Illusive Technology Partners

Capitalize on the powerful synergies made possible by Illusive’s technology integration solutions

Deception makes everything in our security stack better

CISO of a global financial enterprise

Technology Partnerships

Carbon Black

Carbon Black (NASDAQ: CBLK) is a leader in cloud endpoint protection dedicated to keeping the world safe from cyberattacks. The CB Predictive Security Cloud® (PSC) consolidates endpoint protection and IT operations into an extensible cloud platform that prevents advanced threats, provides actionable insight and enables businesses of all sizes to simplify operations. By analyzing billions of security events per day across the globe, Carbon Black has key insights into attackers’ behaviors, enabling customers to detect, respond to and stop emerging attacks. More than 5,300 global customers, including 35 of the Fortune 100, trust Carbon Black to protect their organizations from cyberattacks.

LogRhythm

LogRhythm is a world leader in NextGen SIEM, empowering thousands of enterprises to successfully reduce cyber and operational risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. The LogRhythm NextGen SIEM Platform combines advanced security analytics; user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) in a single end-to-end solution. LogRhythm serves as the foundation for the world’s most modern enterprise security operations centers (SOCs), helping customers measurably secure their cloud, physical, and virtual infrastructures for both IT and OT environments. Built for security professionals by security professionals, the LogRhythm NextGen SIEM Platform has won countless customer and industry accolades. For more information,

CyberArk

CyberArk provides a comprehensive solution for protecting, monitoring, detecting and responding to all privileged account activity. Illusive integrates with CyberArk Application Identity Manager to securely retrieve privileged credentials, secured and managed by CyberArk, to access hosts on the network for deceptions deployment and forensics collection. By integrating the CyberArk solution with Illusive, organizations benefit from the superior deception technology combined with the leading privileged accounts security solution.

Integrations

SIEM Solutions

To integrate with any SIEM tool, Illusive sends data via the CEF/Syslog protocol.

Micro Focus ArcSight

Integrating Illusive with HP ArcSight log & event management solution creates a strong bi-directional relationship. Illusive feeds ArcSight reliable, real-time data such as incident reports and high fidelity alerts, while ArcSight makes its database available to Illusive so it may enrich its threat forensics. With this integration, customers benefit from a more complete, actionable perspective on activities in the system.

Splunk

The integration between Illusive and Splunk’s SIEM and log managements solutions allows Illusive to obtain rich data that empowers its detection capabilities, data analysis process, and forensics data, while also feeding Splunk with reliable, real-time attack information and high fidelity alerts.

 

IBM QRadar

QRadar® SIEM is a network security management platform that provides situational awareness and compliance support through the combination of flow-based network knowledge, security event correlation, and asset-based vulnerability assessment.

Threat Containment Solutions

Cisco ISE & pxGrid

Eliminate APT attacks at the earliest possible stage by pairing Illusive’s high-fidelity detection with Cisco ISE & pxGrid’s mitigation capabilities. With this integration, users can define and execute automated mitigation sequences directly from the Illusive console, and automatically block attacks in real time.

Deployment Solutions

Illusive supports seamless integration with all management solutions, including open source tools such as Puppet and Ansible, and proprietary tools such as the below:

Microsoft SCCM

Microsoft System Center Configuration Manager (SCCM) allows administrators to manage application deployment and security of devices across an enterprise. Illusive integrates with SCCM to deploy and monitor deceptions so customers can maintain a unified deployment architecture and use their own deployment tools policies.

 

Tanium

The Tanium platform offers endpoint visibility and control across an entire organization. The integration between Tanium and Illusive allows the user to deploy and monitor deceptions using his existing endpoint management & deployment tool.

Threat Intelligence Solutions

Google VirusTotal

Illusive syncs with VirusTotal to pool their collective forensic resources. From this integration, users can capitalize on reports that analyze processes on hosts and identify sources of infiltration.

DNS Management Solutions

Cisco Umbrella

By pairing Illusive with OpenDNS, admins are notified when there’s an attempt to reach a malicious site or IP address, and receive Illusive’s real-time, source-based forensics

Cloud Monitoring Solutions

Amazon Web Services (AWS)

 

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 165 fully featured services from data centers globally. Millions of customers —including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs.