What is the difference between Lumu Free and Lumu Insights?

What is the difference between Lumu Free, Lumu Insights and Lumu Defender?

Lumu Free offers a starting point for understanding your compromise by level providing limited visibility of confirmed IoCs (Indicators of Compromise) as it only processes  DNS metadata and retains data for 45 days.

With Lumu Insights you can incorporate Continuous Compromise Assessment into your security operation. This tier allows you to have unlimited Virtual Appliances that serve as collectors of network metadata providing detailed visibility into confirmed IoCs, automatic and real time ingestion of extensive metadata sources: DNS, net flows, access logs, and spambox,  sophisticated attack pattern recognition and up to 1 years of incident data retention.

Lumu Defender includes all the features offered by Lumu Insights, and adds the ability to integrate Lumu’s real-time analysis  into responses. Sending the confirmed compromise instances collected by Lumu allows SOC teams to operationalize the concept of ‘block first, and investigate later.’ The SOC team will always be the ultimate decision maker. However, through automation, the threat actor’s window of opportunity can be drastically shortened, especially in cases where the attack occurs outside of normal working hours.
To know more about plans and Lumu Insights and talk to an expert, visit our Illumination options page.
        • Related Articles

        • What is Continuous Compromise Assessment?

          Lumu’s Continuous Compromise Assessment is a patent-pending model that enables organizations to measure their unique compromise levels, using their own network metadata. This model allows you to identify when, where, and how your infrastructure is ...
        • What is Lumu Insights?

          Your network traffic is your ground zero for illuminating threats and adversaries. Using existing network data sources, Lumu Insights continuously assesses the entire enterprise to determine the level of compromise. Implementing Lumu’s patent-pending ...
        • How does Lumu measure compromise in real time?

          Lumu systematically collects, normalizes, and analyzes a wide range of network metadata, including DNS, Net flows, Proxy, Firewall Access Logs, and Spambox. The level of visibility that only these data sources provide, allows us to understand the ...
        • Why and how long do you store the metadata?

          Lumu stores your processed network metadata traffic for Playback™ capabilities, meaning we can compare and match every new indicator of compromise against stored metadata for every customer we are protecting. For Lumu Free accounts 45 days’ Incident ...
        • How is the network metadata collected?

          On Lumu Free you may use Lumu’s public DNS as forwarders on your internal DNS Servers. On Lumu Insights and Lumu Defender, we rely on virtual appliances and cloud collectors to cover your hybrid environments. Consult our deployment documentation for ...