SOFTWARE SECURITY

Cybersecurity Company Lumu Raises $8M, Signs Partnership with KnowBe4, the World's Largest Integrated Platform for Security Awareness Training

Lumu | August 08, 2022 | Read time : 03:00 min

Lumu
Lumu, creators of the Continuous Compromise Assessment cybersecurity model that empowers organizations to measure compromise in real time, today announced it has closed an $8 million investment round, bringing total funding to $15.5 million. Led by Panoramic Ventures, the investment will serve as growth capital for sales and marketing initiatives to further Lumu's mission of helping organizations operate cybersecurity proficiently. Other investors include KnowBe4 Ventures, Lane Bess, former Zscaler and Palo Alto Networks executive, and Tom Noonan, former CEO at Internet Security Systems and the SoftBank Group's SB Opportunity Fund.

"We are excited to continue to support Lumu through this phase of hypergrowth, as organizations across all verticals are realizing the value of measuring compromise within their networks and acting on this factual data immediately," said Paul Judge, Managing Partner of Panoramic Ventures. "The innovation Lumu is bringing to the market is evident and a true game-changer for cybersecurity operations."

Lumu's Continuous Compromise Assessment model enables any organization to measure and understand compromise to close the breach detection gap from months to minutes continuously and intentionally. Teams receive actionable information about who was impacted, when the incident took place and how best to respond before it escalates to a bigger problem. The company has experienced hyper-growth in 2021 and 2022 and now has more than 3,100 organizations using its technology. The Lumu platform has analyzed more than 1 trillion metadata and detected more than 345 million adversarial contacts.

"With today's economy, hiring constraints and the non-stop cyber threats, companies need tools that enable an accurate understanding of, and swift response to, potential attacks. "Our platform provides context at the granular level to understand each and every incident and the specific techniques used by attackers so that cybersecurity operators can mitigate malicious incidents and overall improve their cybersecurity stack. With cybercriminals quick to take advantage of economic downturns, this funding round emphasizes just how critical of a time it is for enterprises to prioritize protection and defense mechanisms."

Ricardo Villadiego, Founder and CEO of Lumu

The capital will also be used to scale the company's initiative to consistently attract exceptional talent to amplify the reach of Lumu's cyber industry-leading resilience message and to build credibility with target audiences to help companies of all sizes and verticals proficiently operate cybersecurity functions.

KnowBe4 is one of the key investors joining Lumu's funding round. The companies will join forces to further their missions of enabling employees and security teams to make smarter security decisions every day.

Miami-based Lumu is founded and led by Ricardo Villadiego, a successful second-time founder who is part of the SB Opportunity Fund's community of visionary Black, Latinx, and Native American entrepreneurs.

About Lumu
Headquartered in Miami, Florida, Lumu is a cybersecurity company focused on helping enterprise organizations illuminate threats and isolate confirmed instances of compromise. Applying principles of Continuous Compromise Assessment, Lumu has built a powerful closed-loop, self-learning solution that helps security teams accelerate compromise detection, gain real-time visibility across their infrastructure, and close the breach detection gap from months to minutes.

Spotlight

Results of an independent survey of 3,100 IT managers commissioned by Sophos. To understand the realities of endpoint security today, Sophos commissioned independent research specialist Vanson Bourne to survey 3,100 IT managers across the globe. The resulting paper reveals the experiences, concerns and future plans of organizations in 12 countries and six continents. It provides deep insight into the day-to-day challenges IT teams face securing their organizations against cyberattacks, as well as their experiences with endpoint detection and response (EDR) technologies.

Spotlight

Results of an independent survey of 3,100 IT managers commissioned by Sophos. To understand the realities of endpoint security today, Sophos commissioned independent research specialist Vanson Bourne to survey 3,100 IT managers across the globe. The resulting paper reveals the experiences, concerns and future plans of organizations in 12 countries and six continents. It provides deep insight into the day-to-day challenges IT teams face securing their organizations against cyberattacks, as well as their experiences with endpoint detection and response (EDR) technologies.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Keeper Security Launches Upgraded MSP Platform

Keeper Security | September 09, 2022

Keeper Security, the leading provider of zero-trust, zero-knowledge and FedRAMP Authorized cybersecurity software, today released an upgraded KeeperMSP platform that offers robust security and compliance solutions through an expanded portfolio of Keeper zero-trust security capabilities. These new market-leading features will help Managed Service Provider (MSP) partners oversee security and compliance for their customer base in an increasingly challenging threat landscape. The platform enhancements include powerful add-on features and products that offer a broad range of new solutions for MSPs, including: Advanced Reporting & Alerts (ARAM) Module; BreachWatch®; Compliance Reporting; KeeperChat®; Secure File Storage; Keeper Secrets Manager and Keeper Connection Manager. "At Keeper Security, we are committed to providing our MSP partners with the cutting-edge tools they need to achieve robust security and compliance for their internal users and the customers they support. "With the upgrades to KeeperMSP, we are equipping partners with powerful new features that support a zero-trust security model for maximum protection. MSPs can now offer even more Keeper features to their users and managed companies to help detect threats and prevent attacks." Darren Guccione, CEO and co-founder of Keeper Security Security and compliance capabilities included in Keeper's upgraded MSP platform include: Advanced Reporting & Alerts (ARAM) Module, which empowers InfoSec administrators to monitor more than 100 different security and activity-related event types via customizable reports, real-time notifications and seamless integration into any third-party SIEM solution. BreachWatch®, which continuously scans the dark web and receives alerts on compromised passwords to take immediate action for preventing an account takeover attack. Compliance Reporting that provides on-demand visibility of access permissions for the organization's credentials and secrets, and supports audits for Sarbanes Oxley (SOX) and other industry regulations that require access-control monitoring and event auditing. KeeperChat®, which enables secure, ephemeral messaging across employee devices with the world's most secure messaging solution, protecting communications with end-to-end encryption. Secure File Storage that taps into Keeper's zero-knowledge encryption to put secure file storage, retrieval and decryption privileges in the hands of approved users only. Keeper Secrets Manager, which secures your environment and eliminates secrets sprawl by removing hard-coded credentials from your source code, config files and CI/CD systems. Keeper Connection Manager, which provides DevOps and IT teams with effortless access to RDP, SSH and Kubernetes endpoints through a web browser. The upgraded Keeper MSP platform offers new revenue opportunities and competitive differentiation for users. The market-leading, differentiated features and bundling options will help MSPs keep pace in the ever-changing cybersecurity industry. About Keeper Security Keeper Security, Inc. ("Keeper") is transforming the way organizations and individuals protect their credentials, secrets, connections and sensitive digital assets to significantly reduce the risks of identity security-related cyberattacks, while gaining visibility and control. Keeper is the leading provider of zero-trust and zero-knowledge security cloud services trusted by millions of people and thousands of organizations for password management, secrets management, privileged access, secure remote infrastructure access and encrypted messaging.

Read More

DATA SECURITY

Imperva Extends its Data Security Fabric to Include Enterprise Data Lakes Built on AWS

Imperva | July 27, 2022

Imperva, Inc., a comprehensive digital security leader, announces that its award-winning Imperva Data Security Fabric (DSF) now provides data-centric protection and compliance for enterprise data lakes built on Amazon Web Services (AWS). Imperva reinforces its commitment to securing data and all paths to it by allowing AWS customers to secure their data with one comprehensive platform, leveraging a unified security model across Amazon Aurora, Amazon Redshift, Amazon Relational Database Service (Amazon RDS), Amazon DynamoDB, Amazon Athena, and AWS CloudFormation without requiring any changes to their existing data infrastructure. Many security teams have gaps in their resources and domain expertise required to ensure their data lake meets organizational compliance and security policies. In particular, organizations must be able to simultaneously identify when a compromised user accesses sensitive data, while also preventing data from being stolen by malicious insiders. These gaps can mean that organizations must choose between limiting the data they store in a data lake, and putting themselves at risk of non-compliance, or in the worst-case scenario, a data breach. Many security teams have gaps in their resources and domain expertise required to ensure their data lake meets organizational compliance and security policies. In particular, organizations must be able to simultaneously identify when a compromised user accesses sensitive data, while also preventing data from being stolen by malicious insiders. These gaps can mean that organizations must choose between limiting the data they store in a data lake, and putting themselves at risk of non-compliance, or in the worst-case scenario, a data breach. Imperva DSF includes User Entity Behavior Analytics (UEBA) models that can identify suspicious data access patterns, such as excessive access to sensitive records, the use of privileged service accounts by interactive users, and suspicious network connections. This helps organizations automatically identify and detect potential data breaches without the need for specialized data security analysts. Finally, with Imperva DSF, security operations teams can create playbooks to automatically mitigate threats using native AWS features like security groups or revoking user access using AWS IAM. This ensures organizations stay in compliance while also helping to prevent data breaches. Comprehensive Data Security From one holistic dashboard, Imperva DSF delivers a broad range of data security capabilities – including data discovery, classification, monitoring, access control, risk analytics, compliance management, security automation, threat detection, and audit reporting. This makes it easier for customers to protect the migration of sensitive data, including Personally Identifiable Information (PII) like customer names, email addresses, phone numbers, and gender, and adhere to privacy regulations, such as the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI-DSS), and the Health Insurance Portability and Accountability Act (HIPAA). Tens of thousands of organizations build data lakes on AWS and configure AWS Lake Formation, AWS Identity and Access Management (IAM), and Amazon Simple Storage Service (Amazon S3) policies to secure access to them. Imperva DSF leverages services like AWS Lake Formation and AWS Glue to discover data lakes, monitor how users query and access stored data, and detect and prevent malicious user access and data leakage incidents. Imperva DSF also safeguards critical data workloads across all of their databases, file repositories, data warehouses, multicloud, and data lake environments. Imperva Data Security Fabric can be deployed directly in any AWS Regions using pre-built AWS CloudFormation templates. Once deployed, Imperva DSF will begin discovering and monitoring data lakes. More than 400 pre-defined vulnerability assessment tests are available for cloud databases on AWS. Also, Imperva DSF takes the complexity out of deciding which baselines to establish by including policies based on Center for Internet Security (CIS) and Defense Information System Agency’s (DISA) Security Technical Implementation Guide (STIG) benchmarks that are adapted for the cloud. "AWS allows organizations to quickly and securely build solutions that help them to reach new markets and deliver new services to end users,” says Dan Neault, SVP and GM, Data Security, Imperva. “Imperva Data Security Fabric gives organizations building data lakes on AWS a streamlined experience for securing data, and confidence that their data lakes are in compliance.” About Imperva DSF on AWS The support of data lakes is the latest milestone in Imperva’s work with AWS. Imperva is an AWS Partner with the AWS Security Independent Software Vendor (ISV) Competency and Amazon RDS Ready Product validation. Imperva also participates in AWS Marketplace and AWS ISV Accelerate Program. About Imperva Imperva is the cybersecurity leader whose mission is to help organizations protect their data and all paths to it. Customers around the world trust Imperva to protect their applications, data and websites from cyber attacks. With an integrated approach combining edge, application security and data security, Imperva protects companies through all stages of their digital journey. Imperva Research Labs and our global intelligence community enable Imperva to stay ahead of the threat landscape and seamlessly integrate the latest security, privacy and compliance expertise into our solutions.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Radware Launches New Cloud Security Center in Taiwan

Radware | August 30, 2022

Radware® , a leading provider of cyber security and application delivery solutions, announced the launch of a new cloud security center in Taiwan. The facility will enable customers in Taiwan to secure their datacenters, networks, web and mobile applications, and their APIs with minimal latency, as well as mitigate compliance processes involved in offshore routing. The new security center will protect customers against denial-of-service attacks, web application attacks, malicious bot traffic, and attacks on APIs. This includes the OWASP Top 10 Web Application Security Risks for 2021, OWASP Top 21 Automated Threats to Web Applications, OWASP API Security Top 10, as well as volumetric distributed denial-of-service (DDoS) and application-level DDoS attacks. According to Radware’s First Half 2022 Global Threat Analysis Report, during the first six months of 2022: The number of malicious DDoS attacks climbed 203% compared to the first six months of 2021. The average number of DDoS events per month, per customer was almost 1.5 times higher in the first half of 2022, compared to 2021 and 2020. The number of malicious web application transactions grew by 38%, compared to the first six months of 2021, surpassing the total number of malicious transactions recorded in 2020. “As the size and speed of cyberattacks continue to rise, the launch of the new cloud security center in Taiwan enables us to deliver faster mitigation response times in the region along with the highest levels of security protection,” said Haim Zelikovsky, vice president of Radware’s cloud security services business. “The center also meets a growing demand for local security that complies with data sovereignty requirements.” The new security center in Taiwan is the latest addition to Radware’s cloud security network. Today, the network includes over 10Tbps of mitigation capacity across more than 50 security centers located around the globe. “Radware continues to make investments in protecting businesses and governments alike from the growing threat of cyberattacks. "Taiwan is located within an influential hub in the Asia-Pacific region. Information security is regarded as a national security issue. Setting up a cloud security center in Taiwan will help improve information security standards and increase regional cyber defenses.” Alan Lee, regional director for Radware in Taiwan and Hong Kong About Radware Radware® is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection, and availability services to enterprises globally. Radware’s solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity, and achieve maximum productivity while keeping costs down. For more information, please visit the Radware website.

Read More