At RSA Conference 2022, Lumu launched Lumu’s Incident View, providing cybersecurity operators with a single view of their company’s cybersecurity stack for threat investigations.
Built for proficient cybersecurity operations, its new feature is part of the company’s paid tiers, Lumu Insights and Lumu Defender, and it allows for maximum efficiency during critical moments between detection and response.
When it comes to early incident detection and response, operators receive alerts without much context, a problem that Lumu has been working to solve. Lumu’s Incident View shows operators everything they need to know in one place for swift and precise response. Teams receive actionable information about who was impacted, when the incident took place and how best to respond before it escalates to a bigger problem. The Incidents View capability contains details about which actions were taken by other elements of a company’s cybersecurity stack for better incident management.
“Ransomware attacks are some of the biggest cybersecurity threats for businesses, thanks to the current geopolitical landscape. Couple that with a looming global recession – a period in which threat actors know cybersecurity budgets have been slashed before and are prepared to strike – and you have a recipe for chaos,” says Lumu CEO Ricardo Villadiego. “The good news is, as a society we’re becoming more vigilant, so CISOs, CTOs and IT directors are prioritizing spending toward solutions that are going to help them minimize the impact of cybercrime in their organizations. That’s where Lumu’s Incident View comes in.”
Villadiego says, “Each incident has a unique attack playbook, so Lumu provides all of the necessary context to understand each and every incident and the specific techniques used by attackers for a more targeted and swift response plan. With this level of detail, cybersecurity operators can take steps to mitigate a malicious incident before it spreads across your organization.”
Lumu’s Incident View facilitates collaboration with the ability for individuals to leave comments in its dashboard and reply to other team members, tracking progress internally. Security teams can track incidents and the internal progress through the comment section within the incident. They can also communicate with each other to understand if and when action is necessary, or if an action has already been taken.