Proactive mitigation of cyber threats
Detect and respond faster to
stealthy threats targeting
Our solution delivers unparalleled visibility, detection, and integrated
cyber hunt to security operation teams of all sizes.
IronDefense is a Network Detection & Response (NDR) platform that improves visibility across the threat landscape and amplifies detection efficacy within your network environment, allowing your SOC team to be more efficient and effective with existing cyber defense tools, resources, and analyst capacity.
IronDefense gives you:
"IronDefense detected threats six times better than our
current stack of cyber tools."
See more cyber threats. Faster.
We need a new, more advanced weapon to detect unknown threats: network behavior-based AI models that detect sophisticated adversaries and shorten response time.
Is artificial intelligence worth the investment?
This white paper explores whether AI is an effective way to gain economies of scale for faster, more efficient threat detection and response.
Why Thomson Reuters chose IronDefense
formerly Thomson Reuters CISO
A closer look at how IronDefense improves visibility, detection, and efficiency
Real-time insights across industry threatscapes, human insights to detected threats, and higher-order analysis of anomalies correlated across groups of peers via IronDome Collective Defense integration.
Advanced network behavioral analysis that leverages proven AI/ML and analytics used to defend highly secure networks, allowing the ability to scale up analysis to the largest enterprises.
Experienced insights — a “second pair of eyes” — from some of the nation’s top defenders, applied via IronDefense’s Expert System to supplement limited cyber staff and to enable faster, more effective prioritization and mitigation/response.
Threat detection types
Cyber threats can be organized into three main categories: known knowns, known unknowns, and
unknown unknowns. The techniques required to detect them generally get more sophisticated as
they progress from known to unknown.
IronDefense can leverage all types of threat intelligence and contextual data to identify known threats.
- Identifying bad IP or URL addresses based on a threat intelligence feed
- Taking known indicators and searching across billions of metadata flows
IronDefense leverages a range of behavioral analysis, machine-learning, and artificial intelligence detection models to counter evasion techniques used by attackers to bypass existing cyber defenses.
- Supervised - Automating searches for vendor-identified “known bads”
- Unsupervised - Anomaly detection in a growing dataset
IronDefense works with IronDome for higher order analysis and peer collaboration across an industry to identify emerging threats targeting your business ecosystems.
- Models determine network behavior features to extract and examine
- IronNet SMEs label the data based on context and experience
- IronNet SMEs train the models, which become more intelligent over time
IronNet offers customers a dedicated Customer Success team and real-time insights from the IronNet Cyber Operations Center (CyOC), which operationalizes IronDefense using the Detect, Alert, Analyze, Act, and Share methodology. We provide expert monitoring, cyber threat hunting, and response for our clients’ networks.
The proof is within reach. Wherever you are.
IronNet’s remote Proof of Value
- experience the automatic detection and prioritization of advanced threats
- engage in a Cyber Threat Emulation exercise; and
- see first hand how we fit into your organization’s workflow.
How it works
IronDefense ingests north-south traffic at your network perimeter and east-west traffic within your enterprise to provide full visibility across your network and full insights at the individual session level with its continuous PCAP capture capability. IronDefense can be deployed in the public cloud through Amazon Web Services (AWS) or on-premise as hardware.