Early detection & on-demand forensic intelligence stops
high-impact sideways attacks
Flip the dynamic that favors attackers. Goodbye anomaly detection, hello distributed deception!
Stop attacks through real-time threat detection and endpoint isolation.
This on-demand webcast explains how deception speeds up breach detection and reduces attacker dwell time.
Illusive-sponsored research finds deception technology reduces attacker detection time by over 90%
Deception makes everything in our security stack better
CISO of a global financial enterprise
Partnerships are vital to our success. The customers we serve both need and expect security vendors to work effectively together.
Illusive integrates and complements core security systems – filling gaps in the kill chain, visualizing and removing hidden threats, speeding detection, prioritizing alerts, improving threat hunting efficiency, and more.
In each area, cooperation with associated vendors is critical to ensure a resilient security posture. We take this responsibility to heart in building strong, lasting relationships with key technology partners committed to alignment of technolgy, communication, and strategic direction.
BeyondTrust is the worldwide leader in Privileged Access Management, offering the most seamless approach to preventing privilege-related breaches. Our extensible platform empowers organizations to easily scale privilege security as threats evolve across endpoint, server, cloud, DevOps, and network device environments. BeyondTrust gives organizations the visibility and control they need to reduce risk, achieve compliance objectives, and boost operational performance. We are trusted by 20,000 customers and a global partner network.
BlueCat is the Adaptive DNS™ company. The company’s mission is to help the world’s largest organizations thrive on network complexity, from the edge to the core. To do this, BlueCat re-imagined DNS. The result – Adaptive DNS™ – is a dynamic, open, secure, scalable, and automated resource that supports the most challenging digital transformation initiatives, like adoption of hybrid cloud and rapid application development. The integration between BlueCat and Illusive Networks helps speed the deployment of dynamically authentic deceptive Active Directory artifacts for the detection of in-network attacks.
Carbon Black (NASDAQ: CBLK) is a leader in cloud endpoint protection dedicated to keeping the world safe from cyberattacks. The CB Predictive Security Cloud® (PSC) consolidates endpoint protection and IT operations into an extensible cloud platform that prevents advanced threats, provides actionable insight and enables businesses of all sizes to simplify operations. By analyzing billions of security events per day across the globe, Carbon Black has key insights into attackers’ behaviors, enabling customers to detect, respond to and stop emerging attacks.
Illusive Networks boasts several integrations with Cisco products and services. The Cisco Identity Services Engine offers a network-based approach for adaptable trusted access everywhere based on context. The Cisco pxGrid (Platform Exchange Grid) allows multiple security products to share data and work together. Pairing these two solutions with Illusive Networks high-fidelity early breach detection permits users to define and execute automated mitigation sequences from within the Illusive Platform dashboard. This functionality automatically blocks the most dangerous post-breach attackers in real time, before they can move laterally towards critical data. Illusive also offers an integration with the Cisco Umbrella. Cisco Umbrella uses the Internet’s infrastructure to block malicious destinations before a connection is ever established. Illusive working in tandem with Cisco Umbrella notifies administrators when any attempt is made to reach a malicious site or IP address, with Illusive’s real-time, source-based forensics providing actionable threat intelligence that can be used for faster incident response and investigation.
CyberArk provides a comprehensive solution for protecting, monitoring, detecting and responding to all privileged account activity for both non-human and human identities. Illusive integrates with CyberArk Application Access Manager to securely retrieve privileged credentials, secured and managed by CyberArk, to access hosts on the network for deceptions deployment and forensics collection. By integrating the CyberArk solution with Illusive, organizations benefit from the superior deception technology combined with the leading privileged accounts security solution.
Hitachi ID Systems, Inc. delivers identity and access management (IAM) solutions to organizations globally, including many of the Fortune 500 companies. The Hitachi ID Identity and Access Management Suite is a fully integrated solution for managing identities, security entitlements and credentials, for both business users and shared/privileged accounts, on-premises and in the cloud. Illusive Networks has partnered with Hitachi ID Systems to seamlessly incorporate privileged account management into the deployment and administration of the Illusive Platform.
Infoblox is leading the way to next-level DDI with its Secure Cloud-Managed Network Services. Infoblox brings next-level security, reliability and automation to on-premises, cloud and hybrid networks, setting customers on a path to a single pane of glass for network management. Infoblox is a recognized leader with 50 percent market share comprised of 8,000 customers, including 350 of the Fortune 500. Illusive Networks and Infoblox work together to automate the mapping of deceptive hostnames so that DNS deceptions are easy to deploy, with no need for additional manual or scripted mapping.
LogRhythm is a world leader in NextGen SIEM, empowering thousands of enterprises on six continents to successfully reduce cyber and operational risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. The LogRhythm NextGen SIEM Platform combines advanced security analytics; user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation and response (SOAR) in a single end-to-end solution. LogRhythm’s technology serves as the foundation for the world’s most modern enterprise security operations centers (SOCs), helping customers measurably secure their cloud, physical, and virtual infrastructures for both IT and and OT environments. Built for security professionals by security professionals, the LogRhythm NextGen SIEM Platform has won countless customer and industry accolades.
Palo Alto Networks Cortex XSOAR supercharges SOC efficiency with the world’s most comprehensive operating platform for enterprise security. Cortex XSOAR unifies case management, automation, real-time collaboration, and threat intelligence management. Teams can manage alerts across all sources, standardize processes with playbooks, take action on threat intelligence, and automate response for any security use case - resulting in 90% faster response times and a 95% reduction in alerts requiring human intervention. The integration between Cortex XSOAR and the Illusive Platform pinpoints threats with high fidelity at their earliest point in the post-breach attack lifecycle and automates an immediate remediation and quarantine in response. Customized Illusive Platform playbooks designed especially for Cortex XSOAR allow organizations to instantly see how far attackers are from critical data, significantly cut response times, and save the SOC from burnout and false positives.
Splunk turns machine data into answers. Organizations of all sizes and across industries are using Splunk to unleash innovation and solve their toughest IT, security and business challenges. The integration between Illusive deception technology and Splunk SIEM and log management solutions allows Illusive to obtain rich data that enhances incident detection capabilities, data analysis and forensics collection. At the same time, Illusive feeds Splunk reliable, real-time threat information and generates high-fidelity attack alerts.
Illusive offers a range of pre-built integrations and enables CEF/Syslog integration with any SIEM. Illusive can also ingest incidents from any other source and collect real-time host forensics of the same depth provided for Illusive-generated incidents. All incident records are manageable through Illusive’s console, and can be viewed using the Illusive Forensics Timeline.
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 165 fully featured services from data centers globally. Millions of customers —including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs.
Illusive supports seamless integration with all management solutions, including open source tools such as Puppet and Ansible, and proprietary tools such as the below:
Microsoft System Center Configuration Manager (SCCM) allows administrators to manage application deployment and security of devices across an enterprise. Illusive integrates with SCCM to deploy and monitor deceptions so customers can maintain a unified deployment architecture and use their own deployment tools policies.
The Tanium platform offers endpoint visibility and control across an entire organization. The integration between Tanium and Illusive allows the user to deploy and monitor deceptions using his existing endpoint management & deployment tool.
See detailed partnership description above.
To integrate with any SIEM tool, Illusive sends data via the CEF/Syslog protocol.
QRadar® SIEM is a network security management platform that provides situational awareness and compliance support through the combination of flow-based network knowledge, security event correlation, and asset-based vulnerability assessment.
Integrating Illusive with HP ArcSight log & event management solution creates a strong bi-directional relationship. Illusive feeds ArcSight reliable, real-time data such as incident reports and high fidelity alerts, while ArcSight makes its database available to Illusive so it may enrich its threat forensics. With this integration, customers benefit from a more complete, actionable perspective on activities in the system.
AT&T AlienVault USM Anywhere, a SaaS SIEM offering that centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, receives CEF format logs from Illusive Networks, and ingests these for customers to view.
Illusive syncs with VirusTotal to pool their collective forensic resources. From this integration, users can capitalize on reports that analyze processes on hosts and identify sources of infiltration.
© Copyright Illusive Networks, 2020. All Rights Reserved.
Upload your Resume* 2MB Max; .doc, .docx or .pdf only