A Leader in Active Defense Joins MISA and Adds New Integrated Solutions to the Azure Marketplace that Extend Support of the New MITRE Shield Model
Illusive Networks®, a leader in active cyber defense, today joined the Microsoft Intelligent Security Association (MISA), bringing the combined power of Illusive’s active defense platform and Microsoft security products to enterprise customers worldwide. Illusive also announced that it is now Microsoft Co-Sell Ready. Illusive Network’s three product modules, Attack Surface Manager, Attack Detection System, and Attack Intelligence System, are also now available via the Microsoft Azure Marketplace, and are integrated across a wide range of Microsoft products to further protect Azure users as follows:
- Microsoft 365 E5 Security Suite – Illusive provides high-fidelity threat detection and intelligence for customers of the Microsoft 365 E5 Suite of cloud-based productivity, security, and compliance apps. Direct integration enables the Illusive Platform to operate side-by-side with E5 in the Security Operations Center, allowing enterprise customers to consolidate their security tools around Microsoft while benefiting from Illusive’s attack surface risk reduction techniques along with its high-fidelity alerting capabilities that stop attackers in their tracks.
- Azure Active Directory (Azure AD) – Stored credentials and extraneous connectivity can lead to vulnerabilities that an organization does not know about and which an attacker can then use to move laterally, undetected. Through a Microsoft Graph API integration, Illusive can uncover potential vulnerabilities due to misconfigurations within Azure AD, Microsoft’s cloud-based identity and access management service. This integration can help identify and eliminate potential attack paths, cloud misconfigurations, and accessible credentials leveraged by attackers to move towards critical data in a customer’s environment. Illusive Networks also enhances the visibility and monitoring of vulnerable privileged identities in Azure AD, such as redundant identities, identities with excessive privileges, risky practices (e.g. Azure MFA disabled), and or unauthenticated identities. Additionally, Illusive’s advanced threat detection system can create deceptive Azure AD credentials, which are fake identities tailored to an organization’s environment. When attackers engage with these deceptions, Illusive provides a deterministic alert to the organization.
Read More: XDR’s role in enhancing enterprise security with advancing threats
- Azure Sentinel – Illusive enhances investigation and mitigation of attacks for customers using Azure Sentinel, Microsoft’s scalable, cloud-native SIEM and SOAR solution. The Illusive Attack Management System data connector allows customers to share Illusive’s attack surface analysis data and incident logs with Azure Sentinel and view this information in dedicated dashboards that show insights into a customer’s attack surface risk and track unauthorized lateral movement in the customer’s network. This integration allows Microsoft users to obtain high-fidelity attack notifications and actionable on-demand forensic insights through Azure Sentinel to further automate and quicken incident response.
- Azure Cloud Environment – Illusive Networks protects against lateral movement attacker behavior in the cloud by planting its web of cloud-based deceptions throughout Azure environments.
Recently, MITRE published an extensive expansion of its highly regarded ATT&CK™ framework. Dubbed Shield, this new approach outlines tactics, techniques, and procedures (TTPs) that enable defenders to create an active defense posture. The integrated Illusive and Microsoft offerings announced today provide a full set of the active defense capabilities, including deception and adversary engagement, outlined in the MITRE Shield framework.
Read More: Protecting enterprise networks from evasive script threats
Furthering Illusive’s cooperation with Microsoft, Illusive Networks has joined the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors that have integrated their solutions to better defend against a world of increasing threats. As part of MISA, Illusive Networks joins a group of top experts from across the cybersecurity industry with the shared goal of improving customer security for all.
Ofer Israeli, CEO and founder, Illusive Networks, said: “Working with Microsoft and launching in Microsoft Azure Marketplace demonstrates our commitment to flexibly integrating our platform with Microsoft products to better meet the needs of customers with a heavy investment in Microsoft’s platforms. We give customers the visibility needed to move their operations confidently and securely into the cloud and secure their environments against attacker movement whether data and applications reside on-premises, in the cloud, or in a hybrid architecture.”
Rani Lofstrom, senior product marketing manager, Microsoft Security said, “The Microsoft Intelligent Security Association has grown into a vibrant ecosystem comprised of the most reliable and trusted security software vendors across the globe. Our members, like Illusive Networks, share Microsoft’s commitment to collaboration within the cybersecurity community to improve our customers’ ability to predict, detect, and respond to security threats faster.”