Putting our people to work for you

Narrowing the cyber talent
gap just got easier

We are committed to driving your business outcomes by supporting the
IronDefense implementation and operations.

A closer look at IronDefense Services

For IronDefense customers, add-on service options include Customer Success for
successful product implementation and adoption to ensure delivery of customer
desired business outcomes and the Cyber Operations Center (CyOC) for monitoring
and threat hunting across customer networks.

Customer Success

IronNet's Customer Success (CS) Team has extensive cybersecurity, project management and technical
experience. IronNet CS is dedicated to ensuring successful product implementation and
adoption and serves to ensure delivery of customer desired business outcomes.

  • Installation and Implementation:

    Installation and implementation begins with a site survey, intended to ensure the customer data center is ready to receive IronNet equipment and to best understand the customer enterprise architecture. IronNet meets with customer network teams to ensure proper placement of sensors within the network architecture and ensure the customer can physically and logically support the successful deployment of IronNet products.

  • Tuning and Optimization:

    During the tuning process, the IronNet team’s focus is on optimizing the configuration of IronDefense. This may include the addition of log file ingest, fine tuning of inbound traffic, integration with SIEM and SOAR products, whitelisting and Threat Intelligence Rules (TIRs).

  • Onboarding and Training:

    IronNet’s Customer Success team provides end-user training on basic product functionality, analytics, alerts, hunting, and tuning using whitelists and TIRs . IronNet discusses current SOC workflow and ensures integration needs of the customer have been met.

  • Success Planning and Ongoing Support:

    Once onboarding is complete, the IronNet Customer Success Team remains engaged to ensure desired business outcomes are accomplished. The CSM facilitates regular strategic and tactical touchpoints, is a primary point of contact for product feedback, and proactively ensures ongoing success with IronNet product and services.

IronNet Cyber Operations Center (CyOC)

Our team of expert offensive and defensive cybersecurity operators has experience defending both
private and public sectors against advanced threats. These teams provide monitoring and threat hunting
in IronDefense customer networks.

  • Event Notifications:

    Our CyOC team continually monitors and researches events and anomalies. The IronNet Portal is used to notify customers of IronDefense findings of interest related to a customer’s network. Notification is distributed to members determined by the customer and includes full event analysis and mitigation recommendation.

  • Rule Deployment:

    CyOC’s Threat Intelligence analysts support customer operations by providing context to manual hunt operations and alert triage. Our team produces tailored threat information to customer instances of IronDefense through Threat Intelligence Rule updates based on current suspicious and malicious Indicators of Compromise (IOC), IronDome insights, emerging threat research, and results of research our company’s malware reversing engineers are focused on.

  • Reporting:

    Periodic insights reports are provided to the customer on threat trends correlated to a customer’s network and sector. This reporting provides summarized and actionable Indicators of Compromise (IOC) associated with high risk network behaviors mapped to the Cyber Kill Chain to identify the stage and progression of the threat and a detailed listing of resulting Threat Intelligence Rules deployed to customer instances of IronDefense.

  • Reachback Support:

    Through the IronNet Partner Portal, customers can submit requests to senior cyber security experts with a 24 hour response. Scope of requests include hunt assistance, troubleshooting, tool usage, documentation, and requests for information. One reachback instance equals one request submitted via customer portal from submission to resolution.

  • Hunt Collaboration:

    Our analysts leverage your IronDefense platform to work side-by- side with your security operations personnel to detect and mitigate threats identified in your network. Collaboration is conducted through chat communications, or through scheduled virtual sync sessions to provide product and hunt operations updates.

  • Custom Hunt Team Training:

    Introductory and advanced training for end-users on analytics, alerts, entity enrichment, hunting, and network defense techniques. Periodic on-site side-by-side hunt operations, threat identification techniques, and review of newly implemented product features.

  • IronNet Foundations Training:

    A two-day, in-person training course that is offered quarterly at an IronNet site. This class is focused on understanding threat hunting techniques using IronDefense and IronDome. Seats included with subscription can be used at any time during the subscription term.

The IronLens
Monthly CyOC Report

At IronNet, we believe Collective Defense can act as a force multiplier for those working behind the scenes at SOCs across sectors by collaborating in a real-time ecosystem. We publish a monthly report from the CyOC to highlight the cybersecurity threats that are being used to steal data and intellectual property and to compromise critical infrastructure and national security.