IronNet’s latest NDR updates provide broader visibility of cyber threats

IronNet enhances its network detection and response (NDR) solution, IronDefense, enabling early visibility of unknown cyber threats that have slipped past endpoint and firewall detection and entered the network, whether on-premises or in the cloud.

With IronNet’s latest NDR updates, Security Operations Center (SOC) analysts can use IronDefense to detect VPN abuse such as high failed logins, password spray, and suspicious login times, any of which may be indicative of a brute force attack or unauthorized access attempts. Additional analytics updates enable detection of ongoing patterns of both fixed-interval and randomized-timing beacon activity as well as the detection of DNS tunnels using advanced encoding techniques being leveraged by attackers.

“We strive always to integrate best-in-class behavioral analytics to stay ahead of ever-changing tactics, techniques, and procedures (TTP) used by both nation-state adversaries and cyber-criminal organizations. Our goal is to deliver enhanced, broad, and early visibility of threats on enterprise networks–well before business impact,” said Raj Sivasankar, IronNet Vice President of Product Management.

The IronNet product team also has evolved IronDefense’s ease of use. Specifically, new sensors can now be auto-commissioned and auto-upgraded without requiring interaction from the SOC staff. From an ecosystem perspective, IronDefense enables customers using SentinelOne endpoint detection and response (EDR) to create and update network inventory as well as isolate a device in a SentinelOne-deployed network remotely from the Entity page in the IronDefense user interface. Similar capability exists for CarbonBlack and Crowdstrike endpoints.

IronNet continues to empower security teams to do more with fewer resources, especially as organizations struggle to find the level of security talent needed to secure the network against both advanced and less sophisticated cyber attacks. The IronDefense product updates, suitable for organizations with more cyber-mature teams, complement IronNet’s new proactive command and control (C2) threat intel feed, IronRadar.

Developed by IronNet’s team of elite threat hunters, IronRadar scours the internet fingerprinting servers to determine whether they are C2 infrastructure while being stood up, even before a cyber attack, such as ransomware, is initiated.

Available now on AWS Marketplace for a free 14-day trial, IronRadar allows organizations with less sophisticated cybersecurity infrastructure to proactively and automatically update their existing cybersecurity tools to be able to block suspicious and malicious indicators of adversary infrastructure as they are being set up.

IronNet’s advanced threat detection technology and proactive threat intelligence allow the IronNet Collective DefenseSM platform, powered by AWS, to serve as an early warning system for all companies and organizations participating in IronNet’s shared defense approach to cybersecurity.

Bridge loan financing from C5 Capital

IronNet also announced it has received a loan from an affiliated fund of existing stockholder C5 Capital Limited (C5) in the amount of $2 million. The terms of the loan from C5 are substantially similar to those of the loans from certain of IronNet’s directors and another lender in the aggregate principal amount of $6.9 million that were previously announced on December 20, 2022. The loan from C5 bears interest at an annual rate of 13.8% and has a maturity date of June 30, 2023.

The promissory note issued to C5 is secured by substantially all of the assets of the Company, excluding the Company’s intellectual property, pursuant to the terms of a security agreement entered into in conjunction with the promissory note. The Company, C5 and the previous lenders intend to amend and restate their promissory notes and security agreements to make certain adjustments so that all lenders have identical loan documents.

Share this