Stop Hidden Cyber Threats with IronDefense


Stop Hidden Cyber Threats with IronDefense

By Greg Tavarez

Organizations are on the move to the cloud as part of their digital transformation. But they might be unaware of unknown threats that slipped past endpoint and firewall detection. A network detection and response solution is needed to embolden analysts on any team to gain visibility across the entire threat landscape.

IronNet’s IronDefense solution enables advanced and early visibility of unknown cyber threats that might have snuck past endpoint and firewall detection and entered the network, whether on-premises or in the cloud. And IronNet is in the process of adding enhanced capabilities to the solution.

IronNet’s latest NDR updates allow security operations center analysts to use IronDefense to detect VPN abuse such as high failed logins, password spray and suspicious login times. Additional analytics updates enable detection of ongoing patterns of fixed-interval and randomized-timing beacon activity as well as the detection of DNS tunnels using advanced encoding techniques being leveraged by attackers.

Additionally, new sensors are auto-commissioned and auto-upgraded without requiring interaction from the SOC staff.

And, from a more ecosystem perspective, IronDefense enables customers using SentinelOne EDR to create and update network inventory as well as isolate a device in a SentinelOne-deployed network remotely from the entity page in the IronDefense UI. Similar capability exists for CarbonBlack and Crowdstrike endpoints.

"We strive always to integrate best-in-class behavioral analytics to stay ahead of ever-changing tactics, techniques and procedures used by nation-state adversaries and cyber-criminal organizations,” said Raj Sivasankar, IronNet vice president of product management. “Our goal is to deliver enhanced, broad and early visibility of threats on enterprise networks–well before business impact.”

The update to the IronDefense solution is proof that IronNet continues to empower security teams to do more with fewer resources. This is of vital importance as organizations seem to struggle to find the level of security talent needed to secure the network against advanced and less sophisticated cyberattacks.

IronNet’s advanced threat detection technology and proactive threat intelligence allow the IronNet Collective Defense platform, powered by AWS, to serve as an early warning system for organizations participating in IronNet’s shared defense approach to cybersecurity.

Edited by Erik Linask

MSPToday Editor

Related Articles

GFI Software Named a Platinum Sponsor for MSP Expo 2023, Part of the #TECHSUPERSHOW

By: TMCnet News    1/31/2023

MSP Expo is the premier conference and networking summit for MSPs. This is where MSP business owners and technology specialists share strategies to gr…

Read More

Pioneering Technologist Klaus Dimmler Named Pax8 Chief Science Officer

By: Arti Loftus    1/30/2023

Pax8 announced a newly created position, Chief Science Officer (CSO) - as part of the company's mission to bring transformational cloud solutions to t…

Read More

Advanced MSPs Are Helping Law Firms Embrace Cloud

By: Reece Loftus    1/30/2023

This is the perfect time for law firms to embrace digital transformation and to take full advantage of automation for operational optimization.

Read More

Iron Bow Ramparts Cybersecurity Portfolio with GuardSight

By: Greg Tavarez    1/30/2023

Iron Bow is set to deliver holistic zero trust cybersecurity solutions with its acquisition of GuardSight.

Read More

Grain Expands Activity in Managed Services Sector with Spectrotel Acquisition

By: Greg Tavarez    1/27/2023

Grain acquired Spectrotel, a next-generation aggregator and integrated technology services provider.

Read More