Threat Intelligence Dashboards

The pre-built Value-Oriented Dashboards include the following Threat Intelligence dashboards:

• Assets w/Top Exploited CVEs (CISA 2021). This dashboard displays information about assets with CVEs.

• Assets w/Top 15 Exploited CVEs (SentinelOne 2022). The Assets w/Top 15 Exploited CVEs dashboard displays information about assets where the top 15 most commonly exploited CVEs are active.

• Kaspersky Top-n APTS: 2023. Advanced Persistent Threats (APTs) targeting enterprise infrastructures exploit existing software vulnerabilities. Kaspersky analyzed available data on exploits used in APT attacks for 2023 and Q1 2024 to determine which software is most frequently exploited by attackers. Below are the vulnerabilities that APT groups leveraged the most in 2023 and Q1 2024 and the assets in your environment that are at risk.

• Risk & Threat Overview. This dashboard displays details about risks and threats for the assets in your environment.

• Risk & Vuln Overview. This dashboard displays details about all risk and all vulnerabilities in the environment.

• Vulnerabilities. This dashboard displays a list of all vulnerabilities in your environment.

Required Connectors #

To find all the assets in your environment and the vulnerability, CVE, and risk information about the assets in your environment, Lucidum recommends you configure Lucidum connectors for:

• The Endpoint Management solutions in your environment (for example, Jamf, Intune, Citrix Endpoint Management, Symantec Endpoint Management, Hexnode)

• The Endpoint Protection solutions in your environment (for example, Trellix Endpoint Security, Symantec Endpoint Protection, SentinelOne, Crowdstrike Falcon, Microsoft Defender for Endpoint )

• The Endpoint Detection and Response solutions in your environment (for example, SentinelOne, Falcon Crowdstrike, Trend Micro XDR, Check Point Harmony Endpoint, Cortex XDR)

• The cloud security solutions in your environment for cloud assets (for example, Netskope, Illumio Core, Orca, Tenable Vulnerability Management, Trend Micro Cloud One, Sophos Central)

• The anti-virus solutions or vulnerability management solutions in your environment (for example, Burp Suite, Cycognito, Greenbone, Kenna, MS Defender, Qualys, Rapid7, Tenable, Vulcan)

• The Mobile Device Management solutions in your environment (for example, Addigy, Citrix Endpoint, Jamf Pro, Kandji)

• The directory solutions in your environment (For example, Azure AD, Microsoft AD, Jump Cloud, PingOne, OpenLDAP,)

• The DHCP solutions in your environment (For example, Infoblox, Efficient IP, BlueCat)

• The VPN solutions in your environment (For example, Cisco AnyConnect, FortiClient, Palo Alto VPN, Citrix Gateway, Zscaler Private Access)

• The cloud solutions in your environment (for example, AWS, Azure, Google Cloud, Oracle Cloud)

Assets w_Top Most Exploited CVEs (CISA 2021) #

The Assets /w the Most Exploited CVEs dashboard displays information about assets with CVEs.

The Assets /w the Most Exploited CVEs dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard this query:

CVE List match -2021-(44228|40539|34523|34473|31207|27065|26858|26857|26855|26084|21972) OR CVE List match -2020-(1472|0688) OR CVE List match -2019-(11510) OR CVE List match -2018-(13379)OR CVE List match -2021-(3156|27852|22893|20016|1675) OR CVE List match -2021-(42237|35464|27104|27103|27102|27101|21985|20038|40444|34527) OR CVE List match -2020-(2509) OR CVE List match -2019-(19781|18935) OR CVE List match -2018-(0171) OR CVE List match -2017-(11882|0199).

This query looks for assets that have one or more of the following active CVEs:

• CVE-2021-44228

• CVE-2021-40539

• CVE-2021-34523

• CVE-2021-34473

• CVE-2021-31207

• CVE-2021-27065

• CVE-2021-26858

• CVE-2021-26857

• CVE-2021-26885

• CVE-2021-26084

• CVE-2021-21972

• CVE -2020-1472

• CVE -2020-0688

• CVE -2019-11510

• CVE-2018-13379

• CVE-2021-3156

• CVE-2021-27852

• CVE-2021-22893

• CVE-2021-20016

• CVE-2021-1675

• CVE-2021-42237

• CVE-2021-35464

• CVE-2021-27104

• CVE-2021-27103

• CVE-2021-27102

• CVE-2021-27101

• CVE-2021-21985

• CVE-2021-20038

• CVE-2021-40444

• CVE-2021-34527

• CVE-2020-2509

• CVE-2019-19781

• CVE-2019-18935

• CVE-2018-0171

• CVE-2017-11882

• CVE-2017-0199

If you want to edit the charts in this dashboard, you can supply a different list of CVEs in the query.

Charts #

• Asset Count. This chart displays the count of assets with active CVEs.

  • This chart queries the asset database and uses the query CVE List match -2021-(44228|40539|34523|34473|31207|27065|26858|26857|26855|26084|21972) OR CVE List match -2020-(1472|0688) OR CVE List match -2019-(11510) OR CVE List match -2018-(13379)OR CVE List match -2021-(3156|27852|22893|20016|1675) OR CVE List match -2021-(42237|35464|27104|27103|27102|27101|21985|20038|40444|34527) OR CVE List match -2020-(2509) OR CVE List match -2019-(19781|18935) OR CVE List match -2018-(0171) OR CVE List match -2017-(11882|0199). This query looks for all assets that have one or more of these CVEs in their CVE list.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Active CVEs. This chart looks at all assets with active CVEs and displays which CVEs are present in the environment.

  • This chart queries the asset database and uses the query CVE List match -2021-(44228|40539|34523|34473|31207|27065|26858|26857|26855|26084|21972) OR CVE List match -2020-(1472|0688) OR CVE List match -2019-(11510) OR CVE List match -2018-(13379)OR CVE List match -2021-(3156|27852|22893|20016|1675) OR CVE List match -2021-(42237|35464|27104|27103|27102|27101|21985|20038|40444|34527) OR CVE List match -2020-(2509) OR CVE List match -2019-(19781|18935) OR CVE List match -2018-(0171) OR CVE List match -2017-(11882|0199). This query looks for all assets that have one or more of these CVEs in their CVE list.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays CVE List.

  • The Chart Type is “Pie”.

• Operating Systems Affected. This chart displays all the operations systems and versions in the environment that are affected by CVEs.

  • This chart queries the asset database and uses the query CVE List match -2021-(44228|40539|34523|34473|31207|27065|26858|26857|26855|26084|21972) OR CVE List match -2020-(1472|0688) OR CVE List match -2019-(11510) OR CVE List match -2018-(13379)OR CVE List match -2021-(3156|27852|22893|20016|1675) OR CVE List match -2021-(42237|35464|27104|27103|27102|27101|21985|20038|40444|34527) OR CVE List match -2020-(2509) OR CVE List match -2019-(19781|18935) OR CVE List match -2018-(0171) OR CVE List match -2017-(11882|0199). This query looks for all assets that have one or more of these CVEs in their CVE list.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Lucidum OS Version.

  • The Chart Type is “Pie”.

• Vulnerable Assets. This chart lists the names of assets that have active CVEs.

  • This chart queries the asset database and uses the query CVE List match -2021-(44228|40539|34523|34473|31207|27065|26858|26857|26855|26084|21972) OR CVE List match -2020-(1472|0688) OR CVE List match -2019-(11510) OR CVE List match -2018-(13379)OR CVE List match -2021-(3156|27852|22893|20016|1675) OR CVE List match -2021-(42237|35464|27104|27103|27102|27101|21985|20038|40444|34527) OR CVE List match -2020-(2509) OR CVE List match -2019-(19781|18935) OR CVE List match -2018-(0171) OR CVE List match -2017-(11882|0199). This query looks for all assets that have one or more of these CVEs in their CVE list.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, CVE Count (Vulnerabilities::CVE)

  • From the data returned by the query, the Series field specifies the row in the table. In this case, the table will have a row for each Lucidum Asset Name.

  • The Chart Type is “Table”.

• Remediation Progress. This chart displays the number of assets that still have active CVEs each day.

  • This chart queries the asset database and uses the query CVE List match -2021-(44228|40539|34523|34473|31207|27065|26858|26857|26855|26084|21972) OR CVE List match -2020-(1472|0688) OR CVE List match -2019-(11510) OR CVE List match -2018-(13379)OR CVE List match -2021-(3156|27852|22893|20016|1675) OR CVE List match -2021-(42237|35464|27104|27103|27102|27101|21985|20038|40444|34527) OR CVE List match -2020-(2509) OR CVE List match -2019-(19781|18935) OR CVE List match -2018-(0171) OR CVE List match -2017-(11882|0199). This query looks for all assets that have one or more of these CVEs in their CVE list.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Record Generated Time.

  • The Chart Type is “Bar”.

• Assets with Common Exploits. This chart displays the CVEs with the highest number of associated assets.

  • This chart queries the asset database and uses the query CVE List match -2021-(44228|40539|34523|34473|31207|27065|26858|26857|26855|26084|21972) OR CVE List match -2020-(1472|0688) OR CVE List match -2019-(11510) OR CVE List match -2018-(13379)OR CVE List match -2021-(3156|27852|22893|20016|1675) OR CVE List match -2021-(42237|35464|27104|27103|27102|27101|21985|20038|40444|34527) OR CVE List match -2020-(2509) OR CVE List match -2019-(19781|18935) OR CVE List match -2018-(0171) OR CVE List match -2017-(11882|0199). This query looks for all assets that have one or more of these CVEs in their CVE list.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, the count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the row in the table. In this case, the table will have a row for each entry in the CVE List.

  • The Chart Type is “Table”.

Assets w_Top15 Exploited CVEs (SentinelOne 2022) #

The Assets w/Top15 Exploited CVEs dashboard displays information about assets where the top 15 most commonly exploited CVEs are active.

The Assets w/Top 15 Exploited CVEs dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use this query:

CVE List match -2021-(44228|40539|31207|34473|34523|26885|26857|26858|27065|26084|21972) or CVE List match -2020-(1472|0688) or CVE List match -2019-11510 or CVE List match -2018-13379.

This query looks for assets that have one or more of the following active CVEs:

• CVE-2021-44228

• CVE-2021-40539

• CVE-2021-31207

• CVE-2021-34473

• CVE-2021-34523

• CVE-2021-26885

• CVE-2021-26857

• CVE-2021-26858

• CVE-2021-27065

• CVE-2021-26084

• CVE-2021-21972

• CVE -2020-1472

• CVE -2020-0688

• CVE -2019-11510

• CVE-2018-13379

Charts #

• Asset Count. This chart displays the count of assets with active CVEs.

  • This chart uses the base query. The base query looks for assets that have one or more of the top15 active CVEs:

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Active CVEs. This chart looks at all assets with active CVEs and displays which CVEs are present in the environment.

  • This chart uses the base query.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays an entry from the CVE List.

  • The Chart Type is “Pie”.

• Operating Systems Affected. This chart displays all the operations systems and versions in the environment that are affected by CVEs.

  • This chart uses the base query.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays one of the Lucidum OS Version.

  • The Chart Type is “Pie”.

• Vulnerable Assets. This chart lists the names of assets that have active CVEs.

  • This chart uses the base query.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, CVE Count (Vulnerabilities::CVE)

  • From the data returned by the query, the Series field specifies the row in the table. In this case, the table will have a row for each Lucidum Asset Name.

  • The Chart Type is “Table”.

• Remediation Progress. This chart displays the number of assets that still have active CVEs each day.

  • This chart uses the base query.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Record Generated Time.

  • The Chart Type is “Bar”.

• Assets with Common Exploits. This chart displays the CVEs with the highest number of associated assets.

  • This chart uses the base query.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, the count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the row in the table. In this case, the table will have a row for each entry in the CVE List.

  • The Chart Type is “Table”.

Kaspersky Top-n APTs: 2023 #

Advanced Persistent Threats (APTs) targeting enterprise infrastructures exploit existing software vulnerabilities. Kaspersky analyzed available data on exploits used in APT attacks for 2023 and Q1 2024 to determine which software is most frequently exploited by attackers.

The Kaspersky Top-n APTSs: 2023 dashboard displays the vulnerabilities that APT groups leveraged the most in 2023 and Q1 2024 and the assets in your environment that are at risk. You can view the Kaspersky list at https://securelist.com/vulnerability-report-q1-2024/112554/.

The Kaspersky Top-n APTSs: 2023 dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use this query:

Kaspersky Top-n Exploited Vulns: 2023 == True

This query looks for assets where the field Kaspersky Top-n Exploited Vulns: 2023 is True. This field is a SmartLabel that specifies:

CVE List match CVE-2023-38831, CVE-2017-11882, CVE-2017-0199, CVE-2021-44228, CVE-2023-36884, CVE-2023-27350, CVE-2022-47966, CVE-2021-34523, CVE-2021-34473, CVE-2020-1472

Charts #

• Kaspersky Top-10 Exploited APTs: 2023. This chart displays the count of assets with active CVEs in the Kaspersky Top-10 Exploited APTs for 2023.

  • This chart uses the base query. The base query looks for assets that have one or more of the  active CVEs: CVE-2023-38831, CVE-2017-11882, CVE-2017-0199, CVE-2021-44228, CVE-2023-36884, CVE-2023-27350, CVE-2022-47966, CVE-2021-34523, CVE-2021-34473, CVE-2020-1472

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name returned by the query.

  • The Chart Type is “Big Number”.

• Kaspersky Top-10 Exploited APTs: 2023. This chart displays a table of each Kaspersky Top-10 CVE and the number of assets affected by the CVE.

  • This chart uses the base query.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, the count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the row in the table. In this case, the table will have a row for each entry in the CVE List.

  • The Chart Type is “Table”.

• Kaspersky Top-10 Exploited APTs: 2023 Affected Assets. This chart displays details about the assets that are affected by the Kaspersky Top-10 CVEs.

  • This chart uses the base query.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, the columns are Lucidum Asset Name, Instance Name, Lucidum OS Version.

  • The Chart Type is “Table”.

• Kaspersky Top-10 Exploited APTs: 2023 Vuln Details. This chart displays details about the vulnerabilities in the Kaspersky Top-10 CVEs.

  • This chart uses the base query.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, the columns are CVE List, # of Assets, NVD Published Time, CVSS Severity, and Lucidum Verified Risk.

  • The Chart Type is “Table”.

Risk & Threat Overview #

The Risk & Threat Overview dashboard displays details about risks and threats for the assets in your environment.

Risks are potential vulnerabilities in the environment. For example, unencrypted assets or known exploited vulnerabilities that exist in the environment are risk factors. Risk measurement include the likelihood that the vulnerabilities will be exploited and the impact on the environment if the vulnerability is exploited. Lucidum ingests data about assets and uses machines learning to finds risks and calculate risk measurements.  Lucidum calculates:

• Risk Factor

• Risk Score

• Risk Ranking

• Risk Level

Threats are related to actors or actions that exploit vulnerabilities. Threats include malware, ransomware, DDoS attacks, and stolen credentials. Lucidum ingests threat data from products in your environment that provide threat intelligence. Lucidum aligns this ingested data with assets and uses the threat intelligence when calculating risk measurements.

The Risk & Threat Overview dashboard looks like this:

Base Query #

• Most of the asset charts in this dashboard use a query like:

Online Compute == TRUE AND Last Time Seen within page 1 month

• This query searches for all compute assets that are online and have been active within the last month.

• The field Online Compute is a SmartLabel that specifies Lucidum OS Category in Microsoft Windows, Linux, macOS, Unix, VMware AND IP Address exists AND Lucidum Status match Online. This query finds assets that are running a compute OS, are online, and have an IP address (to weed out containers).

Charts #

• Compute Assets Online: Total. This chart displays the total count for all compute assets.

  • This chart queries the asset database and uses the query Online Compute == TRUE AND Last Time Seen within past 1 month. This query finds all online compute assets that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name instances.

  • The Chart Type is “Big Number”.

• Compute Asset Risks by Risk Level. This chart displays compute assets organized by risk level (low, medium, and high).

  • This chart queries the asset database and uses the query Online Compute == TRUE AND Last Time Seen within past 1 month. This query finds all online compute assets that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the entire pie is the count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Risk Level in each slice.

  • The Chart Type is “Pie”.

• Compute Asset Risk by Department. This chart displays compute assets, organized by department.

  • This chart queries the asset database and uses the query Online Compute == TRUE AND Last Time Seen within past 1 month. This query finds all online compute assets that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays Department.

  • The Chart Type is “Bar”.

• Compute Asset Risk Factors. This chart displays compute assets organized by risk factors.

  • This chart queries the asset database and uses the query Online Compute == TRUE AND Last Time Seen within past 1 month AND Risk Factors exists. This query finds all online compute assets that have been active in the last month and include Risk Factors.

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the entire pie is the count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Risk Factors in each slice.

  • The Chart Type is “Pie”.

• Threats Reported. This charts displays a list of threats that exist in the environment and the number of assets affected by each threat.

• • This chart queries the asset database and uses the query Online Compute == True AND Last Time Seen within past 1 month AND Threat List exists. This query finds all online compute assets that have been active in the last month and include a Threat List.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, the columns are a count of Lucidum Asset Name associated with each threat.

  • From the data returned by the query, the Series field specifies the row in the table. In this case, the table will have a row for each Threat List.

  • The Chart Type is “Table”.

• High-Risk Assets by Risk Ranking. This chart displays details about each asset that has a Risk Level of High.

  • This chart queries the asset database and uses the query Online Compute == True AND Last Time Seen within past 1 month AND Risk Level match 3-high. This query finds all online compute assets that have been active in the last month and have a Risk Level of High.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, the columns are Latest Asset Name, Risk Ranking, Person Full Name, Lucidum OS Version, Department, Location, and Risk Factors.

  • The Chart Type is “Table”.

Risk & Vuln Overview #

The Risk & Vuln Overview dashboard displays information about all risk and all vulnerabilities in the environment.

Vulnerabilities are weaknesses in a system that can be exploited by attackers. Lucidum ingests vulnerability data from:

• Vulnerability Management applications in your environment

• (Common Vulnerability Scoring System) from the National Vulnerability Database (NVD) from National Institute of Standards and Technology (NIST). Provides both a score and a severity for vulnerabilities.>

• Known Exploited Vulnerabilities (KEV) from the Cybersecurity and Infrastructure Security Agency (CISA). Identifies exploited vulnerabilities and KEVs with fixes. >

• EPSS (Exploit Prediction Scoring System) from the Forum of Incident Response and Security Teams (FIRST). Estimates the likelihood (probability) that a software vulnerability will be exploited in the wild.

• CVE Fix from CVE.org. Lists the fixes and workarounds for a CVE if available.

Risks are potential vulnerabilities in the environment. For example, unencrypted assets or known exploited vulnerabilities that exist in the environment are risk factors. Risk measurement include the likelihood that the vulnerabilities will be exploited and the impact on the environment if the vulnerability is exploited. Lucidum ingests data about assets and uses machines learning to finds risks and calculate risk measurements.  Lucidum calculates:

• Risk Factor

• Risk Score

• Risk Ranking

• Risk Level

The Risk & Vuln Overview dashboard looks like this:



Base Query #

• Most of the asset charts in this dashboard use a query like:

Online Compute == TRUE

• The field Online Compute is a SmartLabel that specifies Lucidum OS Category in Microsoft Windows, Linux, macOS, Unix, VMware AND IP Address exists AND Lucidum Status match Online. This query finds assets that are running a compute OS, are online, and have an IP address (to weed out containers).

Charts #

• Online Compute Assets: Risk by Ranking. This chart displays the number of online compute assets per risk ranking.

  • This chart queries the asset database and uses the query Online Compute == TRUE. This query finds all online compute assets.

• • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays Risk Ranking.

  • The Chart Type is “Bar”.

• Online Computer Assets by Risk Level. This chart displays compute assets organized by risk level (low, medium, and high).

  • This chart queries the asset database and uses the query Online Compute == TRUE. This query finds all online compute assets.

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the entire pie is the count of Lucidum Asset Name returned by the query.

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Risk Level in each slice.

  • The Chart Type is “Pie”.

• Online Compute Assets. This chart displays risk details for each online compute asset.

• This chart queries the asset database and uses the query Online Compute == TRUE. This query finds all online compute assets.

• From the data returned by the query, the Category fields specifies the columns in the table. In this case, the columns are Latest Asset Name, Lucidum OS Version, Department, Risk Score, Risk Ranking, Risk Level, Risk Factor Count, KEV Count, and All Vulns.

• The Chart Type is “Table”.

Vulnerabilities #

The Vulnerabilities dashboard lists all the identities in your Lucidum system and details about each identity.

The Vulnerabilities dashboard looks like this:



Base Query #

• This dashboard includes a single chart.

• The chart queries the Vulnerability database and uses the query CVE List to find all vulnerabilities in your Lucidum system.

Charts #

• This dashboard includes a single chart.

• From the data returned by the query, the Category fields specifies the columns in the table. In this case, CVE Description, CVE List, Number of Assets, CVE Software::Name, CVE Software::Type CVE Software::Vendor, CVSS Severity, Known Exploited Vulnerability, Fixable, CVSS Score, CVSS Version, Lucidum Verified Risk, EPSS Score, EPSS Percentile.

• The Chart Type is “Table”.

In the Vulnerabilities dashboard, you can view the following about each asset:

• CVE Description. Description of the CVE, as described by Mitre.

• CVE List. The ID for the CVE, as provided by Mitre.

• # of Assets. Number of assets affected by thge CVE.

• CVE Software Name. One or more software packages affected by the CVE.

• CVE Software Type. Software package and type affected by the CVE.

• CVE Software Vendor. Vendors associated with the entries in CVE Software Name.

• CVSS Severity. Severity in the Common vulnerability scoring system. A mathematical/statistical scoring for vulnerabilities. Maintained by FIRST (forum of incident response and security teams).

• KEV. Specifies if this is a Known Exploited Vulnerability, as specified by CISA.

• Fixable. Specifies if there is a fix for the CVE.

• CVSS Score. Score in the Common vulnerability scoring system. A mathematical/statistical scoring for vulnerabilities. Maintained by FIRST (forum of incident response and security teams). Range is 0 (no risk) – 10 (critical risk).

• CVSS Version. Version of the Common vulnerability scoring system. Each version of CVSS includes improved metrics and formulas. Possible versions v2 (released 2007), v3.0 (2015), v3.1 (2019), and v4.0 (2023).

• Lucidum Verified Risk. Lucidum Verified Risk is a single score applied to each CVE in your environment. The score is between 1-100, with 100 being the highest score. The higher the score, the higher the risk for that CVE. Lucidum Verified Risk is like a credit score for a vulnerability, combining available vulnerability data and data about your environment. For details, see Lucidum Verified Risk.

• EPSS Score. Score in the Exploit prediction scoring system. A mathematical/statistical scoring for exploits. Maintained by FIRST (forum of incident response and security teams).

• EPSS Percentile. Percentile in the Exploit prediction scoring system. A mathematical/statistical scoring for exploits. Maintained by FIRST (forum of incident response and security teams).

For each column name, you can:

• Sort by ASC. Sort the results by this column, in ascending order.

• Sort by DESC. Sort the results by this column, in descending order.

• Pin to left. The column is pinned to the left border. When you scroll left to right to view all the columns, this column stays on the left border.

• Pin to right. The column is pinned to the right border. When you scroll left to right to view all the columns, this column stays on the right border.

• Filter. Allows you to filter the table by one or more columns in the results table.

• Hide Column. Removes the column from the page.

• Manage columns. You can include or not include one or more columns in the results table.