What is the difference between Lumu Free, Lumu Insights and Lumu Defender?
Lumu Free offers a starting point for understanding your compromise level. It is always free and provides network-level visibility of confirmed IoCs (Indicators of Compromise) and retains incident data for 45 days.
With Lumu Insights you can incorporate Continuous Compromise Assessment into your security operation. This tier allows you to have unlimited Virtual Appliances that serve as collectors of network metadata providing detailed visibility into confirmed IoCs, automatic and real time ingestion of extensive metadata sources: DNS, net flows, access logs, inbox and spambox, sophisticated attack pattern recognition and up to 1 years of incident data retention.
Lumu Defender includes all the features offered by Lumu Insights, and adds the ability to integrate Lumu’s real-time analysis into responses. Sending the confirmed compromise instances collected by Lumu allows SOC teams to operationalize the concept of ‘block first, and investigate later.’ The SOC team will always be the ultimate decision maker. However, through automation, the threat actor’s window of opportunity can be drastically shortened, especially in cases where the attack occurs outside of normal working hours.
What is Continuous Compromise Assessment?
Lumu’s Continuous Compromise Assessment is a patent-pending model that enables organizations to measure their unique compromise levels, using their own network metadata. This model allows you to identify when, where, and how your infrastructure is ...
What is Lumu Insights?
Your network traffic is your ground zero for illuminating threats and adversaries. Using existing network data sources, Lumu Insights continuously assesses the entire enterprise to determine the level of compromise. Implementing Lumu’s patent-pending ...
How does Lumu measure compromise in real time?
Lumu systematically collects, normalizes, and analyzes a wide range of network metadata, including DNS, Net flows, Proxy, Firewall Access Logs, Inbox and Spambox. The level of visibility that only these data sources provide, allows us to understand ...
Why and how long do you store the metadata?
Lumu stores your processed network metadata traffic for Playback™ capabilities, meaning we can compare and match every new indicator of compromise against stored metadata for every customer we are protecting. With regard to incident metadata, 45 ...
What does Lumu do?
This is a brief comparison between what Lumu offers versus the capabilities Lumu may work with, but does not directly offer: Do Don’t Continuous Compromise Assessment Network Performance Analysis Implement “Assume you are Compromised” Strategy ...