Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

8/11/2015
08:45 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Lumeta Announces ESI 3.0, Empowering Organizations with Real-Time Cybersecurity Intelligence

Industry leader in network situational awareness introduces Big Data and Advanced Analytics in its flagship product to help organizations address network vulnerabilities and cybersecurity threats as they occur

Las Vegas, NV – Black Hat USA – August 4, 2015 – Lumeta Corporation today announced the latest release of Lumeta Enterprise Situational Intelligence (ESI), the company’s market-defining network situational awarenessplatform, at Black Hat USA in Las Vegas, which takes place today through this Thursday, August 6. Lumeta ESI 3.0 is fully integrated with an embedded Hadoop Distributed File Store (HDFS), enabling Big Data and Advanced Analytics.

Driven by migrations to virtual, cloud, mobile, SDN and SDDC network architectures, and the resulting complexity and rate of change, organizations require real-time network cybersecurity monitoring and analytics. Due to the volume of data available, network security teams need context-aware intelligence – what’s most important? what’s most relevant? – for prioritization of the most critical gaps in security.

“Many of our customers have difficulty identifying cyber threats fast enough to stay ahead of the bad guys,” said Gary Miglicco, senior vice president of security for ePlus Security. “By including Lumeta ESI as a foundation to our security services portfolio, not only are we are providing significant value to our customers with a comprehensive index of their physical, virtual and cloud networks – and all the connections between them and outside networks – but also supporting with the automation needed to proactively address large-scale breaches.”

Lumeta ESI 3.0 brings a combination of recursive network indexing for a real-time, comprehensive view of a network, and cybersecurity analytics to find meaning in the data and to quickly prioritize any issues for remediation. The newly added Big Data and Advanced Analytics capabilities allow security analysts can combine ESI intelligence with external feeds to dig deeper into the network data and rapidly find more meaning to quickly prioritize remediation needs.

The new capabilities in ESI 3.0 include:

  • Big Data and Advanced Analytics – The underlying architecture/infrastructure of ESI includes an embedded Hadoop Distributed File Store (HDFS) which allows for the collection, storage and analysis of huge amounts of unstructured data in real-time. ESI can ingest / take in new external data feeds/streams – such as NetFlow data – to correlate with ESI’s real-time indexing data. This allows for deeper drill-down analytics to rapidly find more meaning in large amounts of data.
     
  • Real-time, Scroll Back in Time, and Point-in-Time Views – Operations Teams can 1) provide scheduled, snapshot reporting for audit and compliance needs; 2) work in real-time, receiving alerts of new connections, devices and potential vulnerabilities on the network as they occur; and 3) scroll back in time, correlating real-time and historical data for forensic analysis and trending / comparative reporting. Because the HDFS allows for the retention of a large amount of historical data, network analysts can “baseline” normal patterns of activity on the network, to identify new anomalies as they occur.
     
  • Real-time integration of external threat intelligence sources – ESI includes the ability to ingest open source threat intelligence feeds. The combination of ESI real-time, comprehensive network indexing with real-time security information services provides up-to-date intelligence 1) to identify any internal use/accessibility of known Trojan/malware ports; 2) to correlate NetFlow data to malware command and control (C2) servers; or 3) for zombie hunting.
     
  • Network Segmentation and Threat Analytics – Layer 3 segmentation analytics to identify potential leak paths that exist between network segments or between the enterprise network and the Internet – vulnerabilities that put the organization at risk.
     
  • E-mail Alerts, Custom Dashboards/Reports and Visualization/Map Improvement – Alerting, reporting and visualization capabilities are significantly improved to allow network security analysts to quickly make relevant decisions about incidents, while still providing forensic experts with details about the incident and its relations with other historical anomalies.
     

“Security breaches don’t happen on a schedule,” said Pat Donnellan, chief executive officer of Lumeta, “CISOs and their teams need to defend networks in real-time. The addition of a Hadoop engine and Advanced Analytics in ESI 3.0 enables real-time detection of threats, helping network security teams better prioritize and mitigate vulnerabilities before damage is done.”

 

Availability

Lumeta ESI 3.0 will be generally available (GA) on September 30, 2015.

To learn more about Lumeta ESI, please visit: www.lumeta.com/products/esi/

 

About Lumeta Corporation

Lumeta’s network situational awareness platform is the authoritative source for enterprise network infrastructure and cybersecurity analytics. Available for both real-time monitoring and point-in-time auditing, Lumeta recursively indexes a network to identify and map every IP connected device, as well as uncover network segmentation violations and cybersecurity anomalies. The foundational intelligence provided by Lumeta gives IT management a clear, comprehensive assessment of network vulnerabilities, cyber threat risks and policy violations from network edge to core, allowing for decision making impacting security, compliance and availability.  Lumeta’s solution addresses today’s security initiatives associated with continuous monitoring; SANS Top 20 Critical Security Controls; and virtualized infrastructure including private and public cloud visibility, outsourcing and offshoring, and software defined networks (SDN) – all of which increase the complexity of a network and challenge traditional security defenses.  Lumeta’s solution also delivers an efficient and cost-effective process to streamline network consolidation (M&A) projects. Lumeta optimizes other network and security product investments by feeding them accurate and fact-based network intelligence.  Headquartered in Somerset, New Jersey, Lumeta has operations and customers throughout the world. More information is available at www.lumeta.com

Follow Lumeta Corporation

# # #

Lumeta and IPsonar are trademarks of the Lumeta Corporation. Other product and company names appearing in this document may be trademarks of their respective owners.

Contact:

Melody Iffland

Lumeta Corporation

+1-732-357-3509

[email protected]

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: George has not accepted that the technology age has come to an end.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26814
PUBLISHED: 2021-03-06
Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service sc...
CVE-2021-27581
PUBLISHED: 2021-03-05
The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.
CVE-2021-28042
PUBLISHED: 2021-03-05
Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution.
CVE-2021-28041
PUBLISHED: 2021-03-05
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
CVE-2021-3377
PUBLISHED: 2021-03-05
The npm package ansi_up converts ANSI escape codes into HTML. In ansi_up v4, ANSI escape codes can be used to create HTML hyperlinks. Due to insufficient URL sanitization, this feature is affected by a cross-site scripting (XSS) vulnerability. This issue is fixed in v5.0.0.