Illusive, a leader in active cyber defense, announced today the rollout of its automated detection and response partner ecosystem program. This program combines the unique, deterministic detection approach of Illusive with automated response options across a variety of leading security products and partners, including Microsoft Azure Sentinel and Azure Active Directory and Crowdstrike Falcon.
Much of the focus in the past few years has been on automated threat response, leaving a gap in the market around automated threat detection. Illusive addresses the gap by depriving attackers of the means to penetrate the network via automated scans that detect and remove risky privileged credentials and connections. Its deception-based threat defense lures and traps attackers so every alert is a deterministic attack indicator. Illusive's approach, combined with other leading security providers, effectively yields fully automated security solution options to the market for key use cases, like detecting nation state hackers and targeted ransomware.
Leading Illusive automated detection and response solutions built with partner products include:
- Azure Active Directory: Illusive automatically finds and removes risky privileged Azure AD credentials on a continuous basis. This preemptive hygiene is a critical step. On average, 20% of an organization's endpoints contain risky credentials that could be exploited and need removal.
- Azure Sentinel: Illusive feeds into Azure Sentinel its attack surface risk data and deceptive-based alerts, generating custom Sentinel dashboards that allow Sentinel to recommend immediate action on lateral-movement-based threats.
- CrowdStrike: With CrowdStrike endpoint and workload protection platform, customers get real-time threat detection at breach beachheads and instant automated isolation of compromised endpoints at the earliest point of attack, leveraging Illusive's high-fidelity deception-based alerts.
- CyberArk: Through the integration with the CyberArk Privileged Access Security Solution, Illusive helps to minimize the attack surface risk by automatically and continuously discovering unmanaged privileged accounts, expanding the discovery capabilities of the CyberArk solution. When risky credentials are found, they can then be onboarded into the CyberArk solution, helping to preemptively cut off malicious access to an organization's most critical assets.
- Palo Alto Networks Cortex XSOAR: Illusive's alerts on deceptive data can quickly provide conclusive indicators of an insider threat. For example, a customer of Illusive can use deceptive Microsoft 365 files, which are planted to be invisible to a regular user but alluring to the insider attacker in search of intellectual property. When these deceptions are tripped up, security operations teams know with certainty there's an issue needing remediation. An Illusive customer can then pair this deterministic alert with custom-built playbooks using Cortex XSOAR to orchestrate and automate the detection and response to attacks by malicious insiders in hours instead of weeks or months.
Andy Horwitz, vice president of CrowdStrike Store and technology alliances, said: "CrowdStrike is happy to work with Illusive Networks to extend their deception capabilities to automatically mitigate deterministic threats in real time by leveraging CrowdStrike's detection and response capabilities. Joint customers can now have access to a comprehensive security stack to address current and emerging threats, early in the attack cycle."
Brian Carpenter, director of business development, CyberArk, said: "We highly value Illusive's ability to continuously scan the attack surface looking for credentials that are both managed and unmanaged by CyberArk. This capability enables us to expand our coverage and provide continual protection of unmonitored accounts that appear as additional applications and devices are added to an organization's IT footprint."
Matt Chase, director of alliances, Palo Alto Networks, said: "We value the addition of Illusive's custom-built pack in the Cortex XSOAR Marketplace, which includes several playbooks. The combination of Illusive's powerful automated detection with the efficiency of Cortex XSOAR's automated orchestration and response capabilities will help save our customers crucial time in responding to incidents and emergent threats."
Nicole Bucala, vice president of business development, Illusive, said: "It's time to take a totally different approach to cybersecurity – to develop technological defense methods that alert on a deterministic basis. That means every alert is a problem needing to be addressed. Illusive's approach is the first of hopefully many others that, over the next 10 years, have the potential to disrupt the current mindset and replace it with a far more effective one."
Desmond Forbes, Senior Director, Business Development, Security ISV Ecosystem Lead, Microsoft Corporation, said: "Organizations want security that is simplified, comprehensive, and that helps stay ahead of the evolving threat landscape. By leveraging Microsoft Azure Sentinel and Azure Active Directory, Illusive helps customers further protect user credentials and provides the much-needed robust threat detection that helps address the security challenges on the horizon."
To learn more about Illusive technology partners, please visit https://illusive.com/partners/technology-partners/. Illusive can be found on the Microsoft Azure Marketplace, Palo Alto Cortex XSOAR Marketplace, CrowdStrike Marketplace and CyberArk Marketplace.
Illusive's active defense stops attackers from accessing critical assets and detects the lateral movement that enables today's most dangerous ransomware and nation-state attacks. Despite significant investments, it's still difficult to see and stop attackers moving inside your environment. The Illusive Active Defense Suite identifies and removes the vulnerable connections and credentials that enable attackers to move undetected, and then replaces them with deceptive versions that fool attackers into revealing their presence upon engagement. Illusive's agentless approach captures deterministic proof of in-progress attacks and provides actionable forensics to empower a quick and effective response. Illusive was founded by nation-state attackers who developed a solution to beat attackers. We help Fortune 100 companies protect their critical assets, including the largest global financials and global pharmaceuticals. Illusive has participated in over 130+ red team exercises and has never lost one!