Continuous Compromise Assessment Tool
Use Your Own Network Metadata to Detect Incidents
AI-Powered Compromise Data in Real-Time
Lumu Technologies has developed an AI-powered Continuous Compromise Assessment tool that systematically collects and analyzes a wide range of network metadata sources for confirmed indications of compromise. It provides immediate, actionable intelligence on compromises by geography, network segments, devices, domains, critical asset and more. We believe in the product so much we've signed on as a reseller.
Lumu’s approach rethinks the security paradigm, one that has tried to keep attackers out of key enterprise networking assets. Instead, Lumu makes the assumption that cybercriminals are already inside the enterprise’s environments and creates a Continuous Compromise Assessment model: collecting, normalizing, and analyzing network metadata, including DNS, Netflows, Proxy and Firewall Access Logs, and Spambox. This continuous data assessment flags compromises so organizations can react in real-time.
Key Facts
- Data breaches have surged 88% from 2014 to 2019
- Cybersecurity spending is projected to have grown by 57% from 2014 to 2019
- In 2019, an attacker avoided detection for an average of 206 days
The Answer is in Your Own Network Metadata
All attacks have a common denominator: the threat actor must use the network to compromise an organization. Therefore they leave behind a trail of evidence that Lumu follows by looking at a comprehensive array of metadata sources.
DNS Queries
When a device is compromised, it will resolve a domain that belongs to adversarial infrastructure, offering concrete compromise evidence.
Proxy and Firewall Logs
If the attack does not use DNS infrastructure, it’s only other option is to connect directly to an IP address.
Network Flows
Network flows provide insightful information into an adversary’s objective and attempts to move laterally.
Spambox
Blocking spam is good, but analyzing it is better because you can discover who is targeting your organization, how they are doing it, and how successful they are.
The Illumination Process - How it Works
Lumu’s Illumination Process is the core enabler of Continuous Compromise Assessment that correlates network metadata with known IoCs and AI, and results in actionable, confirmed compromise evidence.
Confirmed Compromise Intelligence
Detailed, real-time compromise intelligence on how enterprise assets are communicating with adversary infrastructure.
Compromise Context
Robust context around confirmed compromise incidents that enables teams to enact the precise response in a timely manner.
Compromise Radar
Powerful visualization tool that reveals attack patterns, conditions, and behavior.
Spambox Report
Unprecedented intelligence on who is targeting your organization, how they are doing it, and how successful they are..
Cloud-based Delivery
Cloud-based model allows for accelerated deployment and immediate positive ROI.
Playback™
Patent-pending capability that reviews up to 2 years of network metadata traffic and compares it to new known IOCs.
For a FREE demonstration of Lumu Insights, simply pick a date on this calendar: https://calendly.com/jmiller-125/lumu-demo