IronDefense: Your gateway to network detection and response

IronDefense is the industry’s most advanced network detection and response (NDR) platform built to stop the most sophisticated cyber threats. Gain unparalleled visibility. Empower your entire team. Make faster, smarter decisions.
IronNet-IronDefense-Desktop Dashboard Screen

Why Thomson Reuters chose IronDefense

Experience advanced network detection and response

As an advanced NDR tool, IronDefense improves visibility across the threat landscape while amplifying detection efficacy within your network environment. As a result, your SOC team can be more efficient and effective with existing cyber defense tools, resources, and analyst capacity.
IronDefense gives you:
IronNet-IronDefense-Complete Visibility

Complete visibility

Real-time insights across industry threatscapes, human insights to detect threats, and higher-order analysis of anomalies correlated across groups of peers via IronDome Collective Defense integration.
IronNet-IronDefense-Advanced Detection

Faster response

Advanced automation to apply response playbooks built by the nation's top defenders to prioritize detected alerts by risk and supplement limited cyber staff
IronNet-IronDefense-Advanced Behavioral Detection

Advanced behavioral detection

Advanced network behavioral analysis that leverages proven AI/ML and analytics used to defend highly secure networks, allowing the ability to scale up analysis to the largest enterprises.
"IronDefense detected threats six times better than our current stack of cyber tools."
- CISO, Top-10 Global Sovereign Wealth fund

A single, scalable solution
for every analyst

Empower every analyst across your team to become more efficient and more effective, today. From reducing alert fatigue to providing real-time threat intelligence sharing, IronDefense enables analysts to respond to even the most sophisticated threats targeting your enterprise.
IronNet-IronDefense-for SOC Analysts

For SOC analysts

Better prioritize threats and take action faster by leveraging a network of peer SOCs via IronDome
IronNet-IronDefense-Threat Hunters

For threat hunters

Hunt with speed and depth with full PCAP (depth) and fast search (breadth) across the enterprise
IronNet-IronDefense-for CISOs


Gain the ability to see around the corner and better use existing resources, planning for real, not theoretical, cyber risks

Extend your SOC with IronNet’s dedicated CyOC team

IronNet-Rule out false positives-Whitepaper Image
White paper

A practical way to rule out false positives

Learn how to achieve high-fidelity alerts using automated correlation-based detections.

Find the unknown

Cyber threats can be organized into three main categories: known knowns, known unknowns, and unknown unknowns. The techniques required to detect them generally become more advanced as they progress from known to unknown. Using behavioral analysis capabilities backed by Collective Defense, IronDefense enables your team to identify and mitigate threats across the entire threat spectrum. With IronDefense, no threat is too complex.
IronNet-IronDefense-Find the unknown

Why IronDefense?

IronNet-IronDefense-Advanced Behavioral Detection@2x

Superior behavioral detection

IronDefense uses proven analytics based on Machine Learning (ML) and Artificial Intelligence (AI) techniques used in real-world defense against sophisticated cyber criminals and nation-state-level threat actors.
IronNet-Iron Defense-Automated alert correlation and triage@2x

Automated alert correlation and triage

IronNet’s alert correlation engine models adversarial attack techniques and pre-correlates anomalous activity by threat categories to improve risk scoring and alert prioritization, dramatically reducing alert load and investigation time.
IronNet-Iron Defense-Extended hunt window@2x

Extended hunt window

IronNet offers 30-, 60-, and 90-day extended hunt support windows so analysts can:
  • Create a complete threat picture over time
  • Amplify alert decision-making
  • Prove the positive that the network is safe
IronNet-Iron Defense-Malicious payload detection@2x

Malicious payload detection

IronDefense can detect malicious payloads on your network through optional streaming analytics. These analytics are cross-referenced with a file reputation database to determine whether a payload is malicious.
IronNet-IronDefense-Real Time Visibility@2x

Real-time visibility across your threat landscape

IronDefense works with our IronDome Collective Defense solution to deliver dynamic, real-time visibility to threats targeting your supply-chain, industry, or region.

IronNet-IronDefense-Proven Expertise@2x

Proven expertise

IronNet partners with all our customers to deliver a personalized experience to help your security team plan, implement, integrate, and operate IronDefense. Our highly skilled industry experts with deep commercial, military, and intelligence experience will work with you every step of the way to deliver measurable improvements to detect network-based threats across your enterprise.

IronNet-IronDefense-End to End Visibility@2x

End-to-end visibility across hybrid and cloud environments

IronDefense leverages a broad range of cloud-deployed sensors for public/private cloud, virtual networks, and on-premise networks to help you secure your unique infrastructure, with the flexibility to accommodate your distributed teams.

How it works

IronDefense ingests north-south traffic at your network perimeter and east-west traffic within your enterprise to provide full visibility across your network and full insights at the individual session level with its continuous PCAP capture capability. IronDefense uses virtual/physical sensors and data collectors that can be deployed anywhere.
IronNet-How it works-Automated Correlation Engine
Press Release

New capabilities for our Collective Defense platform

Reduce false positives through automated alert correlation (including malicious payload detection) and extend your supported hunt window.

IronNet-Resource-Downloadable Cover-8 cybersecurity challenges and how to solve them
White Paper

Improve visibility of cyber threats

Network detection and response tools can detect threats that slip past endpoint detection tools and firewalls.

Ironnet gets high praise in my book for quality detections and an A+ for top notch program management.
- Global Head of Analytics, Threat Detection, and Insider Threat of a tier-one global financial institution

Enterprise network telemetry sources

It’s critical that enterprises have total visibility into their network at all times. Our Collective Defense products deliver advanced network telemetry capabilities which seamlessly collect, analyze, and correlate network activity from a variety of data sources.
IronNet-IronDefense-Telemetry Sources

Flexible pricing and packages that fit your business


$3 per employee
per month*

For organizations of all sizes that require advanced log-based behavioral detection and collective defense.

$6 per employee
per month*

For enterprises that require industry-leading network detection and response, collective defense, and reporting use cases.

$9 per employee
per month*

For large enterprises with high data volume, multiple network detection use cases that require industry-leading network detection and response, collective defense, reporting, cyber hunt, and enhanced services.

IronNet’s remote
Proof of Value (POV) program

Thinking about IronDefense advanced threat protection? The proof is within reach, regardless of your industry or company size. A 30-day, remote IronDefense POV will give your organization insights into how IronDefense can improve your cyber defenses in your unique enterprise environment. Explore our Proof of Value Timeline to see how you’ll benefit.
IronNet-IronDefense-POV Program

On-demand demo

Discover the power of IronDefense, the industry’s most advanced network detection and response (NDR) product. Walk through a use case to learn more about product features and the Collective Defense approach. Start your on-demand demo now.