June was a busy month of validation by industry analysts for IronNet’s IronDefense and IronDome solutions. For the second year in a row, we were named as a Representative Vendor in Gartner’s “Market Guide for Network Detection and Response (NDR)” (formerly known as Gartner’s Market Guide for Network Traffic Analysis in 2019). Likewise, Forrester named us a representative vendor in its new NowTech: Network Analytic and Visibility, Q2, 2020 research, and Omdia’s “On the Radar: IronNet Cybersecurity applies analytics, threat intelligence for collective defense” report discusses in depth the benefits of IronNet’s NDR and Collective Defense capabilities. We start with Gartner's NDR Market Guide and why IronNet was listed as a key vendor in this space.
IronDefense: more than Network Detection and Response
The new Gartner Market Guide for NDR highlights the fact that perimeter security and endpoint tools alone are not enough, adding that a behavioral-based network analysis capability is a critical component to an enterprise’s cyber defenses. Gartner cites that many of its clients have reported unique detections by NDR tools such as IronDefense that no other perimeter tools have found. This is certainly the case even for IronNet’s set of customers, who tend to be security mature enterprises with numerous cybersecurity tools and an in-house security operations center (SOC) teams.
While many of the NDR vendors covered by Gartner provide some level of behavioral detection and elements of automated response, IronNet is differentiated in our ability to:
- Automate the triage workflow of a Tier 1 SOC Analyst - The Expert System module of IronDefense takes anomalous traffic detected by our advanced behavioral analytics and automatically procures and applies contextual data to further prioritize and reduce detected anomalies to just a handful that a SOC analyst has to triage, thereby saving time and reducing false-positives.
- Conduct sophisticated manual hunt across any network flow - The integrated hunt model of IronDefense is built by elite cyber hunters for hunters. It allows you to pivot from alert to full investigation down all network metadata and full-PCAP across every network flow in every network segment that our network sensors monitor, in turn providing unparalleled visibility across an enterprise.
- Collaborate with SOC peers within your organization or across the Industry - What is truly unique about IronDefense is its integration with IronDome to deliver what Gartner describes as collaboration capabilities that allow communities of peers within an industry to work together to defend against targeted threats, increasing the threat landscape visibility and reducing the impact of an attack for all participants.
Pairing IronDefense with existing cyber security tools at the perimeter, on the endpoints, and with your security teams increases the breadth and depth of coverage across adversarial tools and tactics covered by frameworks such as MITRE ATT&CK.
Next week, I will review why IronNet was highlighted as a representative vendor in Forrester's NowTech: Network Analytic and Visibility, Q2, 2020 research. In the meantime, learn more about IronNet's NDR capabilities.