Why and how long do you store the metadata?
Lumu stores your processed network metadata traffic for Playback™ capabilities, meaning we can compare and match every new indicator of compromise against stored metadata for every customer we are protecting.
For Lumu Free accounts 45 days’ Incident data is stored, while 1 year for Lumu Insights and up 2 years s included with Lumu Defender.
What is the difference between Lumu Free, Lumu Insights and Lumu Defender?
Lumu Free offers a starting point for understanding your compromise by level providing limited visibility of confirmed IoCs (Indicators of Compromise) as it only processes DNS metadata and retains data for 45 days. With Lumu Insights you can ...
What is Lumu Insights?
Your network traffic is your ground zero for illuminating threats and adversaries. Using existing network data sources, Lumu Insights continuously assesses the entire enterprise to determine the level of compromise. Implementing Lumu’s patent-pending ...
How is the network metadata collected?
On Lumu Free you may use Lumu’s public DNS as forwarders on your internal DNS Servers. On Lumu Insights and Lumu Defender, we rely on virtual appliances and cloud collectors to cover your hybrid environments. Consult our deployment documentation for ...
How does Lumu measure compromise in real time?
Lumu systematically collects, normalizes, and analyzes a wide range of network metadata, including DNS, Net flows, Proxy, Firewall Access Logs, and Spambox. The level of visibility that only these data sources provide, allows us to understand the ...
What is the source of your threat intelligence?
We have partnerships with over 70 leading threat intelligence providers. We also offer you the ability to Bring Your Own Threat Intelligence (BYOTI™), through which we can ingest additional IoCs into Lumu’s Illumination Process. Learn more about the ...