If your company already has a DNS firewall like OpenDNS (currently, Cisco Umbrella), Infoblox, or the like, Lumu seamlessly integrates with your DNS firewall to continue to benefit from blocking malicious DNS requests, while layering real-time compromise assessment. In order to assess compromises effectively, one must take into consideration a wide range of network metadata sources. For this reason, DNS is only one of many network metadata collected and analyzed. Lumu also collects network flows, proxy logs, firewall logs, inbox and email metadata to have a complete and detailed view to detect and understand compromise incidents and build the ability to respond in a precise and timely manner.
In addition, Lumu provides Compromise Context that enriches confirmed compromise with factual data related to each compromise’s distribution, behavior, movement, and more. By accessing our Threat Triggers, you can enable policies that contain these compromises using your current cybersecurity infrastructure. Consequently, you can invest time to understand and eradicate each compromise, so you and your team can respond in a precise and timely manner.