Lumetrace
Contact us
Network Detection & Response · IT + OT

Advanced network detection & adversary emulation for IT and OT — the layer that completes your defense.

Your endpoint and perimeter tools are essential. Lumetrace adds the network layer — passive, protocol-aware visibility — and proves exactly where you're covered.

Request a Detection-Gap Assessment Explore the platform
Why network-layer

Endpoint security is vital — but attackers move across the network.

EDR, MDR and firewalls do critical work at the endpoint and perimeter. Yet lateral movement, command-and-control, data exfiltration and OT control commands all play out across the network — often beyond an endpoint agent's view, and on devices (PLCs, RTUs, IoT) that can't run one at all. Lumetrace is the complementary layer that watches the wire, so a coordinated attack has nowhere to hide.

🛰️

Defense in depth

A passive network sensor that strengthens — never replaces — your existing security investments.

🏭

IT and OT

Unified visibility across enterprise IT and industrial OT/ICS, including unmanaged and agentless devices.

🔌

Passive by design

Deploys on a SPAN/mirror port. Never inline, never an agent — zero impact on production traffic.

The platform

Lumetrace NDR — see the whole attack, not just an alert.

Zeek-powered network detection that reconstructs the full kill chain and explains it in plain language, mapped to MITRE ATT&CK and ATT&CK for ICS.

  • Kill-chain Attack Stories: recon → C2 → lateral movement → impact, correlated across signals
  • OT/ICS coverage: Modbus, DNP3, S7, EtherNet/IP, BACnet — with passive device fingerprinting + CVE/KEV mapping
  • Executive, incident & technical reports — board-ready, in clear English
  • Threat-intel enrichment and low-jitter C2 beacon detection

Coverage at a glance

Enterprise IT detection
OT / ICS protocol analysis
MITRE ATT&CK + ATT&CK for ICS
Passive deployment (SPAN / mirror)
Agent on every endpointnot required

Detection-Gap Assessment

Reconnaissancedetected
Command & Controlgap
Lateral movementgap
Data exfiltrationgap
Coverage scoremeasured, not guessed
Services

Prove what your stack catches — and what to improve.

We safely emulate a real attacker's kill chain in your staging environment using established, authorized tooling, with Lumetrace as the ground-truth referee. You receive a plain-English report comparing what actually happened to what your existing tools detected.

  • Authorized, assumed-breach adversary emulation — staging only, fully scoped
  • A dual-view detection-gap analysis: your tools vs. ground truth, per attack stage
  • Prioritised, plain-English remediation that strengthens your current investments

Find your blind spots before an attacker does.

Add the network layer to your defense, and measure your true detection coverage across IT and OT.

Talk to us — [email protected]
About

Lumetrace

Lumetrace Ltd is a Hong Kong–registered cybersecurity company building network-layer detection and adversary-emulation capabilities for IT and OT environments. We help organisations see more of their network, validate their existing defenses, and close the gaps that matter.