Collective Defense Platform

When organizations collaborate to share intelligence, hunt, identify, and stop threats together, they form a Collective Defense. Discover how our Collective Defense platform – based around our IronDome and IronDefense products – enables organizations to realize the full benefits of this collective defense approach.

Collective Defense
in 3 minutes

The IronNet Collective Defense Platform leverages advanced network detection and response capabilities, behavioral analytics, along with threat intelligence and alert sharing to give organizations deeper insight into their own network, enhanced by the insights and experience of peers across their industry and beyond. See collective defense in action.
The value proposition associated with the Dome is not just about Con Edison. It’s about the entire sector — and other sectors — that are at risk from a cyberattack. Understanding what’s going on in those networks compared to ours makes us collectively stronger and better able to mitigate those risks.

— Manny Cancel,
former VP and CIO of Con Edison

Our products

IronDefense

IronDefense

The industry's most advanced network detection and response build to stop the most sophisticated cyber threats.
IronDome

IronDome

The first automated cyber defense solution that securely delivers threat knowledge and intelligence across industries at mission speed.
Digital Detect

Digital Detect

Maximize your digital marketing effectiveness and efficiency with advanced ad fraud detection.
IronNet-Collective-Defense-Case-for-Collective-Defense
EBOOK

Stronger as one:
The case for Collective Defense

An increase in collaboration and capabilities among threat actors has put companies in a position where they no longer can work alone on cyber defense. Learn how organizations can defend together.

Integration with existing tools

Our products integrate easily with existing tools, including SOAR and SIEM, and find more credible threats to improve effectiveness and efficiency of existing security infrastructure.
IronNet-Collective-Defense-Integration-Existing-Tools

How we compare

Deployments: Performance & Deployments

Max Analytical Throughout

Max Sensor Ingest (per Sensor)

Sensor

Cloud

Network Detection & Response

Behavioral Analysis

AI/ML Approach

Encrypted Traffic

Forensics (PCAP)

Response

Traditional Threat Intel
Integration

Advanced Threat Research

Real-Time Collective Intelligence

Subscription Services

SOC Triage Insights Sharing

Behavioral Threat Sharing

Real-Time Industry Visibility

Custom Supply Chain Sharing

Optional 1-Way
Government Sharing

Professional & Support Services

Deployment &
Installation Services

Cyber Hunt Services

3rd Party Services

Cyber Advisory Services

Access to SME Experts

50+ Gbps

Up to 10+ Gbps flow
with Full-PCAP

Hardware, Cloud , VM

Public Cloud, Private Cloud,
On-Premise

Behavioral Analysis backed by
Expert System

Supervised, Unsupervised, &
Deep Learning

Behavioral Analysis, JA3

Continuous

SIEM, SOAR, EDR, Firewall/NAC

IronNet IronDome TIRs, 3rd Party,
Client Custom Feeds

IronNet Detection
Threat Research

IronDome

(Opt-in)

IronNet CyOC

Accenture, Raytheon or client
existing MSSPs

IronNet Customer Success or selected
highly trained SI/MDR partner

Yes, highly-trained staff of ex-NSA,
DoD, and commercial cyber experts

DarkTrace

~5 Gbps

Up to 6 Gbps flow with
minimal PCAP

Hardware, Cloud , VM

Public Cloud, On-Premise

Outlier Anomaly Detection

Mostly Outlier Detection,
Bayesian Analysis

JA3

Limited

TCP Reset (aka Antigena)

Existing regional MSSPs

Customer’s existing
MSSP/MDR parter

VectraTM

Not Rated

Up to 20 Gbps Flow &
minimal PCAP

Hardware, Cloud , VM

Public Cloud, On-Premise

Behavioral Detection

Supervised, Unsupervised,
& Deep Learning

Behavioral Analysis, JA3

Limited

SIEM, SOAR, EDR, Firewall/NAC

3rd Party Feeds

Existing regional MSSPs, MDRs

Customer’s existing
MSSP/MDR parter

ExtraHop

Up to 100 Gbps Flow &
Full-PCAP

Public Cloud, On-Premise

Hardware, Cloud , VM

Public Cloud, Private Cloud,
On-Premise

Network Performance
Monitoring-based Analysis

Supervised, Unsupervised,
& Deep Learning

Full SSL/TLS Decrypt

Continuous

SIEM, SOAR, EDR

3rd Party Feeds

MSSPs, MDRs

Customer’s existing
MSSP/MDR parter

Basic Security Assessments Only

Cisco

Not Rated

Up to 20 Gbps flow only

Hardware, Cloud , VM

Public Cloud, On-Premise

Netflow Analysis

Supervised, Unsupervised

Behavioral Analysis, JA3

Cisco Specific SIEM, SOAR,
EDR, FIrewall

Cisco Talos, 3rd Party,
Client Custom

Cisco Talos

Cisco Advisory Services

Major SIs, MSSP/MDR Partners

Cisco Advisory Services,
or MSSP/MDR Partners

Cisco Advisory & Talos Intel

Request a demo

Ready to stop complex threats with the help of a network of peers? Strengthen your cybersecurity proactively with Collective Defense. Contact our team to schedule your platform demo today.