Collective Defense Platform

When organizations collaborate to detect, share intelligence, and stop threats together in real time, they form a Collective Defense community. Discover how IronNet's Collective Defense platform – built on our IronDome and IronDefense products – enables organizations to realize the full benefits of this approach.
Group 287
A year in review

Get IronNet’s 2022 Annual Threat Report

Look back at the most impactful events and trends in cybersecurity in 2022 and our predictions for 2023.

Collective Defense
in 3 minutes

The IronNet Collective Defense Platform leverages advanced AI-driven Network Detection and Response (NDR) capabilities to detect and prioritize anomalous activity inside individual enterprise network environments. The platform analyzes threat detections across the community to identify broad attack patterns and provides anonymized intelligence back to all community members in real time, giving all members early insight into potential incoming attacks. See Collective Defense in action.

The value proposition associated with the Dome is not just about Con Edison. It’s about the entire sector — and other sectors — that are at risk from a cyberattack. Understanding what’s going on in those networks compared to ours makes us collectively stronger and better able to mitigate those risks.

- Manny Cancel,
former VP and CIO of CON Edison
Collective Defense for Unlimited Technology
- David Lathrop,
VP of the Utility Strategic Business Unit
IronNet-How it works-Automated Correlation Engine
Press Release

Prove the positive

Confirm your enterprise network is safe from cyber attacks with our automated alert correlation engine with “CODE-ified” human intelligence.

Our products



The industry's most advanced network detection and response built to detect a broad range of both known and novel cyber threats.


The first automated cyber defense solution that securely delivers threat knowledge and intelligence across industries at mission speed.
IronNet-Resource-Downloadable Cover-Collective Defense

Collective Defense:
A radar-like view of cyber threats

Collective Defense is the ability for organizations — comprising a sector, supply chain, or country — to share threat intelligence securely and in real time, providing all members an early warning system about potential incoming attacks. Discover the benefits of this new approach to cybersecurity.

Integration with existing tools

Our products integrate easily with existing cybersecurity tools and sources of telemetry data to provide greater visibility, more robust detection, and faster triage and response from a single pane of glass.
IronNet-Collective Defense Platform-Integration Diagram

How we compare

Deployments: Performance & Deployments

Max Analytical Throughout

Max Sensor Ingest (per Sensor)



Network Detection & Response

Behavioral Analysis

AI/ML Approach

Encrypted Traffic

Forensics (PCAP)


Traditional Threat Intel

Advanced Threat Research

Real-Time Collective Intelligence

Subscription Services

SOC Triage Insights Sharing

Behavioral Threat Sharing

Real-Time Industry Visibility

Custom Supply Chain Sharing

Optional 1-Way
Government Sharing

Professional & Support Services

Deployment &
Installation Services

Cyber Hunt Services

3rd Party Services

Cyber Advisory Services

Access to SME Experts


50+ Gbps

Up to 10+ Gbps flow
with Full-PCAP

Hardware, Cloud , VM

Public Cloud, Private Cloud,

Behavioral Analysis backed by
Expert System

Supervised, Unsupervised, &
Deep Learning

Behavioral Analysis, JA3



IronNet IronDome TIRs, 3rd Party,
Client Custom Feeds

IronNet Detection
Threat Research



IronNet CyOC

Accenture, Raytheon or client
existing MSSPs

IronNet Customer Success or selected
highly trained SI/MDR partner

Yes, highly-trained staff of ex-NSA,
DoD, and commercial cyber experts


~5 Gbps

Up to 6 Gbps flow with
minimal PCAP

Hardware, Cloud , VM

Public Cloud, On-Premise

Outlier Anomaly Detection

Mostly Outlier Detection,
Bayesian Analysis



TCP Reset (aka Antigena), EDR, Firewall

Existing regional MSSPs

Customer’s existing
MSSP/MDR partners

Not Rated

Up to 20 Gbps Flow &
minimal PCAP

Hardware, Cloud , VM

Public Cloud, On-Premise

Behavioral Detection

Supervised, Unsupervised,
& Deep Learning

Behavioral Analysis, JA3



3rd Party Feeds

Existing regional MSSPs, MDRs

Customer’s existing
MSSP/MDR partners


Up to 100 Gbps Flow &

Public Cloud, On-Premise

Hardware, Cloud , VM

Public Cloud, Private Cloud,

Network Performance
Monitoring-based Analysis

Supervised, Unsupervised,
& Deep Learning

Full SSL/TLS Decrypt



3rd Party Feeds


Customer’s existing
MSSP/MDR partners

Basic Security Assessments Only


Not Rated

Up to 20 Gbps flow only

Hardware, Cloud , VM

Public Cloud, On-Premise

Netflow Analysis

Supervised, Unsupervised

Behavioral Analysis, JA3

Cisco Specific SIEM, SOAR,
EDR, FIrewall

Cisco Talos, 3rd Party,
Client Custom

Cisco Talos

Cisco Advisory Services

Major SIs, MSSP/MDR Partners

Cisco Advisory Services,
or MSSP/MDR Partners

Cisco Advisory & Talos Intel

Request a demo

Ready to stop complex threats with the help of a network of peers? Strengthen your cybersecurity proactively with Collective Defense. Contact our team to schedule your platform demo today.