Illusive Technology Partners

Capitalize on the powerful synergies made possible by Illusive’s technology integration solutions

Deception makes everything in our security stack better

CISO of a global financial enterprise

Technology Partnerships

BeyondTrust

BeyondTrust is the worldwide leader in Privileged Access Management, offering the most seamless approach to preventing privilege-related breaches. Our extensible platform empowers organizations to easily scale privilege security as threats evolve across endpoint, server, cloud, DevOps, and network device environments. BeyondTrust gives organizations the visibility and control they need to reduce risk, achieve compliance objectives, and boost operational performance. We are trusted by 20,000 customers and a global partner network. 

BlueCat

BlueCat is the Adaptive DNS™ company. The company’s mission is to help the world’s largest organizations thrive on network complexity, from the edge to the core. To do this, BlueCat re-imagined DNS. The result – Adaptive DNS™ – is a dynamic, open, secure, scalable, and automated resource that supports the most challenging digital transformation initiatives, like adoption of hybrid cloud and rapid application development. The integration between BlueCat and Illusive Networks helps speed the deployment of dynamically authentic deceptive Active Directory artifacts for the detection of in-network attacks.

Carbon Black

Carbon Black (NASDAQ: CBLK) is a leader in cloud endpoint protection dedicated to keeping the world safe from cyberattacks. The CB Predictive Security Cloud® (PSC) consolidates endpoint protection and IT operations into an extensible cloud platform that prevents advanced threats, provides actionable insight and enables businesses of all sizes to simplify operations. By analyzing billions of security events per day across the globe, Carbon Black has key insights into attackers’ behaviors, enabling customers to detect, respond to and stop emerging attacks.

Cisco

Illusive Networks boasts several integrations with Cisco products and services. The Cisco Identity Services Engine offers a network-based approach for adaptable trusted access everywhere based on context. The Cisco pxGrid (Platform Exchange Grid) allows multiple security products to share data and work together. Pairing these two solutions with Illusive Networks high-fidelity early breach detection permits users to define and execute automated mitigation sequences from within the Illusive Platform dashboard. This functionality automatically blocks the most dangerous post-breach attackers in real time, before they can move laterally towards critical data. Illusive also offers an integration with the Cisco Umbrella. Cisco Umbrella uses the Internet’s infrastructure to block malicious destinations before a connection is ever established. Illusive working in tandem with Cisco Umbrella notifies administrators when any attempt is made to reach a malicious site or IP address, with Illusive’s real-time, source-based forensics providing actionable threat intelligence that can be used for faster incident response and investigation.

CyberArk

CyberArk provides a comprehensive solution for protecting, monitoring, detecting and responding to all privileged account activity for both non-human and human identities. Illusive integrates with CyberArk Application Access Manager to securely retrieve privileged credentials, secured and managed by CyberArk, to access hosts on the network for deceptions deployment and forensics collection. By integrating the CyberArk solution with Illusive, organizations benefit from the superior deception technology combined with the leading privileged accounts security solution.

Hitachi ID Systems

Hitachi ID Systems, Inc. delivers identity and access management (IAM) solutions to organizations globally, including many of the Fortune 500 companies. The Hitachi ID Identity and Access Management Suite is a fully integrated solution for managing identities, security entitlements and credentials, for both business users and shared/privileged accounts, on-premises and in the cloud. Illusive Networks has partnered with Hitachi ID Systems to seamlessly incorporate privileged account management into the deployment and administration of the Illusive Platform.

Infoblox

Infoblox is leading the way to next-level DDI with its Secure Cloud-Managed Network Services. Infoblox brings next-level security, reliability and automation to on-premises, cloud and hybrid networks, setting customers on a path to a single pane of glass for network management. Infoblox is a recognized leader with 50 percent market share comprised of 8,000 customers, including 350 of the Fortune 500. Illusive Networks and Infoblox work together to automate the mapping of deceptive hostnames so that DNS deceptions are easy to deploy, with no need for additional manual or scripted mapping.

LogRhythm

LogRhythm is a world leader in NextGen SIEM, empowering thousands of enterprises on six continents to successfully reduce cyber and operational risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. The LogRhythm NextGen SIEM Platform combines advanced security analytics; user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation and response (SOAR) in a single end-to-end solution. LogRhythm’s technology serves as the foundation for the world’s most modern enterprise security operations centers (SOCs), helping customers measurably secure their cloud, physical, and virtual infrastructures for both IT and and OT environments. Built for security professionals by security professionals, the LogRhythm NextGen SIEM Platform has won countless customer and industry accolades.

Palo Alto Networks - Cortex XSOAR

Palo Alto Networks Cortex XSOAR supercharges SOC efficiency with the world’s most comprehensive operating platform for enterprise security. Cortex XSOAR unifies case management, automation, real-time collaboration, and threat intelligence management. Teams can manage alerts across all sources, standardize processes with playbooks, take action on threat intelligence, and automate response for any security use case - resulting in 90% faster response times and a 95% reduction in alerts requiring human intervention. The integration between Cortex XSOAR and the Illusive Platform pinpoints threats with high fidelity at their earliest point in the post-breach attack lifecycle and automates an immediate remediation and quarantine in response. Customized Illusive Platform playbooks designed especially for Cortex XSOAR allow organizations to instantly see how far attackers are from critical data, significantly cut response times, and save the SOC from burnout and false positives.

Splunk

Splunk turns machine data into answers. Organizations of all sizes and across industries are using Splunk to unleash innovation and solve their toughest IT, security and business challenges. The integration between Illusive deception technology and Splunk SIEM and log management solutions allows Illusive to obtain rich data that enhances incident detection capabilities, data analysis and forensics collection. At the same time, Illusive feeds Splunk reliable, real-time threat information and generates high-fidelity attack alerts.

Integrations

Cloud Monitoring Solutions

Amazon Web Services (AWS)

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 165 fully featured services from data centers globally. Millions of customers —including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs.

Deployment Solutions

Illusive supports seamless integration with all management solutions, including open source tools such as Puppet and Ansible, and proprietary tools such as the below:

Microsoft SCCM

Microsoft System Center Configuration Manager (SCCM) allows administrators to manage application deployment and security of devices across an enterprise. Illusive integrates with SCCM to deploy and monitor deceptions so customers can maintain a unified deployment architecture and use their own deployment tools policies.

 

Tanium

The Tanium platform offers endpoint visibility and control across an entire organization. The integration between Tanium and Illusive allows the user to deploy and monitor deceptions using his existing endpoint management & deployment tool.

DNS Management Solutions

BlueCat

See detailed partnership description above.

 

Cisco Umbrella

See detailed partnership description above.

https://umbrella.cisco.com/

 

Infoblox

See detailed partnership description above.

SIEM Solutions

To integrate with any SIEM tool, Illusive sends data via the CEF/Syslog protocol.

Splunk

See detailed partnership description above.

 

LogRhythm

See detailed partnership description above.

 

IBM QRadar

QRadar® SIEM is a network security management platform that provides situational awareness and compliance support through the combination of flow-based network knowledge, security event correlation, and asset-based vulnerability assessment.

 

Micro Focus ArcSight

Integrating Illusive with HP ArcSight log & event management solution creates a strong bi-directional relationship. Illusive feeds ArcSight reliable, real-time data such as incident reports and high fidelity alerts, while ArcSight makes its database available to Illusive so it may enrich its threat forensics. With this integration, customers benefit from a more complete, actionable perspective on activities in the system.

 

AT&T AlienVault USM Anywhere

AT&T AlienVault USM Anywhere, a SaaS SIEM offering that centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, receives CEF format logs from Illusive Networks, and ingests these for customers to view.

SOAR Solutions

Palo Alto Networks – Cortex XSOAR

See detailed partnership description above.

Threat Containment Solutions

Carbon Black

See detailed partnership description above.

 

Cisco ISE & pxGrid

See detailed partnership description above.

Threat Intelligence Solutions

Google VirusTotal

Illusive syncs with VirusTotal to pool their collective forensic resources. From this integration, users can capitalize on reports that analyze processes on hosts and identify sources of infiltration.

Privileged Access Management Solutions

BeyondTrust

See detailed partnership description above.

 

CyberArk

See detailed partnership description above.

 

Hitachi ID Systems

See detailed partnership description above.