Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

4/15/2020
10:50 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

IronNet Enhances Platform with Innovative Threat Landscape Visualization to Operationalize Collective Defense

Fulton, MD., April 14, 2020 – IronNet Cybersecurity, the leading provider of Collective Defense and network behavioral analysis for companies and industries, today announced new threat landscape visualizations and technological ecosystem enhancements to IronDome,  dramatically increasing the visibility, detection, and response capabilities of organizations when defending against sophisticated cyber threats.

With a new, highly visual interface that can animate malicious and suspicious cyber anomalies as they are correlated across multiple IronDome members, the new IronDome Detection Correlation Dashboard improves SOC teams’ abilities to see attacks that are targeting their community, prioritize the most urgent threats, understand how other security teams have responded, and optimize their defenses more proactively.

“Bad actors share information in real time better than legitimate organizations, but IronNet is out to change that equation,” said Paula Musich, Research Director, EMA. “The company’s unique Collective Defense capability enables defenders to quickly and anonymously share newly discovered behaviors that indicate a potential compromise among subscribers in a given industry, helping all members better defend against that threat. By enabling this collaboration at scale, IronNet brings the big picture of attack campaigns into better focus.”

Additional capabilities becoming available as part of this release enable customers to take unknown and hard-to-detect threats identified by IronDefense behavioral analytics and share those insights with Collective Defense members as known threats, allowing all members to identify and mitigate similar threats more quickly.

These new capabilities are paired with new technology partner integrations to enable faster sharing of IronDefense behavioral detections and IronDome community knowledge with existing cyber security tools, including:

  • Security Information & Event Management (SIEM) tool integrations, which allow security teams to easily integrate IronDefense and IronDome detections into their existing Splunk, QRadar, or other SIEM tools for seamless triage and response.
  • Security Orchestration Automation and Response (SOAR) integrations, which enable security teams to develop automatic response playbooks using their existing Palo Alto, Demisto, Swimlane, or other SOAR tools.
  • Amazon Web Services (AWS) IronDefense sensor, which expands network behavioral analysis and IronDome Collective Defense to the monitoring of AWS Virtual Private Cloud (VPC).
  • VMWare IronDefense sensor, which expands network behavioral analysis and IronDome Collective Defense to enterprise private clouds and virtual networks.
  • SAML 2.0 integration, which enables security teams to leverage their existing Identity and Access Management (IAM) solution to secure their IronDefense deployments.

“Giving our customers the ability to visualize the threat landscape across organizations and industries is core to our Collective Defense mission,” said Don Closser, IronNet’s Chief Product Officer. “In addition to launching a market-leading UI, this release was driven by the desire to allow our customers to maximize their current technology investments and streamline their cyber ecosystems.”

The Collective Defense platform, powered by IronDome, allows organizations of all sizes to share threat data anonymously, at network speed, to increase visibility into incoming cyber attacks. Combined with behavior-based analytics at the network level that detect anomalous activity at individual enterprises, Collective Defense allows customers to leverage a wider pool of cybersecurity expertise, threat visibility, and higher order behavioral analysis to detect and respond to sophisticated threats that evade traditional cyber security tools.

About IronNet

Founded in 2014 by GEN (Ret.) Keith Alexander, IronNet Cybersecurity is a global cybersecurity leader that is revolutionizing how organizations secure their networks by delivering the first-ever Collective Defense platform operating at scale. Employing an extraordinarily high percentage of former NSA cybersecurity operators with offensive and defensive cyber experience, IronNet integrates deep tradecraft knowledge into its industry-leading products to solve the most challenging cyber problems facing the world today.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...