Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

8/11/2015
08:45 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Lumeta Announces ESI 3.0, Empowering Organizations with Real-Time Cybersecurity Intelligence

Industry leader in network situational awareness introduces Big Data and Advanced Analytics in its flagship product to help organizations address network vulnerabilities and cybersecurity threats as they occur

Las Vegas, NV – Black Hat USA – August 4, 2015 – Lumeta Corporation today announced the latest release of Lumeta Enterprise Situational Intelligence (ESI), the company’s market-defining network situational awarenessplatform, at Black Hat USA in Las Vegas, which takes place today through this Thursday, August 6. Lumeta ESI 3.0 is fully integrated with an embedded Hadoop Distributed File Store (HDFS), enabling Big Data and Advanced Analytics.

Driven by migrations to virtual, cloud, mobile, SDN and SDDC network architectures, and the resulting complexity and rate of change, organizations require real-time network cybersecurity monitoring and analytics. Due to the volume of data available, network security teams need context-aware intelligence – what’s most important? what’s most relevant? – for prioritization of the most critical gaps in security.

“Many of our customers have difficulty identifying cyber threats fast enough to stay ahead of the bad guys,” said Gary Miglicco, senior vice president of security for ePlus Security. “By including Lumeta ESI as a foundation to our security services portfolio, not only are we are providing significant value to our customers with a comprehensive index of their physical, virtual and cloud networks – and all the connections between them and outside networks – but also supporting with the automation needed to proactively address large-scale breaches.”

Lumeta ESI 3.0 brings a combination of recursive network indexing for a real-time, comprehensive view of a network, and cybersecurity analytics to find meaning in the data and to quickly prioritize any issues for remediation. The newly added Big Data and Advanced Analytics capabilities allow security analysts can combine ESI intelligence with external feeds to dig deeper into the network data and rapidly find more meaning to quickly prioritize remediation needs.

The new capabilities in ESI 3.0 include:

  • Big Data and Advanced Analytics – The underlying architecture/infrastructure of ESI includes an embedded Hadoop Distributed File Store (HDFS) which allows for the collection, storage and analysis of huge amounts of unstructured data in real-time. ESI can ingest / take in new external data feeds/streams – such as NetFlow data – to correlate with ESI’s real-time indexing data. This allows for deeper drill-down analytics to rapidly find more meaning in large amounts of data.
     
  • Real-time, Scroll Back in Time, and Point-in-Time Views – Operations Teams can 1) provide scheduled, snapshot reporting for audit and compliance needs; 2) work in real-time, receiving alerts of new connections, devices and potential vulnerabilities on the network as they occur; and 3) scroll back in time, correlating real-time and historical data for forensic analysis and trending / comparative reporting. Because the HDFS allows for the retention of a large amount of historical data, network analysts can “baseline” normal patterns of activity on the network, to identify new anomalies as they occur.
     
  • Real-time integration of external threat intelligence sources – ESI includes the ability to ingest open source threat intelligence feeds. The combination of ESI real-time, comprehensive network indexing with real-time security information services provides up-to-date intelligence 1) to identify any internal use/accessibility of known Trojan/malware ports; 2) to correlate NetFlow data to malware command and control (C2) servers; or 3) for zombie hunting.
     
  • Network Segmentation and Threat Analytics – Layer 3 segmentation analytics to identify potential leak paths that exist between network segments or between the enterprise network and the Internet – vulnerabilities that put the organization at risk.
     
  • E-mail Alerts, Custom Dashboards/Reports and Visualization/Map Improvement – Alerting, reporting and visualization capabilities are significantly improved to allow network security analysts to quickly make relevant decisions about incidents, while still providing forensic experts with details about the incident and its relations with other historical anomalies.
     

“Security breaches don’t happen on a schedule,” said Pat Donnellan, chief executive officer of Lumeta, “CISOs and their teams need to defend networks in real-time. The addition of a Hadoop engine and Advanced Analytics in ESI 3.0 enables real-time detection of threats, helping network security teams better prioritize and mitigate vulnerabilities before damage is done.”

 

Availability

Lumeta ESI 3.0 will be generally available (GA) on September 30, 2015.

To learn more about Lumeta ESI, please visit: www.lumeta.com/products/esi/

 

About Lumeta Corporation

Lumeta’s network situational awareness platform is the authoritative source for enterprise network infrastructure and cybersecurity analytics. Available for both real-time monitoring and point-in-time auditing, Lumeta recursively indexes a network to identify and map every IP connected device, as well as uncover network segmentation violations and cybersecurity anomalies. The foundational intelligence provided by Lumeta gives IT management a clear, comprehensive assessment of network vulnerabilities, cyber threat risks and policy violations from network edge to core, allowing for decision making impacting security, compliance and availability.  Lumeta’s solution addresses today’s security initiatives associated with continuous monitoring; SANS Top 20 Critical Security Controls; and virtualized infrastructure including private and public cloud visibility, outsourcing and offshoring, and software defined networks (SDN) – all of which increase the complexity of a network and challenge traditional security defenses.  Lumeta’s solution also delivers an efficient and cost-effective process to streamline network consolidation (M&A) projects. Lumeta optimizes other network and security product investments by feeding them accurate and fact-based network intelligence.  Headquartered in Somerset, New Jersey, Lumeta has operations and customers throughout the world. More information is available at www.lumeta.com

Follow Lumeta Corporation

# # #

Lumeta and IPsonar are trademarks of the Lumeta Corporation. Other product and company names appearing in this document may be trademarks of their respective owners.

Contact:

Melody Iffland

Lumeta Corporation

+1-732-357-3509

[email protected]

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Hunny, I looked every where for the dorritos. 
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8567
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.
CVE-2020-8568
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that conta...
CVE-2020-8569
PUBLISHED: 2021-01-21
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes, ...
CVE-2020-8570
PUBLISHED: 2021-01-21
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process executi...
CVE-2020-8554
PUBLISHED: 2021-01-21
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typicall...