The Evolution of Lumu for MSPs in 2023

Discover Lumu's 2023 MSP breakthroughs: Improved threat detection, incident management, and more.

Table of Contents

At Lumu, our dedicated product team is constantly working to ensure that our MSP offering continues to evolve and provide value to our partners and their clients. Over the last year, we’ve made significant enhancements to the platform to simplify how our partners provide 24/7 threat detection and response services. 

During the last 12 months, we analyzed 2.6 trillion+  records of network metadata, 160% more than in 2022. From that metadata, we detected 321 million+ adversarial contacts, 67% more than in 2022. You may ask why this is relevant. Well, the more network metadata we analyze, the more efficient our AI capabilities become. Through collective defense, online learning, and transfer learning AI models, our system is set up to improve with additional customers and metadata sources.

Let’s take a look at some of the product highlights and enhancements to the platform in 2023. 

Lumu for MSPs Lite and Self Service: Streamlined Cybersecurity for MSPs

We have to start by recapping the release of Lumu for MSPs Lite, which gives MSPs the ability to automatically detect and block threats at no cost. 

The offering provides the full experience of Lumu for MSPs, by providing 24/7 threat detection and response for up to 3 tenants, with 3 integrations (including integrations for data collection, response, and security operations), and up to 50 endpoints.

MPS can now autonomously manage their operations, such as adding new tenants, increasing the number of monitored endpoints of each tenant, or customizing subscription plans. 

Our streamlined checkout process and simplified pricing model further enhance operational efficiency and cost-effectiveness.

Empowering MSP Cybersecurity Teams

Lumu’s MSP offering has always been focused on helping MSPs operate cybersecurity better, this is why we made significant changes to our incident management platform. 

Even though Lumu provides 24/7 automated detection and response, we understand analysts need to be able to quickly access information in an environment where every second counts. We enhanced this view so that cyber analysts can be more efficient. This centralized view of all malicious activity provides the ability to filter, understand operational metrics, and take actions on behalf of clients.

incident view

In this section, you’ll also be able to see how many incidents have been closed or muted based on the selected timeframe.

The ‘Incident Details’ section is where teams prioritize incidents and view incidents based on what is open, muted, or closed.

Our ‘Filters’ section allows users to filter incidents based on threat type, endpoints affected, labels, contacts, date of creation, and more. These filters are designed to quickly find the incidents.

This section also allows you to search for incidents by typing keywords, download the list of incidents, refresh incidents and clear filters as needed. 

Lastly, the ‘Take Action’ option gives you the ability to select multiple incidents and take group actions like closing, muting, or marking ‘Start Working’ to let other members of the organization know that you’re working on it.

incident actions

Focused on prioritization and incident management, the incident view was enhanced to make operating cybersecurity easier.

More Context, Better Decision Making

Our incidents now contain additional details around actions taken by other elements of your client’s cybersecurity stack. This helps MSPs understand what has already been done so they can focus on remediation efforts and close out the incident within the Lumu portal quickly. 

incident integration context

Closing the Gaps in Your Cybersecurity Operation

Our integration ecosystem has grown significantly with the addition of over 40 integrations to our product over the past 12 months This bringings our total integration count to around 125+

Integrations are a key component of our mission at Lumu as they enable MSPs to leverage their existing tools in their client’s cyber stack.

Here are some notable product integrations that were added for real-time incident response and security operations. 

Alignment with the MSP Cybersecurity Stack

We incorporated a number of new integrations designed to designate real-time responses and actions to malicious incidents on behalf of your tenants by integrating PSAs and RMM Tools.

[LOGOS] Cisco Meraki, Sophos Endpoint Protection, Trend Micro Vision One, DNSFilter, BitDefender , Malwarebytes, Sophos Firewall, Datto’s Auto Task, GLPI 

One of the more notable incident response integrations added in 2023 is Microsoft Defender.

This integration allows MSPs to designate precise actions against different threat types, leveraging threat intelligence from Lumu paired with Microsoft’s endpoint protection.

Product Recognition

Lumu was also recognized as a Leader by not one but TWO major analyst firms. Lumu is the only NDR vendor with this recognition in the MSP Market. 

Forrester named Lumu a Leader Forrester’s Network Analysis And Visibility Landscape, Q1 2023.

forrester wave nav

Between enhancements to the Lumu platform, the growth of our integration ecosystem, and industry validation it’s no doubt that 2023 was an eventful year for Lumu. We can’t wait to share all of the enhancements we have in store for next year. Until then!

Subscribe to Our Blog

Get the latest cybersecurity articles and insights straight from the experts.

Share this post


The Manufacturing industry is targeted by ransomware more than any other. Take a look at the motivations and opportunities driving threat actor activity in this critical vertical.

Manufacturing Industry Targeted by Ransomware

Reading Time: 8 mins The Manufacturing industry is targeted by ransomware more than any other industry in the USA. Take a look at the motivations and opportunities driving threat actor activity in this critical vertical.

cybersecurity integrations questionnaire

Cybersecurity Integrations: A Buyer’s Guide

Reading Time: 3 mins Choosing the right cybersecurity solution is pivotal in today’s threat landscape. Our buyer’s guide zeroes in on cybersecurity integrations, offering key questions to ask vendors about API availability, out-of-the-box solutions, and technical support.