The pre-built Value-Oriented Dashboards include the following endpoint security dashboard:

  • Endpoint Management. This dashboard displays information about assets that are not running an endpoint agent.

Required Connectors

To find all the assets in your environment and all the endpoint security solutions in your en, Lucidum recommends you configure Lucidum connectors for:

  • The Endpoint Management solutions in your environment (for example, Jamf, Intune, Citrix Endpoint Management, Symantec Endpoint Management, Hexnode)

  • The Endpoint Protection solutions in your environment (for example, Trellix Endpoint Security, Symantec Endpoint Protection, SentinelOne, Crowdstrike Falcon, Microsoft Defender for Endpoint )

  • The Endpoint Detection and Response solutions in your environment (for example, SentinelOne, Falcon Crowdstrike, Trend Micro XDR, Check Point Harmony Endpoint, Cortex XDR)

  • The cloud security solutions in your environment for cloud assets (for example, Netskope, Illumio Core, Orca, Tenable.io, Trend Micro Cloud One, Sophos Central)

  • The Mobile Device Management solutions in your environment (for example, Addigy, Citrix Endpoint, Jamf Pro, Kandji)

  • The directory solutions in your environment (For example, Azure AD, Microsoft AD, Jump Cloud, PingOne, OpenLDAP,)

  • The DHCP solutions in your environment (For example, Infoblox, Efficient IP, BlueCat)

  • The VPN solutions in your environment (For example, Cisco AnyConnect, FortiClient, Palo Alto VPN, Citrix Gateway, Zscaler Private Access)

  • The cloud solutions in your environment (for example, AWS, Azure, Google Cloud, Oracle Cloud)

Endpoint Management Dashboard

The Endpoint Management dashboard displays information about assets that are not running an endpoint agent.

The Endpoint Management dashboard looks like this:

Base Query

Most of the charts in this dashboard use the following base query:

Endpoint Agent (yes/no) is not yes AND Asset Type is equal to VM OR Asset Type is equal to Workstation OR Asset Type is equal to Cloud.Compute OR Asset Type is equal to Servers OR Asset Type is equal to Virtual.Guest OR Asset Type is equal to Server OR Asset Type is equal to Workstations OR Asset Type is equal to Windows OR Asset Type is equal to MacMDM

This query searches for assets that do not have an endpoint agent and where the Asset Type is VM, Workstation, Cloud.Compute, Servers, Virtual.Guest, Server, Workstations, Windows, or MacMDM. These are all the types of endpoint in our example system.

If you wanted to create a dashboard for a different set of endpoints, you can supply one or more different asset types in the query or delete one or more asset types in the query. To view all Asset Types in your Lucidum system, in the Query Builder, select Asset Type. The value field includes a list of available Asset Types to choose from.

Charts

To view details about each chart, click the pencil icon (

).

  • Endpoint Agent Missing: Compute Assets. This chart displays a count of all endpoints without endpoint agents.

    • This chart uses the query Endpoint Agent (yes/no) is not yes AND Asset Type is equal to VM OR Asset Type is equal to Workstation OR Asset Type is equal to Cloud.Compute OR Asset Type is equal to Servers OR Asset Type is equal to Virtual.Guest OR Asset Type is equal to Server OR Asset Type is equal to Workstations OR Asset Type is equal to Windows OR Asset Type is equal to MacMDM

    • The Summary further filters and organizes the query results (set of additional fields for each Lucidum Asset Name that matches the query) for display in the chart. This chart does not use an additional filter.

    • The Chart Type is “Big Number.

  • Data Sources of No-Endpoint-Agent Devices. This chart displays all endpoints without endpoint protection and also displays the data sources associated with these endpoints.

    • This chart uses the query Endpoint Agent (yes/no) is not yes AND Asset Type is equal to VM OR Asset Type is equal to Workstation OR Asset Type is equal to Cloud.Compute OR Asset Type is equal to Servers OR Asset Type is equal to Virtual.Guest OR Asset Type is equal to Server OR Asset Type is equal to Workstations OR Asset Type is equal to Windows OR Asset Type is equal to MacMDM

    • The Summary further filters and organizes the query results (set of additional fields for each Lucidum Asset Name that matches the query) for display in the chart. This chart uses the additional filter count Lucidum Asset Name by Data Sources

    • The Chart Type is “Bar”.

  • Locations of No-Endpoint-Agent Devices. This chart displays the locations for all devices without endpoint protection.

    • This chart uses the query Endpoint Agent (yes/no) is not yes AND Asset Type is equal to VM OR Asset Type is equal to Workstation OR Asset Type is equal to Cloud.Compute OR Asset Type is equal to Servers OR Asset Type is equal to Virtual.Guest OR Asset Type is equal to Server OR Asset Type is equal to Workstations OR Asset Type is equal to Windows OR Asset Type is equal to MacMDM

    • The Summary further filters and organizes the query results (set of additional fields for each Lucidum Asset Name that matches the query) for display in the chart. This chart uses the additional filter count Lucidum Asset Name by Location

    • The Chart Type is “Bar”.

  • Departments of No-Endpoint-Agent Devices. This chart displays the departments associated with devices without endpoint protection.

    • This chart uses the query Endpoint Agent (yes/no) is not yes AND Asset Type is equal to VM OR Asset Type is equal to Workstation OR Asset Type is equal to Cloud.Compute OR Asset Type is equal to Servers OR Asset Type is equal to Virtual.Guest OR Asset Type is equal to Server OR Asset Type is equal to Workstations OR Asset Type is equal to Windows OR Asset Type is equal to MacMDM

    • The Summary further filters and organizes the query results (set of additional fields for each Lucidum Asset Name that matches the query) for display in the chart. This chart uses the additional filter count Lucidum Asset Name by Department

    • The Chart Type is “Bar”.

  • OS of No-Endpoint-Agent Devices. This chart displays the operating systems and versions associated with devices without endpoint protection.

    • This chart uses the query Endpoint Agent (yes/no) is not yes AND Asset Type is equal to VM OR Asset Type is equal to Workstation OR Asset Type is equal to Cloud.Compute OR Asset Type is equal to Servers OR Asset Type is equal to Virtual.Guest OR Asset Type is equal to Server OR Asset Type is equal to Workstations OR Asset Type is equal to Windows OR Asset Type is equal to MacMDM

    • The Summary further filters and organizes the query results (set of additional fields for each Lucidum Asset Name that matches the query) for display in the chart. This chart uses the additional filter count Lucidum Asset Name by OS and Version

    • The Chart Type is “Bar”.

  • Asset Types of No-Endpoint-Agent Devices. This chart displays the asset types associated with devices without endpoint protection.

    • This chart uses the query Endpoint Agent (yes/no) is not yes AND Asset Type is equal to VM OR Asset Type is equal to Workstation OR Asset Type is equal to Cloud.Compute OR Asset Type is equal to Servers OR Asset Type is equal to Virtual.Guest OR Asset Type is equal to Server OR Asset Type is equal to Workstations OR Asset Type is equal to Windows OR Asset Type is equal to MacMDM

    • The Summary further filters and organizes the query results (set of additional fields for each Lucidum Asset Name that matches the query) for display in the chart. This chart uses the additional filter count Lucidum Asset Name by Asset Type

    • The Chart Type is “Bar”.

  • Vendors of No-Endpoint-Agent Devices. This chart displays the vendors associated with devices without endpoint protection.

    • This chart uses the query Endpoint Agent (yes/no) is not yes AND Asset Type is equal to VM OR Asset Type is equal to Workstation OR Asset Type is equal to Cloud.Compute OR Asset Type is equal to Servers OR Asset Type is equal to Virtual.Guest OR Asset Type is equal to Server OR Asset Type is equal to Workstations OR Asset Type is equal to Windows OR Asset Type is equal to MacMDM

    • The Summary further filters and organizes the query results (set of additional fields for each Lucidum Asset Name that matches the query) for display in the chart. This chart uses the additional filter count Lucidum Asset Name by Vendor

    • The Chart Type is “Bar”.

  • Risk Level of No-Endpoint-Agent Devices. This chart displays the risk level for the devices without endpoint protection.

    • This chart uses the query Endpoint Agent (yes/no) is not yes AND Asset Type is equal to VM OR Asset Type is equal to Workstation OR Asset Type is equal to Cloud.Compute OR Asset Type is equal to Servers OR Asset Type is equal to Virtual.Guest OR Asset Type is equal to Server OR Asset Type is equal to Workstations OR Asset Type is equal to Windows OR Asset Type is equal to MacMDM

    • The Summary further filters and organizes the query results (set of additional fields for each Lucidum Asset Name that matches the query) for display in the chart. This chart uses the additional filter count Lucidum Asset Name by Risk Level

    • The Chart Type is “Bar”.