Table of Contents
At Lumu, our dedicated product team is constantly working to ensure that customers receive the best possible experience in cybersecurity operations. During 2023, we’ve significantly enhanced the platform for better SecOps and integrability.
Over the last 12 months, we analyzed 2.6 trillion+ records of network metadata, 160% more than in 2022. From that metadata, we detected 321 million+ adversarial contacts, 67% more than in 2022. You may ask why this is relevant. Well, the more network metadata we analyze, the more efficient our AI capabilities become. Through collective defense, online learning, and transfer learning AI models, our system is set up to improve with additional customers and metadata sources.
Let’s take a look at some of the product highlights and enhancements to the platform in 2023.
Empowering SecOps Teams
Lumu has always been focused on helping organizations of all sizes and verticals operate cybersecurity better. This is why we made significant changes to our incident management platform.
With the feedback from many of our customers, we enhanced the incident view to give cybersecurity teams insights into all malicious activity with the ability to filter, understand operational metrics, and take actions like closing and muting incidents.
In this section, you’ll also be able to see how many incidents have been closed or muted based on the selected timeframe.
The ‘Incident Details’ section is where teams prioritize incidents and view incidents based on what is open, muted, or closed.
Our ‘Filters’ section allows users to filter incidents based on threat type, endpoints affected, labels, contacts, date of creation, and more. These filters are designed to quickly find incidents of interest.
This section also allows you to search for incidents by typing keywords, download the list of incidents, refresh incidents, and clear filters as needed.
Lastly, the ‘Take Action’ option gives you the ability to select multiple incidents and take group actions like closing, muting, or marking ‘Start Working’ to let other members of the organization know that you’re working on it.
Focused on prioritization and incident management, the incident view was tailored for optimization, helping companies we protect be more efficient when every second counts. This change was also designed to facilitate the extraction of data for interactions with other stakeholders within the organization like CISOs, upper management, and the Board of Directors.
More Context, Better Decision Making
Our incidents now contain additional details around actions taken by other elements of the cybersecurity stack. This helps customers understand what has already been done so they can focus on remediation efforts and closing the incident within the Lumu portal quickly.
In addition to MITRE tactics and techniques used in a single incident, we’ve also introduced a Global MITRE ATT&CK Matrix view in 2023 and reported on the most commonly used based on all incidents impacting a particular customer.
This feature provides a holistic view of top attacks and shows security analysts frequently used techniques so they can adjust their tech stack according to threats that are impacting them most. It helps to prioritize projects, budgets, and adopt a threat-informed defense strategy.
More Deployment and Data Collection Capabilities
We added more options for Lumu customers to collect metadata from any environment with the addition of Agents for Linux users and servers.
We also added out-of-the-box integrations for data collection from Kubernetes and Netskope, for a simplified data collection experience.
Some other notable data collection integrations that were added this year include:
Closing the Gaps in Your Cybersecurity Operation
Our integration ecosystem has grown significantly with the addition of over 40 integrations to our product over the past 12 months This bringings our total integration count to around 125+.
Integrations are a key component of our mission at Lumu as they enable customers to leverage their existing tools and resources for an efficient cybersecurity operation.
Here are some notable product integrations that were added for real-time incident response and security operations.
We incorporated a number of new integrations designed to facilitate real-time responses to malicious incidents.
One of the more notable incident response integrations added in 2023 is Microsoft Defender.
This integration allows customers to designate precise actions against different threat types, leveraging threat intelligence from Lumu paired with Microsoft’s endpoint protection.
We also enhanced the ability to manage incidents using your existing tools by adding new Security Operations integrations for unified incident management.
Our partnerships with other technology vendors is a critical component in maintaining and growing our integration ecosystem. This year we announced formal partnerships with:
Lumu was also recognized as a Leader by not one but TWO major analyst firms.
Forrester named Lumu a Leader in Forrester’s Network Analysis And Visibility Landscape, Q1 2023.
GigaOm named Lumu a Leader and outperformer in the GigaOm Radar for Network Detection and Response (NDR).
Between enhancements to the Lumu platform, the growth of our integration ecosystem, and industry validation it’s no doubt that 2023 was an eventful year for Lumu. We won’t stop until organizations of all sizes and verticals can operate cybersecurity proficiently: 2024 will bring an array of exciting enhancements aimed to revolutionize the Lumu platform even further.