Lumu Agent for Windows: Measuring remote worker compromise levels in real time

Lumu announced the launch of the Lumu Agent for Windows, a lightweight software built for remote workers in mind, that measures user device’s compromise levels in real time.

Once installed on an end user’s machine, the Lumu Agent silently and persistently runs in the background, collecting network metadata which is then correlated and analyzed by Lumu to provide the most complete compromise visibility available today.

According to a March 2020 survey conducted by Gartner, 88% of organizations worldwide have either mandated or encouraged their employees to work from home due to the global pandemic with many organizations having since announced they will continue to allow employees to work remotely even after the pandemic has ended.

Since millions of employees began logging in from home, opportunistic cyber criminals have been aggressively targeting remote employees with ransomware and spearphishing campaigns, which when successful can provide them with unfettered access to the corporate network.

With cloud technology and adoption skyrocketing over the years, fear of a cloud data security breach has increased significantly just in the past two years, with 53% of IT professionals citing it as a top security concern in 2020

“WFH has become incredibly popular, and many organizations have realized the efficiencies of this method of work, rethinking offices altogether. Unfortunately, enterprises are not the only ones taking advantage of this modality — cybercriminals have found a path to least resistance with remote workers and cyberthreats are an all-time-high,” said Ricardo Villadiego, founder and CEO of Lumu.

“This innovation comes amid the loss of attack visibility resulting from employees working from outside the perimeter and the need to swiftly identify compromises and minimize lateral movement to high value assets. The Lumu Agent will make it easy for security teams to get a unified view of all of the endpoint devices connected to their network and understand whether any of these devices have been compromised.”

The Lumu Agent for Windows feeds directly into Lumu Insights, a cloud-based solution that collects and standardizes metadata from across the network, including DNS queries, Network Flows, access logs from perimeter proxies and firewalls, and spam box filters, and then applies its patent-pending Illumination Process to correlate threat intelligence from these disparate data sources to isolate confirmed points of compromise.

With Lumu’s new Windows Agent, customers will realize some of the following benefits:

  • Extended visibility across the distributed network: IT and security teams can gain critical visibility to any machine or endpoint on which the Lumu Agent is running, effectively closing off any potential back doors a threat actor might use to compromise other network resources.
  • Unified and streamlined deployment: The Lumu Agent can be quickly and easily deployed to an entire population of users and system administrators can control the installation groups and status of each agent via the Lumu Portal.
  • Ensure cloud application security: As more employees use a mix of personal and corporate owned devices to access cloud applications from home, the Lumu Agent provides an additional layer of secure access to provide assurance that user credentials and data are not being abused.
  • Map and isolate compromised assets: By applying advanced network correlation with other network metadata sources, compromised assets can be quickly identified, mapped, and isolated in order to accelerate the mitigation of a compromised device.

Source

Leave a Reply