Collective Defense Platform

When organizations collaborate to detect, share intelligence, and stop threats together in real time, they form a Collective Defense community. Discover how IronNet's Collective Defense platform – built on our IronDome and IronDefense products – enables organizations to realize the full benefits of this approach.

Collective Defense
in 3 minutes

The IronNet Collective Defense Platform leverages advanced AI-driven Network Detection and Response (NDR) capabilities to detect and prioritize anomalous activity inside individual enterprise network environments. The platform analyzes threat detections across the community to identify broad attack patterns and provides anonymized intelligence back to all community members in real time, giving all members early insight into potential incoming attacks. See Collective Defense in action.

The value proposition associated with the Dome is not just about Con Edison. It’s about the entire sector — and other sectors — that are at risk from a cyberattack. Understanding what’s going on in those networks compared to ours makes us collectively stronger and better able to mitigate those risks.

- Manny Cancel,
former VP and CIO of CON Edison
Collective Defense for Unlimited Technology
IronNet-David-Lathrop-Testimonial
- David Lathrop,
VP of the Utility Strategic Business Unit

Our products

IronDefense

IronDefense

The industry's most advanced network detection and response built to detect a broad range of both known and novel cyber threats.
IronDome

IronDome

The first automated cyber defense solution that securely delivers threat knowledge and intelligence across industries at mission speed.
IronNet-Resource-Downloadable Cover-Collective Defense
EBOOK

Collective Defense:
A radar-like view of cyber threats

Collective Defense is the ability for organizations — comprising a sector, supply chain, or country — to share threat intelligence securely and in real time, providing all members an early warning system about potential incoming attacks. Discover the benefits of this new approach to cybersecurity.

Integration with existing tools

Our products integrate easily with existing cybersecurity tools and sources of telemetry data to provide greater visibility, more robust detection, and faster triage and response from a single pane of glass.
IronNet-Collective Defense Platform-Integration Diagram

How we compare

Deployments: Performance & Deployments

Max Analytical Throughout

Max Sensor Ingest (per Sensor)

Sensor

Cloud

Network Detection & Response

Behavioral Analysis

AI/ML Approach

Encrypted Traffic

Forensics (PCAP)

Response

Traditional Threat Intel
Integration

Advanced Threat Research

Real-Time Collective Intelligence

Subscription Services

SOC Triage Insights Sharing

Behavioral Threat Sharing

Real-Time Industry Visibility

Custom Supply Chain Sharing

Optional 1-Way
Government Sharing

Professional & Support Services

Deployment &
Installation Services

Cyber Hunt Services

3rd Party Services

Cyber Advisory Services

Access to SME Experts

50+ Gbps

Up to 10+ Gbps flow
with Full-PCAP

Hardware, Cloud , VM

Public Cloud, Private Cloud,
On-Premise

Behavioral Analysis backed by
Expert System

Supervised, Unsupervised, &
Deep Learning

Behavioral Analysis, JA3

Continuous

SIEM, SOAR, EDR, Firewall/NAC

IronNet IronDome TIRs, 3rd Party,
Client Custom Feeds

IronNet Detection
Threat Research

IronDome

(Opt-in)

IronNet CyOC

Accenture, Raytheon or client
existing MSSPs

IronNet Customer Success or selected
highly trained SI/MDR partner

Yes, highly-trained staff of ex-NSA,
DoD, and commercial cyber experts

DarkTrace

~5 Gbps

Up to 6 Gbps flow with
minimal PCAP

Hardware, Cloud , VM

Public Cloud, On-Premise

Outlier Anomaly Detection

Mostly Outlier Detection,
Bayesian Analysis

JA3

Limited

TCP Reset (aka Antigena), EDR, Firewall

Existing regional MSSPs

Customer’s existing
MSSP/MDR parter

Vectra.ai

Not Rated

Up to 20 Gbps Flow &
minimal PCAP

Hardware, Cloud , VM

Public Cloud, On-Premise

Behavioral Detection

Supervised, Unsupervised,
& Deep Learning

Behavioral Analysis, JA3

Limited

SIEM, SOAR, EDR, Firewall/NAC

3rd Party Feeds

Existing regional MSSPs, MDRs

Customer’s existing
MSSP/MDR parter

ExtraHop

Up to 100 Gbps Flow &
Full-PCAP

Public Cloud, On-Premise

Hardware, Cloud , VM

Public Cloud, Private Cloud,
On-Premise

Network Performance
Monitoring-based Analysis

Supervised, Unsupervised,
& Deep Learning

Full SSL/TLS Decrypt

Continuous

SIEM, SOAR, EDR

3rd Party Feeds

MSSPs, MDRs

Customer’s existing
MSSP/MDR parter

Basic Security Assessments Only

Cisco

Not Rated

Up to 20 Gbps flow only

Hardware, Cloud , VM

Public Cloud, On-Premise

Netflow Analysis

Supervised, Unsupervised

Behavioral Analysis, JA3

Cisco Specific SIEM, SOAR,
EDR, FIrewall

Cisco Talos, 3rd Party,
Client Custom

Cisco Talos

Cisco Advisory Services

Major SIs, MSSP/MDR Partners

Cisco Advisory Services,
or MSSP/MDR Partners

Cisco Advisory & Talos Intel

Request a demo

Ready to stop complex threats with the help of a network of peers? Strengthen your cybersecurity proactively with Collective Defense. Contact our team to schedule your platform demo today.