● increasing alert fidelity by automatically correlating patterns of suspicious behavior across the attack kill chain, bringing to surface malicious threats that would have gone unnoticed based on a single indicator
● protecting managed and unmanaged devices from malware, ransomware, and advanced persistent threats (APTs)
● enabling timeline analysis of APTs and pattern-of-life threat-type investigations over extended time windows for threat hunting
These capabilities give companies and organizations more timely and relevant detections for faster response to network attacks before business value is lost. As the current Russia-Ukraine situation demonstrates, the ability to prove the positive is essential, especially when the threat of cyber warfare places the financial and energy sectors at great risk. Nation-state cyber attacks have doubled over the last three years, and highly organized cyber criminal groups are increasingly backed by nation-states. At the same time, alert overload and a severe talent shortage continue to plague companies and organizations. McKinsey recently noted that 60% of enterprise-level SOC analysts analyze and triage less than 40% of their enterprises’ log data. Malicious threats are going undetected and/or uninvestigated.
The IronNet Collective Defense platform addresses these challenges by allowing companies and organizations to prove the safety and health of the network through correlated alerting, automated triage, and extended hunt support. The new threat engine improves alert fidelity and analyst workflow by enhancing risk scoring and alert prioritization, resulting in significantly reduced alert loads and investigation time.
"IronNet's goal is to use best-in-class behavioral analytics to make existing tools smarter by converting data from information into actionable insights, focusing on unknown threats that signature-based detection tools often miss. Along with leveraging IronNet's ability to enable real-time threat sharing in a Collective Defense Community, SOC analysts can better address the long-standing problem of having to manage too many false positives," said Dean Teffer, PhD, IronNet Vice President of Detection and Analytics.
Sharper tools for hunting APTs as they hide in and move across the network
The additional platform enhancements also improve threat hunting by providing integrated malware and ransomware detection based on automated analysis of payloads as they traverse the network. These detections protect managed and unmanaged devices (e.g., OT and IoT) from ransomware and malware.
The platform’s hunt panel now features extended hunt, expanding the investigation window to 30, 60, and 90 days (per individual customer service level agreement) over metadata and the associated packet capture (PCAP) data. This capability offers IronNet customers a fully integrated hunt platform designed for easy pivoting from an isolated alert down to the metadata and full PCAP associated with that alert, providing more time to respond and triage based on longer-term historical analysis and historical context.
“Nation-states are wielding cyber as an element of national power. At IronNet, we are committed to our mission of ensuring that companies and organizations across the private and public sectors have the best technological capabilities at hand to defend their networks from the impact of cyber warfare, intellectual property theft, ransomware attacks, malicious system control, and other consequences of cyber attacks,” stated General (Ret.) Keith Alexander, IronNet Founder and Co-CEO.
This press release includes “forward-looking statements” within the meaning of the “safe harbor” provisions of the United States Private Securities Litigation Reform Act of 1995, including, without limitation, statements regarding IronNet’s ability to strengthen the security profiles of its customers and partners. When used in this press release, the words “estimates,” “projected,” “expects,” “anticipates,” “forecasts,” “plans,” “intends,” “believes,” “seeks,” “may,” “will,” “should,” “future,” “propose” and variations of these words or similar expressions (or the negative versions of such words or expressions) are intended to identify forward-looking statements. These forward-looking statements are not guarantees of future performance, conditions or results, and involve a number of known and unknown risks, uncertainties, assumptions and other important factors, many of which are outside IronNet’s management’s control, that could cause actual results or outcomes to differ materially from those discussed in the forward-looking statements. Important factors, among others, that may affect actual results or outcomes include: IronNet’s inability to recognize the anticipated benefits of collaborations with IronNet’s partners and customers; IronNet’s ability to execute on its plans to develop and market new products and the timing of these development programs; the rate and degree of market acceptance of IronNet’s products; the success of other competing technologies that may become available; IronNet’s ability to identify and integrate acquisitions; the performance of IronNet’s products; potential litigation involving IronNet; and general economic and market conditions impacting demand for IronNet’s products. The foregoing list of factors is not exhaustive. You should carefully consider the foregoing factors and the other risks and uncertainties described under the heading “Risk Factors” in IronNet’s registration statement declared effective by the Securities and Exchange Commission (the “SEC”) on September 30, 2021 and other documents that IronNet has filed or will file with the SEC. These filings identify and address other important risks and uncertainties that could cause actual events and results to differ materially from those contained in the forward-looking statements. Forward-looking statements speak only as of the date they are made. Readers are cautioned not to put undue reliance on forward-looking statements, and IronNet does not undertake any obligation to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise, except as required by law.