SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
IronNet releases advanced capabilities for NDR solution
Fri, 6th Jan 2023
FYI, this story is more than a year old

IronNet has announced enhanced capabilities of its network detection and response (NDR) solution, IronDefense.

Recognised with the highest possible rating for Enterprise Advanced Security NDR Detection by SE Labs, IronDefense enables advanced and early visibility of unknown cyber threats that have slipped past endpoint and firewall detection and entered the network, whether on-premises or in the cloud, the company states.

With IronNet’s latest NDR updates, Security Operations Center (SOC) analysts can use IronDefense to detect VPN abuse such as high failed logins, password spray, and suspicious login times, any of which may be indicative of a brute force attack or unauthorised access attempts.

Additional analytics updates enable detection of ongoing patterns of both fixed-interval and randomised-timing beacon activity as well as the detection of DNS tunnels using advanced encoding techniques being leveraged by attackers, IronNet states.

Raj Sivasankar, IronNet Vice President of Product Management, says, "We strive always to integrate best-in-class behavioural analytics to stay ahead of ever-changing tactics, techniques, and procedures (TTP) used by both nation-state adversaries and cyber criminal organisations. Our goal is to deliver enhanced, broad, and early visibility of threats on enterprise networks – well before business impact."

The IronNet product team also has evolved IronDefense’s ease of use. Specifically, new sensors can now be auto-commissioned and auto-upgraded without requiring interaction from the SOC staff.

From an ecosystem perspective, IronDefense enables customers using SentinelOne endpoint detection and response (EDR) to create and update network inventory as well as isolate a device in a SentinelOne-deployed network remotely from the Entity page in the IronDefense user interface.

Similar capability exists for CarbonBlack and Crowdstrike endpoints. IronNet continues to enable security teams to do more with fewer resources, especially as organisations struggle to find the level of security talent needed to secure the network against both advanced and less sophisticated cyber attacks.

The IronDefense product updates, suitable for organisations with more cyber-mature teams, complement IronNet’s new proactive command and control (C2) threat intel feed, IronRadarSM, the company states.

Developed by IronNet’s team of elite threat hunters, IronRadar scours the internet fingerprinting servers to determine whether they are C2 infrastructure while being stood up, even before a cyber attack, such as ransomware, is initiated.

Available now on AWS Marketplace for a free 14-day trial, IronRadar allows organisations with less sophisticated cybersecurity infrastructure to proactively and automatically update their existing cybersecurity tools to be able to block suspicious and malicious indicators of adversary infrastructure as they are being set up.

IronNet’s advanced threat detection technology and proactive threat intelligence allow the IronNet Collective DefenseSM platform, powered by AWS, to serve as an early warning system for all companies and organisations participating in IronNet’s shared defence approach to cybersecurity.

In addition to the above, IronNet also announced it has received a loan from an affiliated fund of existing stockholder C5 Capital Limited (C5) in the amount of $2 million.

The terms of the loan from C5 are substantially similar to those of the loans from certain of IronNet’s directors and another lender in the aggregate principal amount of $6.9 million that were previously announced on December 20, 2022.

The loan from C5 bears interest at an annual rate of 13.8% and has a maturity date of June 30, 2023. The promissory note issued to C5 is secured by substantially all of the assets of the Company, excluding the Company’s intellectual property, pursuant to the terms of a security agreement entered into in conjunction with the promissory note.

The Company, C5 and the previous lenders intend to amend and restate their promissory notes and security agreements to make certain adjustments so that all lenders have identical loan documents.