Proving the promise
of Collective Defense

Unique threat detections. World-class technology and services. A meaningful mission. Our customers and partners recognize the unique value that Collective Defense
brings to cybersecurity — and industry analysts are praising the paradigm shift.

Bank Midwest Logo
community banks logo
Hillcrest Bank logo
Southern Company Logo

What customers and analysts are saying



“As we work with IronNet and our other partners, I look forward to more international companies joining us in the spirit of Collective give companies more situational awareness of what’s happening around the globe and address threats collectively.”

– Tom Wilson, VP and CISO, Southern Company

Read the case study

"One of the best things about the company is the talent. I think it has the right mix of execution, the right culture. They’re incredibly engaging, and very outcome oriented....We very much appreciate the partnership as well as the focus on execution." 

— Richard Puckett, former VP Security Operations, Strategy & Architecture, Thomson Reuters



“The value proposition associated with the Dome is not just about Con Edison. It’s about the entire sector — and other sectors — that are at risk from a cyberattack. Understanding what’s going on in those networks compared to ours makes us collectively stronger and better able to mitigate those risks.”

— Manny Cancel, former VP and CIO of Con Edison


  • "Enterprises should strongly consider NDR solutions to complement signature-based tools and network sandboxes. Many Gartner clients have reported that NDR tools have detected suspicious network traffic that other perimeter security tools had missed."

    (IronNet Named as a Representative Vendor for Network Detection & Response) Gartner Market Guide for Network Detection & Response, June 2020
  • "IronNet’s unique Collective Defense capability enables defenders to quickly and anonymously share newly discovered behaviors that indicate a potential compromise among subscribers in a given industry, helping all members better defend against that threat. By enabling this collaboration at scale, IronNet brings the big picture of attack campaigns into better focus."

    Paula Musich, Research Director, EMA
  • "Protecting critical infrastructure is no longer a private sector concern, but a national security imperative. We know malicious actors seek to disrupt global economies through attacks on technology systems that keep our lights on, food supplies safe and militaries prepared. Our partnership with IronNet offers the integration of advanced cyber products and operations experience to the global market."

    John DeSimone, vice president of Cybersecurity and Special Missions at Raytheon Intelligence, Information and Services
  • "The concept of IronDome is unique – grouping data from companies related by vertical industry or infrastructure profile, focusing machine learning on those data sets to detect threats, and then communicating the derived intelligence to subscribers, allowing for preventive actions. For us, IronDome is where it gets exciting. Residing in Amazon Web Services, IronDome correlates observed behaviors across multiple companies on the prowl for spreading attacks. Competitors may upload traffic to apply analytics, but IronNet is unique in processing vertical industry views to catch campaigns against an infrastructure segment."

    451 Research, April 2019
  • “We renewed and expanded the IronDefense solution as a result of the increased precision of analytics, proactive hunt team support, partnership with our Customer Success team, and the capability to crowdsource tools, resources, and expertise across our peers through IronDome's collective defense offering. We believe IronNet is the next big thing in cyber.”

    Senior Security Director at a large US-based banking institution
  • "IronNet’s IronDome industry-specific, anonymous collective defense collaboration software-as-a- service (SaaS) system for real-time threat sharing is unique in the industry, offering the first viable solution for realizing General Alexander’s vision of enabling improved cybersecurity across numerous organizations through collective defense."

    Omdia On the Radar report, June 2020
  • “We have fully bought into the vision of Collective Defense and want to see IronNet succeed in achieving this vital goal for our sector and the nation.”

    CISO at a U.S. based utilities company
  • “The IronNet team’s real-world experience combating the toughest cyber threats is simply unparalleled … their contributions to helping our company protect our customers’ data have been invaluable.”

    Vadim B., VP of Technology at a national mortgage lender

Protecting our customers against
sophisticated cyber attacks. Every day.

“You detected threats six times better than our current stack of cyber tools.”
- CISO from a global investment organization

  • icon_crosshair

    Collective defense detection of Magecart activity

    Collective defense detection of Magecart activity

    Malicious activity associated with a Magecart credit card skimming attack was detected within an IronDome Collective Defense community. This threat insight was immediately shared to all IronDome participants, resulting in the confirmed detection of similar malicious activity at a large energy company that had been undetected until that point.

  • icon_networking

    Detecting Emotet Trojan on BYOD devices entering the corporate network

    Detecting Emotet Trojan on BYOD devices entering the corporate network

    IronDefense detected a large amount of anomalous DNS activity leaving a customer network, which generated a high-severity alert. After analyzing the detections, IronNet hunters immediately notified the customer SOC. The customer confirmed the activity and attributed it to a third-party vendor with access to the corporate domain through a guest network. While investigating the threat, the vendor reported that at least three different strains of malware had been discovered on the host. IronDefense was the only software to detect this threat and delivered the notification within 3 hours -- well below industry norms. 

  • icon_target

    Detecting surveillance spyware in the data center of major media company

    Detecting surveillance spyware in the data center of major media company

    A high-severity TLS Invalid Cert Chain alert led to discovery of a personal device with Totok installed, a suspected foreign surveillance tool, connected to the customer’s data center network. IronNet detected the activity based on behavioral characteristics even though it was encrypted — without having to decrypt the traffic. Previously undetected, the mitigation of this attack helped the organization protect the privacy of the client’s customers, employees and media sources. Sharing within IronDome helped other customers avoid a similar threat. 

  • icon_chat

    Identifying post-click phishing credential theft against numerous customers

    Identifying post-click phishing credential theft against numerous customers

    Undetected by a customer’s other cyber tools, a phishing attack was identified by IronDefense’s behavior-based phishing detection analytics. IronNet hunters were able to track the attack down within 24 hours of the user entering their corporate username and password, avoiding further exposure for the company.

  • icon_stop

    Detecting red-team operations against a Fortune 500 pharma company that evaded every other security tool

    Detecting red-team operations against a Fortune 500 pharma company that evaded every other security tool

    IronDefense alerted on DNS Tunneling behavior in a customer’s network. Even though the domain in question looked like a legitimate banking site, IronNet hunters investigated and identified it within 1.5 hours as a notoriously difficult-to-detect Cobalt Strike attack. Part of an internal red teaming activity, none of the customer’s other tools detected it.

  • icon_warning

    Identifying security gaps in corporate defenses

    Identifying security gaps in corporate defenses

    In a cyber threat emulation (CTE) for a global investment organization with 35 portfolio companies, IronNet detected 80% more of the known signature-based malware threatening the company's network than the company's existing detection tools. IronNet also detected 13 additional unknown, behavior-based threats that the company was unaware of. Four of those were correlated in IronDome, meaning the company would have received advanced, real-time alerts notifying them of these unknown threats sooner than traditional means. 

Why not join them?

Contribute to, and benefit from, the power of Collective Defense.

Learn more about how IronDefense and IronDome can make you stronger today.