Las Vegas, NV – Black Hat USA – August 4, 2015 – Lumeta Corporation today announced the latest release of Lumeta Enterprise Situational Intelligence (ESI), the company’s market-defining network situational awareness platform, at Black Hat USA in Las Vegas, which takes place today through this Thursday, August 6. Lumeta ESI 3.0 is fully integrated with an embedded Hadoop Distributed File Store (HDFS), enabling Big Data and Advanced Analytics.
Driven by migrations to virtual, cloud, mobile, SDN and SDDC network architectures, and the resulting complexity and rate of change, organizations require real-time network cybersecurity monitoring and analytics. Due to the volume of data available, network security teams need context-aware intelligence – what’s most important? what’s most relevant? – for prioritization of the most critical gaps in security.
“Many of our customers have difficulty identifying cyber threats fast enough to stay ahead of the bad guys,” said Gary Miglicco, senior vice president of security for ePlus Security. “By including Lumeta ESI as a foundation to our security services portfolio, not only are we are providing significant value to our customers with a comprehensive index of their physical, virtual and cloud networks – and all the connections between them and outside networks – but also supporting with the automation needed to proactively address large-scale breaches.”
Lumeta ESI 3.0 brings a combination of recursive network indexing for a real-time, comprehensive view of a network, and cybersecurity analytics to find meaning in the data and to quickly prioritize any issues for remediation. The newly added Big Data and Advanced Analytics capabilities allow security analysts can combine ESI intelligence with external feeds to dig deeper into the network data and rapidly find more meaning to quickly prioritize remediation needs.
The new capabilities in ESI 3.0 include:
- Big Data and Advanced Analytics – The underlying architecture/infrastructure of ESI includes an embedded Hadoop Distributed File Store (HDFS) which allows for the collection, storage and analysis of huge amounts of unstructured data in real-time. ESI can ingest / take in new external data feeds/streams – such as NetFlow data – to correlate with ESI’s real-time indexing data. This allows for deeper drill-down analytics to rapidly find more meaning in large amounts of data.
- Real-time, Scroll Back in Time, and Point-in-Time Views – Operations Teams can 1) provide scheduled, snapshot reporting for audit and compliance needs; 2) work in real-time, receiving alerts of new connections, devices and potential vulnerabilities on the network as they occur; and 3) scroll back in time, correlating real-time and historical data for forensic analysis and trending / comparative reporting. Because the HDFS allows for the retention of a large amount of historical data, network analysts can “baseline” normal patterns of activity on the network, to identify new anomalies as they occur.
- Real-time integration of external threat intelligence sources – ESI includes the ability to ingest open source threat intelligence feeds. The combination of ESI real-time, comprehensive network indexing with real-time security information services provides up-to-date intelligence 1) to identify any internal use/accessibility of known Trojan/malware ports; 2) to correlate NetFlow data to malware command and control (C2) servers; or 3) for zombie hunting.
- Network Segmentation and Threat Analytics – Layer 3 segmentation analytics to identify potential leak paths that exist between network segments or between the enterprise network and the Internet – vulnerabilities that put the organization at risk.
- E-mail Alerts, Custom Dashboards/Reports and Visualization/Map Improvement – Alerting, reporting and visualization capabilities are significantly improved to allow network security analysts to quickly make relevant decisions about incidents, while still providing forensic experts with details about the incident and its relations with other historical anomalies.
“Security breaches don’t happen on a schedule,” said Pat Donnellan, chief executive officer of Lumeta, “CISOs and their teams need to defend networks in real-time. The addition of a Hadoop engine and Advanced Analytics in ESI 3.0 enables real-time detection of threats, helping network security teams better prioritize and mitigate vulnerabilities before damage is done.”
Availability
Lumeta ESI 3.0 will be generally available (GA) on September 30, 2015.
To learn more about Lumeta ESI, please visit: www.lumeta.com/products/esi/
About Lumeta Corporation
Lumeta’s network situational awareness platform is the authoritative source for enterprise network infrastructure and cybersecurity analytics. Available for both real-time monitoring and point-in-time auditing, Lumeta recursively indexes a network to identify and map every IP connected device, as well as uncover network segmentation violations and cybersecurity anomalies. The foundational intelligence provided by Lumeta gives IT management a clear, comprehensive assessment of network vulnerabilities, cyber threat risks and policy violations from network edge to core, allowing for decision making impacting security, compliance and availability. Lumeta’s solution addresses today’s security initiatives associated with continuous monitoring; SANS Top 20 Critical Security Controls; and virtualized infrastructure including private and public cloud visibility, outsourcing and offshoring, and software defined networks (SDN) – all of which increase the complexity of a network and challenge traditional security defenses. Lumeta’s solution also delivers an efficient and cost-effective process to streamline network consolidation (M&A) projects. Lumeta optimizes other network and security product investments by feeding them accurate and fact-based network intelligence. Headquartered in Somerset, New Jersey, Lumeta has operations and customers throughout the world. More information is available at www.lumeta.com
Follow Lumeta Corporation
