Try our new research platform with insights from 80,000+ expert users

Lumu vs Vectra AI comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024
 

Categories and Ranking

Lumu
Ranking in Intrusion Detection and Prevention Software (IDPS)
12th
Ranking in Network Detection and Response (NDR)
9th
Ranking in Extended Detection and Response (XDR)
17th
Average Rating
9.4
Number of Reviews
7
Ranking in other categories
No ranking in other categories
Vectra AI
Ranking in Intrusion Detection and Prevention Software (IDPS)
2nd
Ranking in Network Detection and Response (NDR)
2nd
Ranking in Extended Detection and Response (XDR)
9th
Average Rating
8.6
Number of Reviews
42
Ranking in other categories
Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (4th)
 

Mindshare comparison

As of November 2024, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Lumu is 2.3%, up from 0.7% compared to the previous year. The mindshare of Vectra AI is 11.4%, up from 9.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Juan Solano - PeerSpot reviewer
Mar 28, 2024
Protects against threats and handles it in time with moderate pricing
Mostly, Lumu is an automatic tool. We'll deploy on firewalls and DNS servers. Lumu detects every attack on our network. The other day, we had CLC, the command controller, and the tool reacted automatically. It detected the attack and immediately blocked it without intervention from my team. The improvement is in the security process, as it's now entirely automated. We no longer require a technician or engineer to monitor our network 24/7. Lumu updates with AI and global threat intelligence, which greatly assists us. Since our workload is lighter, Lumu handles all of our tasks. We're using FortiGate for the firewall and Kaspersky for endpoints. If you are going to Lumu, you need another solution for the endpoint. You need to integrate with other tools like firewalls or another antivirus. I recommend the solution based on the price, usability, and service offered by the solution. Overall, I rate the solution a nine out of ten.
Tony Whelton - PeerSpot reviewer
Mar 7, 2023
Integrates well with other security solutions and provides good technical support
The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us. With one nice front dashboard, we can look at the high-volume threats rather than all of the noise. We do get a lot of noise as our students all own their own devices. With Vectra AI, we can look at threats in a controlled manner, which saves us an extraordinary amount of time. Even if I doubled the manpower, I doubt that I would still have the same visibility that I have with the correct security platform. Vectra AI's Threat Detection and Response platform has done remarkably well. We're well-versed in using the security dashboard from Microsoft Defender, and we're at the stage where we are checking both. We haven't fully switched to relying on only the Vectra dashboard yet. In terms of Vectra AI Attack Signal Intelligence for empowering security analysts within our organization, we have complete faith in the data that's coming through from Vectra. If we could also have what's happening at the front-end, that is, the firewall, then it would give us the complete security front dashboard.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like Lumu's simple user interface. When we deployed it, we got full access, allowing us to identify IP addresses on the network and connect machine names to users. It helped us identify and block threats via the firewall. I also appreciate the chat support and ticket closure process. We're currently reviewing network detection solutions, and my recommendations include Lumu, Sentinel, and a few others. Regarding functionality and user-friendliness, I would recommend Lumu over the others."
"The context provided by the tool is very complete, it includes the miter matrix, playbooks, links, hashes, and much more."
"Most of it is automated, so I do not have to watch it to get alerts."
"The tool's support team helps partners resolve any problems with the product."
"Lumu protects against threats immediately and handles them in time."
"It's been helpful for overall extended network visibility."
"You can access external links, playbooks, MITRE Matrix, and a lot of information."
"The initial setup was pretty straightforward."
"It has helped us to organize our security. We get a better overview on what is happening on the network, which has helped us get quicker responses to users. If we see malicious activity, then we can quickly take action on it. Previously, we weren't getting an overview as fast as we are now, so we can now provide a quicker response."
"It's easy to manage, and I love the UX. It's very well designed. When we are looking for something, it's quite easy to find it."
"Vectra is very compatible with various cloud providers, such as Amazon and Azure AD. This is helpful as customers often migrate their network infrastructure to the cloud."
"Scalability wise, we have many sensors, and Vectra AI seems to handle them all very well."
"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"The packet-capturing feature is very useful."
 

Cons

"The reports need improvement."
"The free version is minimal compared to the full version."
"It would be good if we could access the physical logs."
"I am happy with the current features. However, one important one is to improve the reports."
"Lumu's ability to discover threats is an area of concern where improvements are needed."
"The integration with different vendors and endpoints could be improved."
"Nothing so far needs to be improved."
"In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment."
"The solution has not reduced the security analyst workload in our organization because we still need to SIEM. Unfortunately, while Vectra, for us, is a brilliant tool for network investigations, giving wonderful visibility, it doesn't go the whole way to replace our SIEM that is needed for compliance. So, I still have the same amount of alerting and logging that I did before. It gives us more defined ability to see incidents, but it doesn't give us enough information to satisfy a PCI or 27001 audit."
"I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable."
"Other alternatives, like Darktrace, have a fancier UI."
"An area for improvement in Vectra AI is reporting because it currently needs some details. For example, when you download a report from Vectra AI, you won't see complete information about the alerts or triggers. Another area for improvement in the tool is that sometimes, an alert has high severity, yet it's marked as low severity. Vectra AI should have a mechanism to change the severity level from low to high or critical."
"I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."
"It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability."
"We have a lot of system solutions and integrations with system solutions. Vectra is a type of black box. It implements AI-informed detection mechanisms, but we cannot create system detections. I understand that the product is designed this way, but it would be great if we could create our own detections as well."
 

Pricing and Cost Advice

"It is the cheapest solution we found."
"Compared to Lumu, other solutions are more expensive. SentinelOne was a bit cheaper, and another provider's price structure is unclear, but Lumu fit our budget nicely. SentinelOne's cost depends on the number of devices, and it might be similar to Lumu's, depending on deployment."
"The tool is available at a good price. The tool offers a good and competitive price for customers."
"Vectra AI is not a cheap solution."
"Their licensing model is antiquated. I'm not a fan of their licensing model. We have to pay for licensing based on four different things. You have to pay based on the number of unique IPs, the number of logs that we send through Recall and Stream, and the size of our environment. They need to simplify their licensing down to just one thing. It should be based on the amount of data, the number of devices, or something else, but there should be just one thing for everything. That's what they need to base their licensing on. Cost-wise, they're not cheap. They were definitely the most expensive option, but you get what you pay for. They're not the cheapest option."
"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."
"The license is based on the concurrent IP addresses that it's investigating. We have 9,800 to 10,000 IP addresses."
"The pricing is very good. It's less expensive than many of the tools out there."
"Vectra AI's pricing is cheaper than that of Darktrace."
"We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for."
"From a licensing perspective, the Vectra detect platform is pretty doable. Also, the hardware prices are nothing that we're not used to. The stream part is a little overpriced compared to the detect part. The reason is that you need to stream data to detect events anyway, so the data is in there. The only thing that's not available is the UI to be able to look at the stream data, which is also on the appliances but is just not activated. That's mainly the thing that we want to improve on."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
14%
Computer Software Company
12%
Comms Service Provider
10%
Government
9%
Computer Software Company
17%
Financial Services Firm
12%
Manufacturing Company
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Lumu?
Lumu protects against threats immediately and handles them in time.
What needs improvement with Lumu?
Lumu's ability to discover threats is an area of concern where improvements are needed.
What is your primary use case for Lumu?
My company is currently dealing with Lumu's onboarding process. Lumu is used to monitor the environment permanently and validate if there is ransomware that can exploit our infrastructure.
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
 

Comparisons

 

Also Known As

No data available
Vectra Networks, Vectra AI NDR
 

Overview

 

Sample Customers

Information Not Available
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about Lumu vs. Vectra AI and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.