LUMU has come out of stealth mode and for the first time will be publicly showcasing its solution at this year’s RSA Conference.
LUMU was founded in 2019 by cybersecurity veteran and serial entrepreneur Ricardo Villadiego, who previously founded Easy Solutions, which was part of an aggregated $2.8 billion acquisition by Cyxtera in 2017.
LUMU is a cloud-based solution that collects and standardizes metadata from across the network, including DNS queries, Network Flows, access logs from perimeter proxies and/or firewalls, and spam box filters, and then applies AI to correlate threat intelligence from these disparate data sources to isolate confirmed points of compromise.
“While attackers have become adept at covering their tracks once inside the network, they also must themselves use the network to move around, leaving trace remnants behind that become obscured amidst all the network noise. The LUMU solution was purpose-built to sift through massive amounts of network metadata in real-time, detect the telltale signals of compromise, and illuminate those network blind spots with pinpoint accuracy,” said Ricardo Villadiego, CEO of LUMU.
The LUMU solution can be configured in less than 30 minutes and provides some of the following benefits to enterprise security teams:
Proactive and accelerated compromise detection: Unlike other network threat analysis tools, LUMU unlocks the value of an organization’s own data by closing the feedback loop to inform and improve its self-learning capabilities while generating actionable insights that security teams can use to proactively detect existing compromises in their network.
Continuous compromise assessment: While quarterly penetration testing is a regulatory requirement for public companies, it falls far short of meeting the realities of today’s threat environment in which the vast majority of networks have already been compromised. LUMU has operationalized the concept of Continuous Compromise Assessment that empowers security teams to measure and snapshot their exposure level in real-time.
Unprecedented visibility across distributed infrastructure: As infrastructure grows more distributed across on-premise, private/public cloud environments, and IoT systems, the potential attack surface expands as well. The LUMU solution was designed to complement other network security and incident response tools, offering security teams real-time visibility into their digital infrastructure while delivering confidence regarding the true picture of their compromise status.
“Despite billions of dollars being spent to protect IT, attackers have and will continue to find creative ways to penetrate defenses and compromise their targets and as recent history has shown, many companies don’t even know that an intruder is already inside,” said Scott Crawford, Research VP, Information Security with 451 Research of The 451 Group. “While technologies such as Security and Incident Event Management (SIEM) and Network Visibility, Detection and Response (NVDR) provide insight they also generate a great deal of information that can make it difficult to focus and prioritize a response. Security teams place a high priority on improving the fidelity of their threat detection and LUMU is bringing a novel approach to the market that should resonate deeply with enterprise security teams.”