Introducing illusive’s new mitigation solution, now enabling you to detect and block APTs automatically at the moment they occur.
Combining illusive with Cisco ISE & pxGrid unlocks the unrivaled capability to detect attacks and automatically mitigate them in real time. This powerful combination gives users a complete end-to-end solution to eliminate advanced threats.
To integrate with any SIEM tool, illusive sends data via the CEF/Syslog protocol.
Integrating illusive with HP ArcSight log & event management solution creates a strong bi-directional relationship. illusive feeds ArcSight reliable, real-time data such as incident reports and high fidelity alerts, while ArcSight makes its database available to illusive so it may enrich its threat forensics. With this integration, customers benefit from a more complete, actionable perspective on activities in the system.
The integration between illusive and Splunk’s SIEM and log managements solutions allows illusive to obtain rich data that empowers its detection capabilities, data analysis process, and forensics data, while also feeding Splunk with reliable, real-time attack information and high fidelity alerts.
Eliminate APT attacks at the earliest possible stage by pairing illusive’s high-fidelity detection with Cisco ISE & pxGrid’s mitigation capabilities. With this integration, users can define and execute automated mitigation sequences directly from the illusive console, and automatically block attacks in real time.
CyberArk provides a comprehensive solution for protecting, monitoring, detecting and responding to all privileged account activity. illusive integrates with CyberArk Application Identity Manager to securely retrieve privileged credentials, secured and managed by CyberArk, to access hosts on the network for deceptions deployment and forensics collection. By integrating the CyberArk solution with illusive, organizations benefit from the superior deception technology combined with the leading privileged accounts security solution.
illusive supports seamless integration with all management solutions, including open source tools such as Puppet and Ansible, and proprietary tools such as the below:
Microsoft System Center Configuration Manager (SCCM) allows administrators to manage application deployment and security of devices across an enterprise. Illusive integrates with SCCM to deploy and monitor deceptions so customers can maintain a unified deployment architecture and use their own deployment tools policies.
The Tanium platform offers endpoint visibility and control across an entire organization. The integration between Tanium and illusive allows the user to deploy and monitor deceptions using his existing endpoint management & deployment tool.
illusive syncs with VirusTotal to pool their collective forensic resources. From this integration, users can capitalize on reports that analyze processes on hosts and identify sources of infiltration.
By pairing illusive with OpenDNS, admins are notified when there’s an attempt to reach a malicious site or IP address, and receive illusive’s real-time, source-based forensics.