Is Lumu able to see all the data that goes through my network?

I am worried about privacy, is Lumu able to see all the data that goes through my network?

We only see network metadata, which means that we do not see any confidential information like passwords. The information that we see are IPs and hostnames. All other information is discarded. To run Continuous Compromise Assessment, we do not need to know the content of the communication between your company and the infrastructure of the adversary, we only need to know that there is communication that should not be happening in the first place.

All your data is covered by our strong privacy policies and Lumu operates under EU-U.S. Privacy Shield  certification regarding compliance with data protection.

For the Lumu Agent, we also collect information regarding the devices and its users to help us to provide more details on who is being affected by compromises and to troubleshoot issues. Such information includes, but is not limited to username, device name, Windows installation ID, operating system version, proxy and firewall configuration, antivirus in use, memory and disk sizes, processor type, computer manufacturer and model, network interfaces, and agent usage statistics.

SOC Type 2 Compliance

Lumu has been certified as compliant with SOC type 2 by meeting some of the most rigorous standards for data security, availability, processing integrity, confidentiality, and privacy. This compliance demonstrates Lumu's commitment to protecting the interests of our clients, partners, and stakeholders. SOC 2 is a recognized standard for auditing service organizations and provides an independent validation that Lumu's systems, policies, and procedures meet the highest levels of security and privacy. 



        • Related Articles

        • What is Continuous Compromise Assessment?

          Lumu’s Continuous Compromise Assessment is a patent-pending model that enables organizations to measure their unique compromise levels, using their own network metadata. This model allows you to identify when, where, and how your infrastructure is ...
        • How does Lumu measure compromise in real time?

          Lumu systematically collects, normalizes, and analyzes a wide range of network metadata, including DNS, Net flows, Proxy, Firewall Access Logs, Inbox and Email Intelligence. The level of visibility that only these data sources provide, allows us to ...
        • What is Lumu Insights?

          Your network traffic is your ground zero for illuminating threats and adversaries. Using existing network data sources, Lumu Insights continuously assesses the entire enterprise to determine the level of compromise. Implementing Lumu’s patent-pending ...
        • What does Lumu do?

          This is a brief comparison between what Lumu offers versus the capabilities Lumu may work with, but does not directly offer: Do Don’t Continuous Compromise Assessment Network Performance Analysis Implement “Assume you are Compromised” Strategy ...
        • What is the difference between Lumu Free, Lumu Insights and Lumu Defender?

          Lumu Free offers a starting point for understanding your compromise level. It is always free and provides network-level visibility of confirmed IoCs (Indicators of Compromise) and retains incident data for 45 days. With Lumu Insights you can ...