Lumu Hits Bullseye in GigaOm Radar for Network Detection and Response

The GigaOm Radar Report for Network Detection and Response (NDR) has just been released and we are pleased to announce that Lumu has been named as a Leader and an Outperformer.
GigaOm Radar for Network Detection and Response Feature Image

Table of Contents

Lumu Hits Bullseye in GigaOm Radar Report for Network Detection and Response

The GigaOm Radar Report for Network Detection and Response (NDR) provides industry analyst verification that the NDR market is maturing at a healthy pace with plenty of competition and innovation. According to report author Ivan McPhee, NDR plays a pivotal role in identifying suspicious activities and malicious entities while enabling a swift response to threats. By continuously scrutinizing network traffic, NDR tools construct models of “normal” behavior within enterprise networks, enabling the detection of anomalous traffic and timely alerts.”

Lumu has once again performed well, and has been named a ‘Leader’ and ‘Outperformer’ in the GigaOm Radar Report for NDR, attaining the closest score to the ‘bullseye’ of the radar.

What is Network Detection and Response (NDR)?

There can be some confusion in the cybersecurity space around the differences between Network Traffic Analysis (NTA), Network Analysis and Visibility (NAV), and Network Detection and Response (NDR). Various industry analyst firms prefer one term or the other. But for the purposes of this report, they are the same. According to the report, “Also known as network traffic analysis (NTA), network detection and response (NDR) is a modern security solution for mitigating the risk of advanced cyberattacks, such as advanced persistent threats (APTs), data exfiltration, lateral movements, malware activity, and ransomware.

NDR solutions examine network traffic, including ‘north-south’ connections to the internet and between ‘east-west’ internal connections. They identify malicious activity, reduce false alarms, and detect unusual patterns that other tools, relying on known attack methods, can’t recognize.

A Snapshot of the GigaOm Radar’s Findings

The GigaOm Radar Report thoroughly researched vendor solutions in the NDR space and categorized them according to 2 axes: innovation/maturity and feature play/platform play. While neither extreme of each axis is considered negative, the center is regarded as the most balanced ‘value’ position. The exact center is usually maintained vacant, reserved for the kind of industries of such maturity that innovation is rare.

On the horizontal axis, the center balances versatility and focused innovation, reflecting a blend between specific cutting-edge features (Feature Play) and a comprehensive platform approach (Platform Play). This midpoint illustrates a solution’s ability to offer specialized functionality while maintaining a broad, adaptable platform that caters to a focused range of needs.

On the vertical axis, the center represents a harmonized integration between aggressive technological innovation and conservative, mature stability. It signifies that a solution doesn’t just push the envelope with new technologies (Innovation) but also provides a robust, reliable offering with a strong ecosystem (Maturity).

Additionally, the length and direction of the arrows show how the solution is expected to mature in the coming 12 – 18 months, with the longer orange arrows being awarded to ‘outperformers’. The most centrally placed vendors are named as leaders.

How Lumu Hit the Bullseye

Lumu was named both as a leader and as an outperformer, with a position closest to the center of the radar. Lumu placed in the innovation/feature play quadrant, which indicates that “the vendor uses flow-based metadata analysis exclusively.” 

  • The Magic of Metadata

It’s worthwhile to note that 3 of the leaders have followed the metadata-only approach and another 2 have added metadata analysis. The report also mentions that GigaOm expects other leaders in the NDR space to add metadata analysis in the next 12 to 18 months. It can be concluded that the market is becoming aware of the value of metadata to answer the most important question in cybersecurity: Is your network compromised?

  • Innovative Approach

Lumu’s approach to identifying cyber compromises in real time sets it apart in the NDR market. By employing its patent-pending Illumination Process, Lumu’s model collects and analyzes a wide spectrum of network metadata, including DNS, NetFlows, and access logs, offering a nuanced understanding of the enterprise network’s behavior. This enables a swift and intelligent response to threats, something that aligns with the broader trend in the industry towards metadata analysis.

  • Ease of Deployment and Visibility

The report highlights that Lumu can be “deployed within minutes—or hours depending on the size of the network”. Lumu also benefits from not relying on physical sensors to gather network metadata and gain visibility over north-south as well as east-west traffic. 

  • Comprehensive Offerings 

Lumu’s product portfolio, including Lumu Free, Lumu Insights, Lumu Defender, and Lumu for MSPs, offers a broad set of solutions catering to various enterprise needs. From real-time threat identification to enhanced security offerings for Managed Service Providers (MSPs), Lumu’s well-rounded offerings contributed to its strong placement on the GigaOm Radar.

Additionally, Lumu earned the highest possible scores in the following categories:

  • Intelligent Anomaly Detection
  • Out-of-the-box Analysis
  • Zero-Network Footprint
  • Historical Forensics
  • Managed NDR 
  • Regulatory Compliance
  • Flexibility
  • Scalability
  • Visibility
  • Ecosystem Support
  • Vendor Support
  • Pricing & TCO
  • Vision & Roadmap


Lumu’s performance in the GigaOm Radar Report for Network Detection and Response demonstrates a strategic alignment with industry trends and a strong focus on innovation and adaptability. Lumu’s strengths in innovation, ease of deployment, comprehensive offerings, and a forward-looking approach to challenges set the stage for future success. It also underscores Lumu’s strong performance in a maturing market after being named as a leader in the Forrester Wave™:Network Analysis and Visibility, Q2 2023.

Subscribe to Our Blog

Get the latest cybersecurity articles and insights straight from the experts.

Share this post


Copode 1.0 feature image

Dissecting COPODE 1.0: New APT Evolves Lockbit Strategies

Reading Time: 5 mins Lumu’s threat intelligence team has identified a new Advanced Persistent Threat (APT) actor named ‘Copode 1.0’, leveraging the LockBit Black code leaks for cyberattacks. This emerging threat underlines the need for stringent security practices and Lumu’s real-time monitoring offers an efficient response to such evolving challenges.

ransomware incident response playbook cover

Lumu’s Ransomware Incident Response Playbook

Reading Time: 2 mins There’s a lot of information available about ransomware, but most of what exists focuses on how to prevent ransomware rather than what to do when ransomware hits. Our latest ransomware incident response playbook details comprehensive defense and response strategies against ransomware.