Try our new research platform with insights from 80,000+ expert users

Lumu vs Vectra AI comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Lumu
Ranking in Intrusion Detection and Prevention Software (IDPS)
10th
Ranking in Network Detection and Response (NDR)
8th
Ranking in Extended Detection and Response (XDR)
17th
Average Rating
9.4
Reviews Sentiment
7.8
Number of Reviews
7
Ranking in other categories
No ranking in other categories
Vectra AI
Ranking in Intrusion Detection and Prevention Software (IDPS)
3rd
Ranking in Network Detection and Response (NDR)
2nd
Ranking in Extended Detection and Response (XDR)
15th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
44
Ranking in other categories
Identity Threat Detection and Response (ITDR) (10th), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

As of April 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Lumu is 3.6%, up from 0.7% compared to the previous year. The mindshare of Vectra AI is 11.3%, up from 10.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Juan Solano - PeerSpot reviewer
Protects against threats and handles it in time with moderate pricing
Mostly, Lumu is an automatic tool. We'll deploy on firewalls and DNS servers. Lumu detects every attack on our network. The other day, we had CLC, the command controller, and the tool reacted automatically. It detected the attack and immediately blocked it without intervention from my team. The improvement is in the security process, as it's now entirely automated. We no longer require a technician or engineer to monitor our network 24/7. Lumu updates with AI and global threat intelligence, which greatly assists us. Since our workload is lighter, Lumu handles all of our tasks. We're using FortiGate for the firewall and Kaspersky for endpoints. If you are going to Lumu, you need another solution for the endpoint. You need to integrate with other tools like firewalls or another antivirus. I recommend the solution based on the price, usability, and service offered by the solution. Overall, I rate the solution a nine out of ten.
Mohammad Alkurdi - PeerSpot reviewer
Innovative detection features enhance monitoring
The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like Lumu's simple user interface. When we deployed it, we got full access, allowing us to identify IP addresses on the network and connect machine names to users. It helped us identify and block threats via the firewall. I also appreciate the chat support and ticket closure process. We're currently reviewing network detection solutions, and my recommendations include Lumu, Sentinel, and a few others. Regarding functionality and user-friendliness, I would recommend Lumu over the others."
"Most of it is automated, so I do not have to watch it to get alerts."
"It's been helpful for overall extended network visibility."
"The tool's support team helps partners resolve any problems with the product."
"The context provided by the tool is very complete, it includes the miter matrix, playbooks, links, hashes, and much more."
"You can access external links, playbooks, MITRE Matrix, and a lot of information."
"Lumu protects against threats immediately and handles them in time."
"It's easy to manage, and I love the UX. It's very well designed. When we are looking for something, it's quite easy to find it."
"One of the things that we didn't expect to happen was that our network team also jumped on it faster than we thought. In most cases, if it's a security tool that's working on the network part, they can also use it to find out certain flaws that have been in the system. Certain flaws, related to some legacy stuff, were already there for quite a few years, which they couldn't explain at first, but we could explain them based on the timing of certain things."
"The core product provides excellent visibility, but my favorite feature is Vectra Recall."
"The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well."
"What I like best about Vectra AI is that it alerts you about suspicious activities."
"The UI is easy to use and when we send detection to everybody, they easily understand what we are asking at the time."
"The solution's ability to reduce alerts, by rolling up numerous alerts to create a single incident or campaign, helps in that it collapses all the events to a particular host, or a particular detection to a set of hosts. So it doesn't generate too many alerts. By and large, whatever alerts it generates are actionable, and actionable within the day."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
 

Cons

"The reports need improvement."
"Lumu's ability to discover threats is an area of concern where improvements are needed."
"The free version is minimal compared to the full version."
"Nothing so far needs to be improved."
"The integration with different vendors and endpoints could be improved."
"It would be good if we could access the physical logs."
"I am happy with the current features. However, one important one is to improve the reports."
"One of the things that we are missing a bit is the capability to add our own rules to it. At the moment, the tech engine does its thing, but we have some cool ideas to make additional rules. There should be an option in the platform to add custom rules, or there should be some kind of user group where we can suggest them for the roadmap and see if they get evaluated and get transparent communication on whether they will be implemented in the product or not."
"A blind spot that I have is around the ease with which you can automate threat intervention."
"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."
"Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources."
"If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company."
"Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass."
"ExtraHop has better features that seem more advantageous when compared to Vectra."
"The advantages of the integration are not entirely out-of-the-box. You have to do it manually."
 

Pricing and Cost Advice

"The tool is available at a good price. The tool offers a good and competitive price for customers."
"It is the cheapest solution we found."
"Compared to Lumu, other solutions are more expensive. SentinelOne was a bit cheaper, and another provider's price structure is unclear, but Lumu fit our budget nicely. SentinelOne's cost depends on the number of devices, and it might be similar to Lumu's, depending on deployment."
"Its cost is too much. It's an investment that we can afford. It's a lot, but it's worth it."
"Vectra AI is not a cheap solution."
"At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016 to the beginning of 2017. This indicated we had a lack of ability to detect things on the network. Hence, why we moved quickly to get into the tool in place. We found things like Bitcoin mining and botnets which we closed quickly. In that regard, it was worth the money."
"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."
"The pricing and licensing are quite straightforward because they're based on the IP licenses. As a result, they are easy to count."
"We have a desire to increase our use. However, it all comes down to budget. It's a very expensive tool that is very difficult to prove business support for. We would like to have two separate networks. We have our corporate network and PCI network, which is segregated due to payment processing. We don't have it for deployed in the PCI network. It would be good to have it fully deployed there to provide us with additional monitoring and control, but the cost associated with their licensing model makes it prohibitively expensive to deploy."
"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."
"The licensing is on an annual basis."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
13%
Computer Software Company
9%
Insurance Company
8%
Comms Service Provider
8%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Lumu?
Lumu protects against threats immediately and handles them in time.
What needs improvement with Lumu?
Lumu's ability to discover threats is an area of concern where improvements are needed.
What is your primary use case for Lumu?
My company is currently dealing with Lumu's onboarding process. Lumu is used to monitor the environment permanently and validate if there is ransomware that can exploit our infrastructure.
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
What is your experience regarding pricing and costs for Vectra AI?
It is very acceptable when you compare it with Darktrace, for example.
 

Comparisons

 

Also Known As

No data available
Vectra Networks, Vectra AI NDR
 

Overview

 

Sample Customers

Information Not Available
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about Lumu vs. Vectra AI and other solutions. Updated: March 2025.
848,716 professionals have used our research since 2012.