• slide
  • slide
  • slide
  • slide
  • slide
  • slide
  • slide

Who is IronNet?

IronNet was founded by General (Ret.) Keith Alexander — former head of the NSA and Commander U.S. Cyber Command — to defend companies, organizations, sectors, and nations against highly organized cyber adversaries and sophisticated attacks.IronNet was founded by General (Ret.) Keith Alexander — former head of the NSA and Commander U.S. Cyber Command — to defend companies, organizations, sectors, and nations against highly organized cyber adversaries and sophisticated attacks.

For decades, companies have been defending against cyber attacks on their own while adversaries have been organizing themselves into sophisticated hacker networks … until now, with IronNet Collective Defense.

Watch as General Alexander tells the story of IronNet in his own words:

Bringing together decades on the front lines of cyber defense and data science, IronNet’s leadership team has:

  • Unparalleled government experience with the NSA, Cyber Command, and DARPA
  • High-profile commercial and Silicon Valley backgrounds launching security companies such as Duo and Zscaler
  • Unmatched data scientist and threat hunting expertise; and
  • Services leadership authoring industry standard models for compliance.

IronNet’s mission is to deliver the power of collective cybersecurity, backed by AI-drive network detection and response, to defend companies, sectors and nations — so that all can live and work with peace of mind in cyberspace. Visit us at IronNet.com.


IronLens May Edition: IronNet's Threat Intelligence Report

As part of the IronNet Cyber Operations Center (CyOC) team, I am part of the team that creates threat intelligence rules to accelerate threat detection at our customers’ sites. We are committed to doing threat detection groundwork that can help overcome cybersecurity shortages while also alleviating “alert fatigue” at our customers’ in-house SOCs. Collective Defense is our unique collaborative approach. Learn More...

Winning the cyber war with Collective Defense

Fortnite got it right: When it comes to defending against cyber attacks, we need to do battle as a team. A couple years ago when I witnessed my 16 grandchildren scattered throughout the house playing the game, I realized something: Even if they had been playing from their respective homes, they would have still been collaborating and strategizing, just as effectively, to survive on the island. This was collective defense at work. Learn More...

Is your data secure in a Collective Defense ecosystem?

If you know one thing about IronNet you know this: we believe in Collective Defense. And while the benefits of this approach are well documented, misconceptions remain. In a previous post by IronNet Senior Security Strategist Greg Conti, we examined the misconception that working together in a Collective Defense system diminishes your competitive advantage. We now understand that no organization is equipped to defend alone against cyber attacks. Threat information isn’t a competitive advantage; instead, it benefits the sector at large by keeping the shared cyber landscape healthy. Learn More...

Russian cyber attack campaigns and actors

Some of the most notorious actors in the cyber threat landscape have been traced back to sponsorship by the Russian state. As the digital revolution has accelerated, so, too, has the Russian cyber attack landscape — hold-over Cold War tactics that evolved to take advantage of new electronic methods of communication. Strategic Russian interests are guided by the desires for Russia to be recognized as a great power, to protect the Russian identity, and to limit global United States power. Learn More...

IronDefense integrations: Detection without disruption

When considering the latest tech widget, do you ever ask yourself, “Why should I change?” "Will adopting this new technology, as advertised, make my life better or will it also undoubtedly introduce friction, a new workflow, or training that I do not have the time or patience for?" Again, the why takes over. For example, why should I start using a Roomba to clean my house when the vacuum cleaner I own already works just fine? On top of that, I have no idea how it will work with kids, dogs, and stairs. Learn More...

FedRAMP Ready

IronNet Is FedRAMP Ready 

As IronNet leads the movement toward Collective Defense in cybersecurity, we have continued to strengthen our alignment with the needs of federal agencies and the companies that support them. This sector has critical security needs, and it recognizes that a traditional approach to cybersecurity is no longer enough, especially as adversaries, more and more, are accessing targets through weak spots in the supply chain. In fact, according to Accenture, indirect attacks now account for 40% of security breaches, making visibility across the private/public ecosystem through Collective Defense even more paramount. 

To that end, IronNet is proud to announce that we have achieved FedRAMP Ready for Agency Authorization status, as approved by the Federal Risk and Authorization Management Program (FedRAMP). This government-wide compliance program provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. Within that context, IronNet’s IronCloud offering, the cloud service component of IronNet’s Collective Defense platform, is available on Amazon Web Services (AWS) GovCloud and listed in the FedRAMP marketplace

What does FedRAMP Ready status mean? 

To be awarded FedRAMP Ready, In-Process, or Authorized status, vendors and products go through a detailed and demanding audit of their data security processes and technology. This is a three-step process, the first step being the Readiness Assessment which resulted in IronNet’s FedRAMP Ready for Agency Authorization status. FedRAMP Ready status indicates a third party assessment organization (3PAO) attests to IronNet’s security capabilities, and a Readiness Assessment Report has been reviewed and deemed acceptable by the FedRAMP Program Management Office (PMO). The Readiness Assessment Report documents the Cloud Service Provider’s system information, compliance with federal mandates, and capability to meet FedRAMP security requirements. Step 2 is a full security assessment by the 3PAO. They conduct penetration testing, review the security system plan, and conduct a full audit of the system. A risk-based decision of the Agency granting IronNet’s IronCloud the Authority to Operate (ATO) for use of the system is the final step in the process.  

IronNet’s achievement of Ready status for our IronCloud offering means the FedRAMP PMO has determined that IronNet can meet the FedRAMP security requirements and could be granted an Agency ATO. 

Meeting government’s unique security needs

Until now, threat actors have been able to stay one step ahead of overextended government SOC teams, who typically are limited to conventional cybersecurity techniques and tools that have limited visibility for detecting unknown threats. IronNet is committed to partnering with government and commercial organizations to transform today’s approach to cybersecurity by working together to protect critical networks and data. We are answering the U.S. Cyberspace Solarium Commission’s call for collaboration: "Collective defense in cyberspace requires that the public and private sectors work from a place of truly shared situational awareness."

After all, the government is the backbone of our nation and states. Safeguarding its continuity and availability of services is critical, especially as cyber attacks become more sophisticated and numerous. But you need visibility to protect this foundation. As IronNet Founder and Co-CEO General (Ret.) Keith Alexander mentioned in “Winning the Cyber War with Collective Defense,” “One of the frustrations when I had U.S. Cyber Command was that we couldn’t see attacks on our country. With automatic, machine-speed threat sharing and collaboration between public and private enterprises, we now can arm the commercial sector with the ability to see threats, share that knowledge with each other, and anonymously share that information with the government so that they can use all the levels of power at their disposal to defend the nation.”

Improving security through Collective Defense 

IronNet is founded on the concept that Collective Defense should be a key component of national level cybersecurity. Our core products, IronDefense and IronDome, were built around the idea of taking behavioral cyber threat intelligence and sharing it, in real-time, across multiple industry sectors (and voluntarily with the government) to facilitate the ability of companies to work together and defend their enterprises collaboratively as a unified front.

By focusing on network traffic and behavior, network detection and response can detect everything from a known bad Indicator of Compromise flagged through a threat intelligence feed to unknown malware using malicious behavior patterns. To be even more secure, Collective Defense enables correlated threat detection at network speed. What this means is that stakeholders in a public-private IronDome ecosystem can paint a bigger picture of an attack well beyond any single enterprise or organization, in turn pivoting to triage and collective response much more quickly. 

Learn more about Collective Defense in the “Stronger as One” eBook.



  • Network Detection and Response (NDR) with IronDefense

    Next-generation network traffic analysis leverages machine learning so you can see unknown threats around the corner, accelerating triage and response. A win-win for your SOC and cyber strategy.

    IronDefense is IronNet’s Network Detection & Response (NDR) platform, which improves visibility across the threat landscape and amplifies detection efficacy within your network environment. This helps your SOC team to work more efficiently and effectively with existing cyber defense tools, resources, and analyst capacity.

  • Collective Defense with IronDome

    IronDome is the cybersecurity industry’s only Collective Defense solution. IronDome takes alerts and cyber anomalies generated from IronDefense – IronNet’s scalable network detection and response platform – and shares them quickly, safely, and anonymously across IronDome members.

    These events are then correlated across industry peers to identify sector-wide adversarial campaigns that would be challenging to detect alone. Notification of these correlations is provided in real-time to IronDome participants, giving them faster visibility into potential threat campaigns targeting their industry.

Integrations and Certifications

Integrations & Certifications

  • Integrations

    IronNet positions its product offerings in a way that does not introduce friction into the SOC, while also still providing network threat detection and a Collective Defense platform designed to give greater context to detections using global, curated, and trusted bidirectional intelligence. By integrating within an existing cybersecurity ecosystem, IronNet’s IronDefense and IronDome products have immediate impact. Today, these include integrations with leading SIEM, SOAR, and ITSM products. Tomorrow, these integrations will expand to leading EDR and NGFW products.

    SIEM integrations: Splunk, QRadar

    SOAR integrations: Phantom, XSOAR (formerly known as Demisto), Swimlane

    Workflow integrations: ServiceNow

    Read more about IronNet integrations.

  • Certifications

    At IronNet, we are committed to providing the most secure environments and highly trained staff to ensure that we can meet and exceed our clients’ requirements. Our security team is committed to continually improving our skills, policies, and operational standards.

    FedRAMP Ready

    FedRAMP is a U.S. government program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. IronNet has FedRAMP Ready status for our IronCloud Service (SaaS) offering, which delivers IronDome Collective Defense and IronDefense Network Detection & Response solutions as a Moderate security level SaaS offering deployed on Amazon Web Services (AWS) GovCloud (US) East/West.

    SOC2 Type I and SOC2 Type II

    IronNet is also SOC2/Type I and Type II certified, verifying that we have a suitable design of controls to meet the criteria for the security, availability, confidentiality, and processing integrity principles of the SOC2 standard. Having Type II attestation demonstrates the operational effectiveness of our design controls.

    ISO/IEC 27001

    ISO 27001 is an international standard for information security management systems (ISMS). An ISO 27001 certification demonstrates that IronNet has addressed the following areas: security policy, organization and information security, asset management, human resources security, physical and environmental security, communication and operations management, access control, information systems acquisition, security incident management, business continuity management, and compliance.



    IronNet is committed to data privacy and is compliant under EU General Data

    Protection Regulation (GDPR). IronNet is also an active member of the EU/

    Swiss-US Privacy Shield Framework through the US Department of Commerce. The EU/Swiss-U.S. Privacy Shield Framework provides a method for companies to transfer personal data to the United States from the European Union (EU) in a way that is consistent with EU law and acceptable under EU GDPR.

    The Department of Homeland Security (DHS) Continuous Diagnostics & Monitoring (CDM)

    IronNet is registered with The Department of Homeland Security (DHS)

    Continuous Diagnostics & Monitoring (CDM) program recognizing cybersecurity tools and sensors that are reviewed by the DHS program for conformance with Section 508, federal license users and CDM technical requirements. IronNet also received two separate acceptances/approvals for the DHS Continuous Diagnostics & Monitoring Approved Products List (CDM APL) for IronDefense (IRO-0002-20180103) and IronDome (IRO-0004-20180405).



GSA Schedule 70

Dec 20, 2011- Dec 19, 2021


Mar 03, 2015- Aug 10, 2020
*Additional Option Years Available

State and Local

Maryland Master Contract (COTS)

Oct 01, 2012- Sep 30, 2027


Massachusetts Higher Education Consortium (MHEC)

Aug 10, 2019- Jun 30, 2022




Founded by General (Ret.) Keith Alexander, former Director of the U.S. National Security Agency and Commander of U.S. Cyber Command, IronNet brings together a team of highly experienced strategic, operational, and technical cybersecurity experts to develop and deliver outstanding cybersecurity produ...


It’s one of the biggest paradoxes in technology today. Organizations are on pace to spend more than $120B in 2019 on cybersecurity products and services. Yet today’s headlines show that despite the record level of investment, industries continue to experience more cybersecurity breaches and inci...

Product Brief

IronDome is the industry’s first automated solution that links industry peers, supply chains, and regions within a common defense architecture to allow public and private enterprises to work together to strengthen cyber defense. Our solution enables secure, anonymous sharing of threat insights and...

IronNet’s IronDefense Network Detection and Response (NDR) solution is a highly scalable platform that leverages advanced behavioral analysis and integrated cyber hunt to detect cyber threats missed by traditional cybersecurity tools. Designed by national security analysts and top intelligence ...