Table of Contents
As we reflect on the past year, we at Lumu are proud of our ongoing pursuit to help organizations operate cybersecurity and strengthen SecOps. 2024 marked a year of transformative growth for our platform, driven by listening closely to our customers, staying ahead of evolving threats, and reimagining what Lumu can achieve. Our mission has always been to enable proficient cybersecurity operations for organizations of all sizes and verticals. Our product team worked around the clock to deliver innovations that align with our mission, simplify operations, and enhance incident response for every organization we protect.
Over the past year, we analyzed over 5 trillion records of network metadata, nearly doubling the volume from 2023 with a 92% increase. From this expanded dataset, we detected more than 1 billion adversarial contacts—a remarkable 212% increase compared to the previous year. Why is this important? The more network metadata we process, the more refined and powerful our AI-driven capabilities become, strengthening collective defense and enhancing the precision of our threat detection for every customer.
Elevating SecOps with 24/7 Autonomous Cybersecurity
In 2024, we unveiled Lumu Autopilot, a revolutionary capability designed to empower SecOps teams with true 24/7 coverage, meeting the growing demands of modern cybersecurity operations while ensuring compliance with regulatory and cyber insurance requirements.
This move was born out of necessity. Today’s cybersecurity landscape is marked by an increase in connected devices and attack surfaces, placing immense pressure on security professionals to maintain continuous vigilance. At the same time, organizations face a significant talent shortage, with over 3.5 million cybersecurity positions unfilled worldwide. Our response? A solution that marries automation and human insight to bridge the gap and alleviate workforce strain.
Lumu Autopilot functions as a digital twin to the SecOps team, leveraging AI-powered playbooks, automated incident response, and a vast integration ecosystem to manage threats automatically. By autonomously determining whether incidents require monitoring, escalation, or closure, Lumu Autopilot handles multiple tasks simultaneously, reducing human error and freeing analysts to focus on other strategic initiatives.
Network Analytics: Deep Insights for Proactive Threat Detection
In order to help organizations gain deeper insights into their network behavior and potential threats, we introduced our Analytics feature. We built this functionality to give security teams an understanding of what ‘normal’ looks like in their network and to quickly recognize when something feels off—whether that’s unexpected traffic patterns from unfamiliar regions or unusual communication with lesser-known domains.
We’re making it easier for teams to spot potential risks and strengthen their defenses proactively by providing visual tools to break down data by geography, time, and type.
The Analytics platform also contains a section called Anomalies. Here, you can see suspicious network behaviors before they become confirmed threats. We want to empower security teams to get ahead of potential problems with a proactive approach to threat hunting.
Whether it’s detecting hidden threats like Domain Generation Algorithms (DGAs) or identifying DNS Tunneling used for covert communication and data theft, our focus is on giving organizations the tools to respond before these threats become a bigger issue.
This feature gives security teams the context and confidence to tackle evolving threats, which embodies our vision of smarter, more proactive cybersecurity for everyone.
Enhancing Data Collection and Simplifying Customization
Log Forwarders
To further enhance data collection, we released our Log Forwarder for both Linux and Windows. This addition allows for quick and accessible deployment of data collectors, integrating seamlessly with a wide range of third-party providers, including well-known solutions like Cisco Meraki, SonicWall, Fortinet, pfSense and more. The Log Forwarder is designed to centralize data from diverse sources, providing a comprehensive overview for analysis and monitoring within the Lumu Portal.
The lightweight nature of the Log Forwarder ensures low resource consumption, making it an accessible solution for diverse environments. This addition provides practical and scalable tools that adapt to the dynamic needs of today’s security teams.
Grouping Rules
We also introduced the ability to create Grouping Rules within our collectors, giving organizations more control over how network traffic is categorized and analyzed.
Grouping Rules leverage Lumu’s label system, allowing security teams to organize data with precision by associating traffic with specific labels based on IP ranges or network segments. This means that traffic from different departments, guest networks, or any custom-defined segment can be categorized and prioritized, reducing noise and enhancing focus on critical assets.
To make data organization even easier, we added the ability to copy existing Grouping Rules from one collector to another. This allows teams to quickly replicate configurations across multiple collectors, ensuring consistency and saving valuable time when managing complex network environments.
By offering a more customizable and organized approach to data collection, teams can choose the method that best aligns with their unique operational needs, ultimately providing a more streamlined configuration.
Lumu’s Approach to Network Log Storage and Retention
This year marked a pivotal milestone in our journey to redefine log retention with the evolution of our Playback feature, designed to tackle some of the biggest challenges facing organizations today: high costs, compliance, and the limitations of traditional SIEMs.
Our goal was clear—to empower customers with efficient, scalable, and cost-effective solutions for network data storage and analysis. Lumu’s log storage allows organizations to store essential network logs for up to two years, with querying capabilities.
By focusing on the most relevant network metadata, we optimize data retention, support compliance, and facilitate forensic investigations.
Strengthening SecOps With New Integrations
Our Integration ecosystem grew, introducing 27 new integrations for Data Collection, Incident Response and Security Operations.
Data Collection
Incident Response
SecOps
Continued Analyst Validation
Lumu was also recognized as a Leader and Outperformer by GigaOm Radar for Network Detection and Response for the second year in a row. This recognition validates our product vision and continued growth in the industry.
The Road Ahead: Continuing to Innovate and Evolve
As we wrap up 2024, we’re more committed than ever to pushing the limits of network detection and response. Every feature, integration, and enhancement we’ve introduced this year was built to help our customers face evolving threats with confidence.
The journey doesn’t stop here—2025 promises even greater advancements, as we strive to make SecOps smarter, more effective, and accessible.
