Hear what our customers and investors say about Lucidum!

Play Video

Anshu Gupta

CISO, Fast

Play Video

John Donovan

Head of Security, Malwarebytes

Play Video

Peter Liebert

Former CISO, State of California

Elwin Wong

CISO, Ross Stores, Inc.

“If we’ve never seen it before, we don’t know its risk or its impact if exploited. Even for assets we can identify, we also need to know the type of device, what software it’s running, what vulnerabilities exist and the data on the asset. Lucidum automatically gives leaders all of that information not only to protect it, but make the right decisions on appropriate actions we should take.”

Adam Glick

CISO, Rocket Software

“The greatest difficulty in cybersecurity is identifying what exists where I’m not looking, so having the ability to understand the full breadth of what is on your network is paramount. With the caliber of the Lucidum team combined with the power of its platform, it’s a fantastic opportunity to invest in the company.”

Ian Amit

CSO, Cimpress

“Asset discovery needs to be as close to perfection as possible without compromises. Lucidum approaches this problem in a more competitive way by shedding light on the dark corners of our environment to allow us to know what’s there. It’s a trust-but-verify approach that is sorely missing today.”

Gary Miller

VP, Head of Security, TaskUs

“By providing persistent hooks into all systems of record across our ever-changing environment, Lucidum gives us an always-on, centralized asset register that brings IT utopia within reach.”

Ralph Pyne

Head of Security, NextRoll

“I expect our investment in Lucidum will yield a 10x ROI resulting from greater efficiency of other tools and a more accurate representation of the problems we need to solve.”

Anshu Gupta

CISO, Fast

Once we had this nightmare scenario of not knowing how many firewalls we had in the environment. And when you don’t have an accurate asset inventory, then you are not really protecting your network.
The biggest problem the enterprises have is visibility. They don’t really know what’s going on.

Lucidum is a solution which provides real value out of the gate.

As soon as you have visibility into your network, visibility in your device’s, visibility into the actors in your network, you can act upon it. Even from a pure management perspective, and there’s so many use cases for wanting management with license management, with having an accurate inventory, even from a financial perspective.

There’s so many use cases that a solution like Lucidum can help with.

You can enrich the data.
You can create specialized queries.
You can have dashboards.
You can have reporting.

All these when put together offer a complete solution.

Given the pedigree of the team, they have a strong technical background, especially the data science element. I wish I had a data science team supporting my security team, and Lucidum just provides that.

You don’t have to build your data science team. Lucidum is there for you.

John Donovan

Head of Security, Malwarebytes

So you have your knowns, your unknowns, and you have your unknown unknowns. So this whole conversation around visibility is really important because part of what your responsibility is to tell the company and the exec staff, and give them your assessment of the risk currently in the environment.

And you might be walking into a situation where someone has that program in place already. You might be walking into one where there is not. You can’t really get a good idea of what your attack surface is. What is the area that you need to defend? Unless you have a strong understanding of what all those assets are, you can’t know about the critical things that you need to protect.

In this case, it turned out to be, there was a well-meaning person in the QA team who had data they needed to move along. So they plugged in a personal NAS device, you know, a little network attached storage device that was full of all the files that they need to transfer to somewhere else.

And absolutely, that wasn’t going to be in the asset inventory, that was a personal device. It was also a device that happened to have some vulnerabilities.
Without having some of the logging in place, we wouldn’t have caught that. That’s where Lucidum helps us excel.

Now, the flip side of that story is we just happened to catch that because of someone who’s going through some searches. And because it happened to be a vulnerable system.

What happens in this scenario where you’ve got 10 more of those across five of your offices? That’s where I really think that looking at getting the right level of visibility is critical to being able to track down those types of issues.

Peter Liebert

Former CISO, State of California

The thing that really, really piqued my interest in what Lucidum’s doing is, as I’ve talked to before, there are a couple key things you have to have: visibility, as well as context. And both of those are notoriously difficult to pin down.

From the visibility standpoint, you’re talking to multiple technologies all over the place, different protocols, you name it. And then once you gain that visibility, what goes into it? Who’s accessing it? Why are they accessing it? What’s the context behind it? And it’s another really critical thing to get and you can’t take action, or actually let me backtrack that, you can take action without visibility and context, but you probably won’t get very far as a CISO, because you’re going to get fired.

So really, the visibility and context pieces are removing the gray unknowns out of what’s within your environment and understanding the risk across the board. If you have those two key components, you can identify what a prioritized list of actions can be.

I have visibility to all my critical assets.

I have the context of who’s doing what there, and why, and I know that if something goes awry, that I should take action.

And you’re able to do so. Lucidum is interesting because it allows for that. It allows for visibility, as well as the context piece, which is absolute gold.