Skip to main content
Skip table of contents

Data in Lucidum

Connectors

Lucidum connectors provide the data to your lucidum system.

Connectors allow Lucidum to ingest data from your environment and discover, identify, and classify assets, data, and users. Lucidum includes pre-built connectors for the most commonly used solutions for security, vulnerability scanning, cloud, data warehouse, identity management, logs, network, endpoint management, IP management, file sharing, and devops.

To configure a connector, you provide credentials that allow Lucidum secure, read-only access to a deployed solution.

The more connectors you configure, the better your data set.

Data Source and Lucidum Data Group

Lucidum deduplicates, triangulates, and aggregates the raw data from connectors to provide you with enriched data about assets, users, and vulnerabilities.

There are two types of data in Lucidum, both of which you can view in Lucidum and use in dashboards:

  • Data Source (raw data). Raw data, directly from connectors.

  • Lucidum Data Group. Enriched data about assets, user, and vulnerabilities.

Data Source

Data Sources contain the raw data that is ingested by Lucidum connectors from your environment. For example, Data Sources can include Tenable, SentinelOne, Infoblox, Active Directory, AWS, VMware. Within each Data Source is the raw data collected by Lucidum for an asset.

For example, an Active Directory data source for an asset would include the information you would expect to find in an Active Directory record for that asset.

Lucidum Data Group

After ingestion, Lucidum cleans up the raw data and fills the gaps between security solutions. After ingesting data from connectors, Lucidum enriches that data through machine learning.

After ingestion, Ludium:

  • Deduplicates records. For example, suppose an asset uses DHCP. Suppose Lucidum ingests different information about that asset each day. However, each day, that asset will lease a new IP address. Instead of creating multiple asset records, Lucidum creates a single record for that asset. The single record includes all the IP addresses associated with the asset over time. Triangulates

  • Triangulates records. Suppose a single user appears in multiple solutions with multiple versions of a user name. For example, suppose Lucidum ingests a different name from Azure AD, GitHub, and Intune. Suppose Lucidum ingests the names “John.Smith”, “SmithJ”, and “john.smith@lucidum.io”. Lucidum creates a single entry for that user with a single user name and enriches the user record with information from Azure AD, GitHut, and Intune.

  • Aggregates records. Suppose Lucidum ingests data about an asset from CarbonBlack, Tenable, Intune, VMware, and InfoBlox. Each data source provides some information. Some of these data sources provide unique information. For example, one solution might provide OS and version, another solution might provide vulnerabilities, another solution might provide hardware information, another solution m7ight provide application data, and another solution might provide cloud information. Lucidum creates a single asset record that aggregates all the data from the multiple solutions.

  • Derives Data. Suppose you are interested in broader categories of data to provide a high-level overview in dashboards and reports. In these cases, Lucidum can strip out extraneous detail without losing accuracy. For example, suppose you are interested in operating systems running in your environment. Lucidum can provide you with a list of devices running Linux, Windows, and MacOs, regardless of the flavors or versions. Or suppose you want a list of all Windows 10 devices, regardless of the build of Windows 10.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close