INTRUSION Shield empowers you to win the cybersecurity battle by proactively defending networks, mitigating existing fires, and providing threat insights. Shield automatically blocks malicious connections from entering and exiting your network in real-time by deploying protective DNS + IP filtering, simultaneously giving you complete visibility of all network connections to audit your attack surface and operational security posture. We integrate that visibility with our 30+ years of expertise in network threat hunting. Since 2001, INTRUSION has continuously inventoried the Internet to uncover relationships and link threat intelligence for the entire Internet across tens of trillions of current and historical relationships. Shield mitigates unknown vulnerabilities, zero-days, and supply chain attacks for all networked devices by blocking malicious access, agnostic of software/firmware/hardware. Shield cuts through the noise both to focus threat hunting and to reduce external SIEM costs for log retention & analysis. Shield also generates and emails daily reports to IT for situational awareness of higher-risk traffic and new local devices and servers seen on the network. This change detection highlights potential risks already inside the network.
Shield supports zero-trust implementations by permitting only trusted inbound and outbound connections. Shield’s Safe Renderer allows users to visit unsafe sites with complete safety, enabling employees to obtain essential data yet remain within IT security boundaries rather than pursue unsafe alternatives. With automatic protection from untrusted communications, Shield’s Dashboard enables your staff to move from incident response to anomaly detection. Shield leverages multiple patents to generate persistent metadata logs to exceed compliance requirements for network auditing such as NIST 800-171 or PCI DSS 10.5.
For immediate protection, simply add the Shield on-prem appliance at the network gateway in Protect mode to protect all devices behind it. For quick assessments and security audits, Shield can be deployed in Observe mode either in-line or from a span port. For complete coverage, INTRUSION also offers Shield Cloud for protecting cloud resources and Shield Endpoint for clients, servers, and mobile devices.
Threat intelligence is our heritage: We leverage decades of internet history with associated reputation intelligence for registered domain names, hostnames (FQDNs), and IP addresses. History, ownership, hosting, relationships, and reputation on the entire IPv4 and IPv6 address space (3.4E+38): 1+ billion historical domain names (~300 million active registered domain names over a month); 33 billion historical distinct hostname/IP pairs (4+ billion active over a month); deep inventory of mail servers, name servers, reverse names, ASN’s, netblock ownership, reputation, and associations. We integrate massive amounts of data collected over decades using graph analytics over tens of trillions of relationships to synthesize a deep understanding of both good and bad relationships that is essential to measure trust and preclude malicious activity.