and the number of assets running each EOL version of Linux.

    • This chart queries the asset database and uses the query Lucidum OS Type match Linux AND Lucidum OS Version match Centos Linux 5 or Lucidum OS Version match CentOS Linux 6 or Lucidum OS Version match CentOS Linux 8 or Lucidum OS Version match Red Hat Enterprise Linux 3 or Lucidum OS Version match Red Hat Enterprise Linux 4 or Lucidum OS Version match Red Hat Enterprise Linux 5 or Lucidum OS Version match Red Hat Enterprise Linux 6 or Lucidum OS Version match Debian Linux 1.0 or Lucidum OS Version match Debian Linux 2.0 or Lucidum OS Version match Debian Linux 3.0 or Lucidum OS Version match Debian Linux 4.0 or Lucidum OS Version match Debian Linux 5.0 or Lucidum OS Version match Debian Linux 6.0 or Lucidum OS Version match Debian Linux 7.0 or Lucidum OS Version match Debian Linux 8.0 or Lucidum OS Version match Debian Linux 9.0 or Lucidum OS Version match Debian Linux 10.0 or Lucidum OS Version match Ubuntu Linux 4. or Lucidum OS Version match Ubuntu Linux 5. or Lucidum OS Version match Ubuntu Linux 6. or Lucidum OS Version match Ubuntu Linux 7. or Lucidum OS Version match Ubuntu Linux 8. or Lucidum OS Version match Ubuntu Linux 9. or Lucidum OS Version match Ubuntu Linux 10. orLucidum OS Version match Ubuntu Linux 11. or Lucidum OS Version match Ubuntu Linux 12. or Lucidum OS Version match Ubuntu Linux 13. or Lucidum OS Version match Ubuntu Linux 14. or Lucidum OS Version match Ubuntu Linux 15. or Lucidum OS Version match Ubuntu Linux 16. or Lucidum OS Version match Ubuntu Linux 17. or Lucidum OS Version match Ubuntu Linux 18. or Lucidum OS Version match Ubuntu Linux 19. or Lucidum OS Version match Ubuntu Linux 20.10 or Lucidum OS Version match Ubuntu Linux 21.04 or Lucidum OS Version match Ubuntu Linux 21.10 or Lucidum OS Version match SuSE Linux 10 or Lucidum OS Version match SuSE Linux 11 or Lucidum OS Version match Oracle Linux 6. AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Linux operating systems, that are also running an EOL version of Linux, and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL Linux Assets by KEV. This chart displays the number of assets running end-of-life Linux operating systems and the number of KEVs associated with each EOL version of Linux.

    • This chart queries the asset database and uses the query Lucidum OS Type match Linux AND Lucidum OS Version match Centos Linux 5 or Lucidum OS Version match CentOS Linux 6 or Lucidum OS Version match CentOS Linux 8 or Lucidum OS Version match Red Hat Enterprise Linux 3 or Lucidum OS Version match Red Hat Enterprise Linux 4 or Lucidum OS Version match Red Hat Enterprise Linux 5 or Lucidum OS Version match Red Hat Enterprise Linux 6 or Lucidum OS Version match Debian Linux 1.0 or Lucidum OS Version match Debian Linux 2.0 or Lucidum OS Version match Debian Linux 3.0 or Lucidum OS Version match Debian Linux 4.0 or Lucidum OS Version match Debian Linux 5.0 or Lucidum OS Version match Debian Linux 6.0 or Lucidum OS Version match Debian Linux 7.0 or Lucidum OS Version match Debian Linux 8.0 or Lucidum OS Version match Debian Linux 9.0 or Lucidum OS Version match Debian Linux 10.0 or Lucidum OS Version match Ubuntu Linux 4. or Lucidum OS Version match Ubuntu Linux 5. or Lucidum OS Version match Ubuntu Linux 6. or Lucidum OS Version match Ubuntu Linux 7. or Lucidum OS Version match Ubuntu Linux 8. or Lucidum OS Version match Ubuntu Linux 9. or Lucidum OS Version match Ubuntu Linux 10. orLucidum OS Version match Ubuntu Linux 11. or Lucidum OS Version match Ubuntu Linux 12. or Lucidum OS Version match Ubuntu Linux 13. or Lucidum OS Version match Ubuntu Linux 14. or Lucidum OS Version match Ubuntu Linux 15. or Lucidum OS Version match Ubuntu Linux 16. or Lucidum OS Version match Ubuntu Linux 17. or Lucidum OS Version match Ubuntu Linux 18. or Lucidum OS Version match Ubuntu Linux 19. or Lucidum OS Version match Ubuntu Linux 20.10 or Lucidum OS Version match Ubuntu Linux 21.04 or Lucidum OS Version match Ubuntu Linux 21.10 or Lucidum OS Version match SuSE Linux 10 or Lucidum OS Version match SuSE Linux 11 or Lucidum OS Version match Oracle Linux 6. AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Linux operating systems, that are also running an EOL version of Linux, and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the KEV List.

    • The Chart Type is “Bar”.

  • Linux Assets by OS Version. This chart displays the total number of Mac assets in your environment.

    • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all Linux assets that are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL Linux Assets. This chart displays the total number of Linux servers that have EOL operating systems.

    • This chart queries the asset database and uses the query Lucidum OS Type match Linux AND Lucidum OS Version match Centos Linux 5 or Lucidum OS Version match CentOS Linux 6 or Lucidum OS Version match CentOS Linux 8 or Lucidum OS Version match Red Hat Enterprise Linux 3 or Lucidum OS Version match Red Hat Enterprise Linux 4 or Lucidum OS Version match Red Hat Enterprise Linux 5 or Lucidum OS Version match Red Hat Enterprise Linux 6 or Lucidum OS Version match Debian Linux 1.0 or Lucidum OS Version match Debian Linux 2.0 or Lucidum OS Version match Debian Linux 3.0 or Lucidum OS Version match Debian Linux 4.0 or Lucidum OS Version match Debian Linux 5.0 or Lucidum OS Version match Debian Linux 6.0 or Lucidum OS Version match Debian Linux 7.0 or Lucidum OS Version match Debian Linux 8.0 or Lucidum OS Version match Debian Linux 9.0 or Lucidum OS Version match Debian Linux 10.0 or Lucidum OS Version match Ubuntu Linux 4. or Lucidum OS Version match Ubuntu Linux 5. or Lucidum OS Version match Ubuntu Linux 6. or Lucidum OS Version match Ubuntu Linux 7. or Lucidum OS Version match Ubuntu Linux 8. or Lucidum OS Version match Ubuntu Linux 9. or Lucidum OS Version match Ubuntu Linux 10. orLucidum OS Version match Ubuntu Linux 11. or Lucidum OS Version match Ubuntu Linux 12. or Lucidum OS Version match Ubuntu Linux 13. or Lucidum OS Version match Ubuntu Linux 14. or Lucidum OS Version match Ubuntu Linux 15. or Lucidum OS Version match Ubuntu Linux 16. or Lucidum OS Version match Ubuntu Linux 17. or Lucidum OS Version match Ubuntu Linux 18. or Lucidum OS Version match Ubuntu Linux 19. or Lucidum OS Version match Ubuntu Linux 20.10 or Lucidum OS Version match Ubuntu Linux 21.04 or Lucidum OS Version match Ubuntu Linux 21.10 or Lucidum OS Version match SuSE Linux 10 or Lucidum OS Version match SuSE Linux 11 or Lucidum OS Version match Oracle Linux 6. AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Linux operating systems, that are also running an EOL version of Linux, and are online or pending.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name returned by the query.

    • The Chart Type is “Big Number”.

EOL Operating Systems (Online Assets) #

The EOL Operating Systems (Online Assets) dashboard provides information about Windows, macOS, and Linux operating systems that have reached end-of-life (EOL) and are still online.

The EOL Operating Systems (Online Assets) dashboard looks like this:

vods_security_itops_eol_os_online_assets_24.0.png

  • Windows Servers by OS Version. This chart displays the active or pending Windows servers by OS version.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match server AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets with an OS Category of Microsoft Windows that are servers and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL Windows Servers. This chart displays the total number of Windows servers that have EOL operating systems.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum Os Versino match server AND Lucidum OS Version match NT,2016,NT,2016,2012,2008,2000,2003 AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Windows operating systems, that are servers, are running an EOL version of Windows, and are online or pending.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • All MacOS Assets by OS Version. This chart displays the total number of Mac assets in your environment.

    • This chart queries the asset database and uses the query OS and Version in apple,macos,catalina,monterey,ventura,big sur,mac os,os x,sonoma,mojave,high sierra,sierra,el capitan,yosemite,mavericks,mountain lion,snow leopard,leopard,panther,jaguar,puma,cheetah,kodiak OR Luciudm OS Category match macOs AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all Mac assets running MacOS.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name that match the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL MacOS Assets. This chart displays the total number of MacOS servers that have EOL operating systems.

    • This chart queries the asset database and uses the query Lucidum OS Category match macOS Windows AND OS and Version exists AND OS and Version match 10. AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running MacOS operating systems, that running an EOL version of MacOS, and are online or pending.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name that match the query.

    • The Chart Type is “Big Number”.

  • EOL Windows Servers by OS Version. This chart displays all the end-of-life Windows server versions in the environment and the number of assets running each EOL version of Windows Server.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match server AND Lucidum OS Version match  NT,2016,2012,2008,2000,2003 AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Windows Server operating systems that are EOL and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL Windows Servers by Department (Excl. Versions in Extended Support). This chart displays the name of each department that has EOL windows assets and the number of such assets in each department.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum Os Versino match server AND Lucidum OS Version match NT,2016,NT,2016,2012,2008,2000,2003 AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Windows operating systems, that are servers, are running an EOL version of Windows, and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Department.

    • The Chart Type is “Bar”.

  • EOL MacOS Assets by OS Version. This chart displays all the end-of-life MacOS assets in the environment and the number of assets running each EOL version of macOS.

    • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND OS and Version exists AND OS and Version match 10. AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running MacOS operating systems, that running an EOL version of MacOS, and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL MacOS Assets by Department. This chart displays the name of each department that has EOL MacOS assets and the number of such assets in each department.

    • This chart queries the asset database and uses the query Lucidum OS Category match macOS Windows AND OS and Version exists AND OS and Version match 10. AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running MacOS operating systems, that running an EOL version of MacOS, and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Department.

    • The Chart Type is “Bar”.

  • Windows Workstations by OS Version. This chart displays the active or pending Windows workstations by OS version.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version not match server AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets with an OS Category of Microsoft Windows that are not servers and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL Windows Workstations. This chart displays the total number of Windows servers that have EOL operating systems.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match windows 7, windows xp, windows nt, windows 8 OR OS match 1507,1511,1607,1703,1709,1803,1809,1903,1909,2004,20H2,21H1 AND Lucidum OS Version not match serve AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Windows operating systems, that workstations running a Windows workstation OS, running an EOL Windows workstation OS, and are online or pending.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • EOL Windows Workstations by OS Ver. This chart displays all the end-of-life Windows versions in the environment and the number of assets running each EOL version of Windows.

    • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match windows 7, windows xp, windows nt, windows 8 OR OS match 1507,1511,1607,1703,1709,1803,1809,1903,1909,2004,20H2,21H1 AND Lucidum OS Version not match serve AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running a Windows workstation OS that is EOL , and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL Linux Assets by OS Ver. This chart displays all the end-of-life Linux assets in the environment and the number of assets running each EOL version of Linux.

    • This chart queries the asset database and uses the query Lucidum OS Type match Linux AND Lucidum OS Version match Centos Linux 5 or Lucidum OS Version match CentOS Linux 6 or Lucidum OS Version match CentOS Linux 8 or Lucidum OS Version match Red Hat Enterprise Linux 3 or Lucidum OS Version match Red Hat Enterprise Linux 4 or Lucidum OS Version match Red Hat Enterprise Linux 5 or Lucidum OS Version match Red Hat Enterprise Linux 6 or Lucidum OS Version match Debian Linux 1.0 or Lucidum OS Version match Debian Linux 2.0 or Lucidum OS Version match Debian Linux 3.0 or Lucidum OS Version match Debian Linux 4.0 or Lucidum OS Version match Debian Linux 5.0 or Lucidum OS Version match Debian Linux 6.0 or Lucidum OS Version match Debian Linux 7.0 or Lucidum OS Version match Debian Linux 8.0 or Lucidum OS Version match Debian Linux 9.0 or Lucidum OS Version match Debian Linux 10.0 or Lucidum OS Version match Ubuntu Linux 4. or Lucidum OS Version match Ubuntu Linux 5. or Lucidum OS Version match Ubuntu Linux 6. or Lucidum OS Version match Ubuntu Linux 7. or Lucidum OS Version match Ubuntu Linux 8. or Lucidum OS Version match Ubuntu Linux 9. or Lucidum OS Version match Ubuntu Linux 10. orLucidum OS Version match Ubuntu Linux 11. or Lucidum OS Version match Ubuntu Linux 12. or Lucidum OS Version match Ubuntu Linux 13. or Lucidum OS Version match Ubuntu Linux 14. or Lucidum OS Version match Ubuntu Linux 15. or Lucidum OS Version match Ubuntu Linux 16. or Lucidum OS Version match Ubuntu Linux 17. or Lucidum OS Version match Ubuntu Linux 18. or Lucidum OS Version match Ubuntu Linux 19. or Lucidum OS Version match Ubuntu Linux 20.10 or Lucidum OS Version match Ubuntu Linux 21.04 or Lucidum OS Version match Ubuntu Linux 21.10 or Lucidum OS Version match SuSE Linux 10 or Lucidum OS Version match SuSE Linux 11 or Lucidum OS Version match Oracle Linux 6. AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Linux operating systems, that running an EOL version of Linux, and are online or pending.

      • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • EOL Linux Assets by Department. This chart displays the name of each department that has EOL Linux assets and the number of such assets in each department.

    • This chart queries the asset database and uses the query Lucidum OS Type match Linux AND Lucidum OS Version match Centos Linux 5 or Lucidum OS Version match CentOS Linux 6 or Lucidum OS Version match CentOS Linux 8 or Lucidum OS Version match Red Hat Enterprise Linux 3 or Lucidum OS Version match Red Hat Enterprise Linux 4 or Lucidum OS Version match Red Hat Enterprise Linux 5 or Lucidum OS Version match Red Hat Enterprise Linux 6 or Lucidum OS Version match Debian Linux 1.0 or Lucidum OS Version match Debian Linux 2.0 or Lucidum OS Version match Debian Linux 3.0 or Lucidum OS Version match Debian Linux 4.0 or Lucidum OS Version match Debian Linux 5.0 or Lucidum OS Version match Debian Linux 6.0 or Lucidum OS Version match Debian Linux 7.0 or Lucidum OS Version match Debian Linux 8.0 or Lucidum OS Version match Debian Linux 9.0 or Lucidum OS Version match Debian Linux 10.0 or Lucidum OS Version match Ubuntu Linux 4. or Lucidum OS Version match Ubuntu Linux 5. or Lucidum OS Version match Ubuntu Linux 6. or Lucidum OS Version match Ubuntu Linux 7. or Lucidum OS Version match Ubuntu Linux 8. or Lucidum OS Version match Ubuntu Linux 9. or Lucidum OS Version match Ubuntu Linux 10. orLucidum OS Version match Ubuntu Linux 11. or Lucidum OS Version match Ubuntu Linux 12. or Lucidum OS Version match Ubuntu Linux 13. or Lucidum OS Version match Ubuntu Linux 14. or Lucidum OS Version match Ubuntu Linux 15. or Lucidum OS Version match Ubuntu Linux 16. or Lucidum OS Version match Ubuntu Linux 17. or Lucidum OS Version match Ubuntu Linux 18. or Lucidum OS Version match Ubuntu Linux 19. or Lucidum OS Version match Ubuntu Linux 20.10 or Lucidum OS Version match Ubuntu Linux 21.04 or Lucidum OS Version match Ubuntu Linux 21.10 or Lucidum OS Version match SuSE Linux 10 or Lucidum OS Version match SuSE Linux 11 or Lucidum OS Version match Oracle Linux 6. AND Lucidum Status match Online OR Lucidum Status match Pending. This query searches for all assets running Linux operating systems, that running an EOL version of Linux, and are online or pending.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name returned by the query.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Department.

    • The Chart Type is “Bar”.

Exposed Assets #

The Exposed Assets dashboard displays assets that are publicly exposed with an external port.

The Exposed Assets dashboard looks like this:

vods_security_and_it_exposed_assets_25.0.png

Base Query #

Most of the asset charts in this dashboard use a query like:

External Port exists

The query searches for all assets with an external port.

Charts #

  • Assets w/Exposed Ports Total. This chart displays the number of assets with one or more external ports.

    • This chart queries the asset database and uses the query External Ports exists. This query searches for all assets that include an external port.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Assets w/Exposed Ports Critical Vulns Exist. This chart displays the number of assets with one or more external ports and a Critical CVEs.

    • This chart queries the asset database and uses the query External Ports exists AND Critical CVE List exists. This query searches for all assets that include an external port and also include critical CVEs.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Assets w/Exposed Ports TOR Node or SANS Malicious IP. . This chart displays the number of assets with one or more external ports and an IP from a TOR node.

    • This chart queries the asset database and uses the query External Ports exists AND TOR Node IP (yes/no) != no. This query searches for all assets that include an external port and also include an IP from a TOR node.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Assets w/Exposed Ports Listing. This chart lists the assets with one or more external ports.

    • This chart queries the asset database and uses the query External Ports exists. This query searches for all assets that include an external port.

      • From the data returned by the query, the Category fields specifies the columns in the table. In this case, Cloud Account, Critical Vulns, Exposed Ports, Full Domain Name, High Vulns, KEV Count, Lucidum Asset Name, Lucidum OS Category, Public IP Address, Tag::Value

    • The Chart Type is “Table”.

  • Assets by External Ports. This chart displays the number of assets with one or more external ports, organized by external port.

    • This chart queries the asset database and uses the query External Ports exists. This query searches for all assets that include an external port and have a critical CVE.

    • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the External Ports.

    • The Chart Type is “Bar”.

  • Assets w/Exposed Ports by Department. This chart displays the number of assets with exposed ports, organized by department.

    • This chart queries the asset database and uses the query External Ports exists. This query searches for all compute assets that have one or more external facting ports.

    • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

    • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Department.

    • The Chart Type is “Pie”.

  • Assets w/Exposed Ports by OS Version.

    • This chart queries the asset database and uses the query External Ports exists. This query searches for all compute assets that have one or more external facting ports.

    • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

    • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Lucidum OS Version.

    • The Chart Type is “Pie”.

Priorities: All KEVs #

The Priorities: All KEVs dashboard displays information about assets with Known Exploited Vulnerabilities (KEVs), including which of those KEVs are high or critical and which of those KEVs have solutions or workarounds.

The Priorities: All KEVs dashboard looks like this:

vods_security_priorities_all_kevs_24.0.png

Base Query #

Most of the asset charts in this dashboard use a query like:

Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True

or

KEV Count >= 1

The first query searches for information about assets with any KEVs.

The second query returns a count of assets with KEVs.

Charts #

  • Total Assets. This chart displays a count of the total assets in the environment.

    • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix. This query searches for all compute assets.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Assets w/High or Critical Vulns. This chart displays a count of assets with critical vulnerabilities or high vulnerabilities.

    • This chart queries the asset database and uses the query Critical CVE list exists OR High CVE lists exists. This query searches for all assets with critical CVEs or high CVEs.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Assets with Known Exploited Vulnerabilities. This chart displays a count of assets with known exploited vulnerabilities (KEVs).

    • This chart queries the asset database and uses the query KEV Count >= 1. This query searches for all assets with one or more KEVs.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • KEV Assets with Solutions or Workarounds. This chart displays a count of assets with known exploited vulnerabilities (KEVs) that have fixes or workarounds.

    • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Fixable (True/False) == True. This query searches for all assets that include a KEV that has a workaround or fix.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Windows Server Assets w/KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

    • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Lucidum OS Version match windows server. This query searches for all Windows server assets that include a KEV.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

      Windows Workstation Assets w/KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

      • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Lucidum OS Version not match windows server AND Lucidum OS match windows. This query searches for all Windows workstation assets that include a KEV.

      • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

      • The Chart Type is “Table”.

  • Linux Assets w/KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

    • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Lucidum OS CAtegory match Linux. This query searches for all Linux assets that include a KEV.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

  • Apple Assets w/KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

    • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Lucidum OS CAtegory in iOS,macOS,tvOS,iPadOS. This query searches for all Apple assets that include a KEV.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

  • Unix Assets w/KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

    • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Lucidum OS Category match Unix. This query searches for all Unix assets that include a KEV.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

Priorities: Fixable KEVs #

The Priorities: Fixable KEVs dashboard displays information about assets with Known Exploited Vulnerabilities (KEVs), including which of those KEVs are high or critical, which of those KEVs have solutions or workarounds, and which assets in the environment are not scanned for KEVs.

The Priorities: Fixable KEVs dashboard looks like this:

vods_security_priorities_fixable_kevs_24.0.png

Base Query #

Most of the asset charts in this dashboard use a query like:

Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Known Exploited Vulnerability Fix (True/False) == True

The first query searches for assets with KEVs that have a fix or workaround.

Charts #

  • Total Assets. This chart displays a count of the total assets in the environment.

    • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix. This query searches for all compute assets.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Assets w/High or Critical Vulns. This chart displays a count of assets with critical vulnerabilities or high vulnerabilities.

    • This chart queries the asset database and uses the query Critical CVE list exists OR High CVE lists exists AND Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix. This query searches for all compute assets with critical CVEs or high CVEs.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Assets with Known Exploited Vulnerabilities. This chart displays a count of assets with known exploited vulnerabilities (KEVs).

    • This chart queries the asset database and uses the query KEV Count >= 1 AND Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix. This query searches for all compute assets with one or more KEVs.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • KEV Assets with Solutions or Workarounds. This chart displays a count of assets with known exploited vulnerabilities (KEVs) that have fixes or workarounds.

    • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Fixable (True/False) == True AND Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix. This query searches for all compute assets that include a KEV that has a workaround or fix.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Unscanned Assets. This chart displays a count of assets that have not been scanned for vulnerabilities.

    • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix AND Data Sources not match Rapid7 AND AND Data Sources not match Lackework AND Data Sources not match Crowdstrike AND Data Sources not match SentinelOne AND Data Sources not match Tenable AND Data Sources not match Symantec. This query searches for all compute assets that do not have at least one of the following installed: Lacework, Rapid7, CrowdStrike, SentinelOne, Tenable, or Symantec.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Unscanned Assets by OS Category. This chart displays assets that have not been scanned for vulnerabilities, organized by operating system category (for example, Microsoft, Linux, MacOS, Unix).

    • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix AND Data Sources not match Rapid7 AND AND Data Sources not match Lackework AND Data Sources not match Crowdstrike AND Data Sources not match SentinelOne AND Data Sources not match Tenable AND Data Sources not match Symantec. This query searches for all compute assets that do not have at least one of the following installed: Lacework, Rapid7, CrowdStrike, SentinelOne, Tenable, or Symantec.

    • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

    • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Lucidum OS Category.

    • The Chart Type is “Pie”.

  • Windows Server Assets w/Fixable KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

    • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Vulnerability Fix (True/False) == True AND Known Exploited Vulnerability (True/False) == True AND Lucidum OS Version match windows server. This query searches for all Windows server assets that include a KEV with a known fix or workaround.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

  • Windows Workstation Assets w/Fixable KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

    • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Vulnerability Fix (True/False) == True AND Known Exploited Vulnerability (True/False) == True AND Lucidum OS Version not match windows server AND Lucidum OS Version match windows. This query searches for all Windows workstation assets that include a KEV with a known fix or workaround.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

  • Linux Assets w/Fixable KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

    • This chart queries the asset database and uses the query Lucidum Os Category match Linux ANd Vulnerabilities matching all: Known Vulnerability Fix (True/False) == True AND Known Exploited Vulnerability (True/False) == True. This query searches for all Linux server assets that include a KEV with a known fix or workaround.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

  • Apple Assets w/Fixable KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

    • This chart queries the asset database and uses the query Lucidum OS Category in iOS,macOS,tvOS,iPadOS AND Vulnerabilities matching all: Known Vulnerability Fix (True/False) == True AND Known Exploited Vulnerability (True/False) == True. This query searches for all Apple server assets that include a KEV with a known fix or workaround.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

  • Unix Assets w/Fixable KEVs. This chart displays a list of Windows Server assets that have KEVs. The table also includes details about the KEVs and the asset.

    • This chart queries the asset database and uses the query Lucidum OS Category match Unix AND Vulnerabilities matching all: Known Vulnerability Fix (True/False) == True AND Known Exploited Vulnerability (True/False) == True. This query searches for all Unix assets that include a KEV with a known fix or workaround.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

Priorities: Highs & Crits #

The Priorities: Highs & Crits dashboard displays information about assets with High or Critical CVEs, including information about KEVs in the environment and which of those KEVs have solutions or workarounds.

The Priorities: Highs & Crits dashboard looks like this:

vods_security_priorities_highs_crits_24.0.png

Base Query #

Most of the asset charts in this dashboard use a query like:

Critical CVE list exists OR High CVE lists exists

The query searches assets with either one or more critical CVEs or one or more high CVEs.

Charts #

  • Total Assets. This chart displays a count of the total assets in the environment.

    • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows,Linux,macOS,tvOS,iPadOS,Unix. This query searches for all compute assets.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Assets w/High or Critical Vulns. This chart displays a count of assets with critical vulnerabilities or high vulnerabilities.

    • This chart queries the asset database and uses the query Critical CVE list exists OR High CVE lists exists. This query searches for all assets with critical CVEs or high CVEs.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Assets with Known Exploited Vulnerabilities. This chart displays a count of assets with known exploited vulnerabilities (KEVs).

    • This chart queries the asset database and uses the query KEV Count >= 1. This query searches for all assets with one or more KEVs.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • KEV Assets with Solutions or Workarounds. This chart displays a count of assets with known exploited vulnerabilities (KEVs) that have fixes or workarounds.

    • This chart queries the asset database and uses the query Vulnerabilities matching all: Known Exploited Vulnerability (True/False) == True AND Fixable (True/False) == True. This query searches for all assets that include a KEV that has a workaround or fix.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Windows Server Assets w/High or Critical Vulns. This chart displays a list of Windows Server assets that have critical or high vulnerabilities. The table also includes details about KEVs and the asset.

    • This chart queries the asset database and uses the query Lucidum OS Version match windows server AND Critical Vulns exists OR High Vulns exists. This query searches for all Windows server assets that have one or more critical vulnerabilities or high vulnerabilities.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

  • Windows Workstation Assets w/High or Critical Vulns. This chart displays a list of Windows Server assets that have critical or high vulnerabilities. The table also includes details about KEVs and the asset.

    • This chart queries the asset database and uses the query Lucidum OS Version not match windows server AND Lucidum OS Version match windows AND Critical Vulns exists OR High Vulns exists. This query searches for all Windows workstation assets that have one or more critical vulnerabilities or high vulnerabilities.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

  • Linux Assets w/High or Critical Vulns. This chart displays a list of Windows Server assets that have critical or high vulnerabilities. The table also includes details about KEVs and the asset.

    • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Critical Vulns exists OR High Vulns exists. This query searches for all Linux assets that have one or more critical vulnerabilities or high vulnerabilities.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

  • Apple Assets w/High or Critical Vulns. This chart displays a list of Windows Server assets that have critical or high vulnerabilities. The table also includes details about KEVs and the asset.

    • This chart queries the asset database and uses the query Lucidum OS Category in iOS,macOS,tvOS,iPadOS AND Critical Vulns exists OR High Vulns exists This query searches for all Apple assets that have one or more critical vulnerabilities or high vulnerabilities.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

  • Unix Assets w/High or Critical Vulns. This chart displays a list of Windows Server assets that have have critical or high vulnerabilities. The table also includes details about KEVs and the asset.

    • This chart queries the asset database and uses the query Lucidum OS Category match Unux AND Critical Vulns exists OR High Vulns exists. This query searches for all Unix assets that have one or more critical vulnerabilities or high vulnerabilities.

    • From the data returned by the query, the Categories field specifies the columns for the table. In this case, for each asset, the chart displays Source Asset Name, Critical Vulns, High Vulns, KEV List, KEV Count, IP Address, Location, Department, and Lucidum OS Version.

    • The Chart Type is “Table”.

What are your Feelings

Solutions

COMPANY

Resource Library