Thought Leaders in Cyber Security: Pat Donnellan, CEO of Lumeta (Part 2)

Pat Donnellan: The third part, which is a subset of the real-time product, is that we have built a Hadoop engine that enables the storage of what we’re gathering so that if there is an event – an incident response required – around a particular time, a particular network, a particular region, and a particular set of IP addresses, we can enable you to forensically zone back prior policy of storage to that particular set of circumstances. Again, looking at the real-time movements over a specific period of time.

More recently, we’ve added the capability of taking the threat intelligence libraries of known bad actors and being able to test in conjunction with our product in real-time whether or not your enterprise is now exposed to a particular bad actor. Whether you have within your organization a functioning device that has been zombied, that is the third strand of what we do. We crawl the network akin to how Google crawls across a multitude of databases to gather information. We crawl recursively, right out to the edge of the network and beyond, if required, to enable you to continuously understand your network. We make sense of that. We enable you to prioritize with our Hadoop engine the five things that are priority policy.

I’ll give you the example of being locked down in a retail world or in an M&A world. Our evolution is that we want to integrate with other products that can enable predicting of these events. That would be part of our roadmap. The elements are network architecture analytics, network segmentation, and cyber security analytics. That’s what we do. We do that in conjunction with a range of products. We don’t pretend to be the all-in end. We are the foundation. Without us, you miss 15% to 20%. We have examples, again, to go back to your case studies.

We did a government project where the assumed device head count was 150,000 devices. That actual number of devices was 170,000. The number of unknown networks that we found in this environment was 3,278. The number of unauthorized devices was 520. I can go into manufacturing. I can go into financial services and can quote you similar alarming numbers that we address. We’re integrating with a set of technology partners in the vulnerability scanning space. Why? Because on their own, they don’t have the visibility that we can provide to them, enabling them to scan comprehensively, which we argue, they have a difficulty doing today.

Sramana Mitra: Which partners do you integrate with?

Pat Donnellan: We integrate with Tripwire, Rapid7, Qualis, and SIMS – ArcSite being an example. We are planning a myriad of other integrations in the cyber analytics space. I can’t quote them right now because we’re still in contract negotiations but in the cyber analytics space, we would integrate with those threat intelligence providers so that, essentially, we can operationalize the information they provide, which today is addressed in a manual mode.

This segment is part 2 in the series : Thought Leaders in Cyber Security: Pat Donnellan, CEO of Lumeta
1 2 3