As described in our
Get Started article, all successful attacks have a common denominator:
the cybercriminal must use the network.
Lumu covers from simple to complex infrastructures collecting network metadata from your extended perimeter through a variety of collectors such as installed agents, public gateways, API collection, and pre-configured Virtual Appliances that can be deployed on virtual machines or cloud platforms. The collectors then relay the collected data to Lumu for
Continuous Compromise Assessment.
Watch the following video and get familiar with the general deployment architecture of Lumu:
Select How to Deploy Lumu
Send your metadata for Continuous Compromise Assessment by Lumu using one or a combination of collectors. The selection of how to implement Lumu depends on your needs and how you want to integrate Lumu into your infrastructure.
Take advantage of
for starting to understand your compromise level and to get visibility into threats, attacks, and adversaries affecting your enterprise. When greater visibility is desired, implement network metadata collectors inside your network infrastructure with
completes Lumu’s vision of closing the feedback loop in cybersecurity by adding the ability to integrate Lumu’s real-time analysis into your security stack for mitigation and orchestration.
Lumu Free - Start Understanding your Compromise Level
Lumu Free offers a freemium account to taste the Continuous Compromise Assessment through limited network metadata collection. It takes about 5 minutes to set up Lumu Free and you can start seeing DNS traffic immediately by using Gateways.
Lumu Free is permanently offered at no cost; it is not a limited-time free trial. You may set up your account now and keep it for as long as you like.
Lumu Free - start understanding your compromise level.
Lumu Free includes:
- Real-time DNS ingestion using Lumu gateways as a collector for Continuous Compromise Assessment
Network-level visibility of confirmed indicators of compromise (IoCs)
Access to Lumu Portal, including Compromise Context, network traffic grouping, business priority, and incident management.
45-day incident retention
Lumu Insights - Incorporate the Continuous Compromise Assessment into Your Security Operation
Lumu Insights offers detailed visibility with your security operation. With Lumu Insights, you can deploy Agents, Spambox, Custom Connectors API, and unlimited Virtual Appliances for 360-degree visibility that continuously assesses and highlights your network compromise.
Lumu Insights provides you with unprecedented visibility into the detailed malicious activity of each private IP address in your network in real time. Lumu Insights can tell you exactly where the IoCs are located to help you
Lumu Insights and its collector’s variety.
With Lumu Insights, besides all features available in Lumu Free, you also have:
- Seamless integration with your current infrastructure for automatic and real-time ingestion of extensive metadata sources: DNS, netflows, access logs, and spam box.
Custom data collection via API
Unlimited Virtual Appliances for on-premise and Cloud data collection
Remote endpoint monitoring and compromised assets pinpointed
Bring Your Own Threat Intelligence
Sophisticated attack pattern recognition with asset level visibility
The automated MITRE ATT&CK Matrix
Email & Telephone Support.
1 year of incident retention
STIXX Module and Single Sign On on the Lumu Portal
Lumu-to-SIEM Alert Integrations
Lumu Defender - Closing the Feedback Loop in Cybersecurity
A genuinely proficient cybersecurity operation requires collecting information on the cybersecurity architecture’s performance and using that information to improve the system continuously. Lumu already measures the output of the system: its level of compromise. Now, with Lumu Defender, you can augment the capabilities of current cybersecurity investments with confirmed compromise information.
Lumu Defender includes all the features offered by Lumu Insights, plus adds the ability to integrate Lumu’s real-time analysis into automated responses and up to 2 years of data retention with flexible reporting capabilities (Playback).
Sending the confirmed compromise instances collected by Lumu allows SOC teams to operationalize the concept of ‘block first, and investigate later.’ The SOC team will always be the ultimate decision maker. However, through automation, the threat actor’s window of opportunity can be drastically shortened, especially in cases where the attack occurs outside of normal working hours.
Lumu Defender and its integrations capabilities.