Lumeta Spectre - Higher Sense in Real Time

Pioneering Real-Time Cyber Situational Awareness

Modern enterprise IT infrastructure is virtualized, leveraging private, public or hybrid “clouds” consisting of internal and external compute resources. And increasingly, enterprise network users are doing business on mobile platforms – smartphones, tablets and notebooks. Traditional security and vulnerability assessment (VA) products already miss at least 40% of what was physically hardwired to the network because they don’t search for the unknown. Additionally, since VA scans stop, take too long to complete or consume too much network resource, they are often performed outside of normal business hours.  This means IT security teams fail to gain cyber visibility into those mobile, virtual and cloud assets that simply aren’t present at the time the VA scan is looking.

Lumeta® Spectre, formerly ESI, offers real-time, context-driven security intelligence to address these problems. By enhancing Lumeta’s Recursive Network Indexing techniques with the context of network state change via analysis of network control plane protocols (OSPF, BGP, ARP, DHCP, DNS, ICMPv6, and others),

Lumeta Spectre is able to provide authoritative cyber situational awareness, in real-time, as mobile, virtual, cloud assets and even the physical/software defined network itself changes.


Network Infrastructure Analytics
  • Installs as a “non-routing” (OSPF, BGP) router to monitor for real-time changes to the network address space/routing table in use
  • Discovers changes to the network’s edge in real-time
  • Authoritatively identifies new physical or virtual compute assets coming onto the network within minutes and provides dynamic visualization of changes
  • Targets clientless/agentless profiling of new assets within minutes, while they remain present
Breach Detection Analytics

The Lumeta Spectre Cyber Threat Probe consumes open source and commercial threat intelligence data streams and correlates with Lumeta Spectre indexed metadata to:

  • Discover newly compromised zombie computers that are operating on your network
  • Discover within minutes whether known command and control (C2) infrastructure on the Internet is accessible from anywhere inside your network edge
  • Discover within minutes whether known Dark Web (TOR) exit nodes are accessible from anywhere inside your network edge
  • Provide real-time identification of nefarious TCP/UDP port usage by known malware exploits
  • Provide real time identification of changes to TCP/UDP port usage which may be an indicator of compromise – i.e. RDP, FTP usage violations
  • Adds the context of NetFlow and other data streams within the embedded Hadoop Distributed File System (HDFS) to provide deeper security intelligence, analysis and insights leading to faster remediation
Network Segmentation Analytics
  • Discover newly active networks in real-time
  • Discover networks that have become non-responsive, unreachable within minutes
  • Find routed (L3) “leak paths” from critical internal networks to the Internet or in between network enclaves in real-time
  • Issue network segmentation alarms and alerts into SIEM, GRC, device policy management tools for immediate remediation


Lumeta Spectre Portal

Lumeta Spectre Technology and Architecture


Lumeta Spectre Use Cases

Cloud Security

Cyber Defense

Real-time Breach Detection



To learn more, please watch our Lumeta Spectre (ESI) product videos: “Lumeta Spectre – Overview,” “Lumeta Spectre – Data & Reporting Overview” and “Lumeta Spectre – Mapping Overview


Lumeta Spectre Product Reviews

Lumeta Spectre (ESI) Earns World Class Award for (Network) Cyber Situational Awareness from Network Testing Labs: In comparative tests against Tenable Network Security’s Nessus Enterprise, Lumeta Spectres superior device discovery, leak path detection and comprehensive reports earned it top honors in the review. Download a complete copy of the testing review.