IronNet has announced new automation capabilities of its cybersecurity platform to enable security operations center (SOC) analysts to “prove the positive” – in other words, to confirm that their enterprise network is safe from cyber attacks.

The IronNet Collective Defense platform improves alert fidelity and analyst workflow by enhancing risk scoring and alert prioritization, resulting in reduced alert loads and investigation time. The enhancements also improve threat hunting by providing integrated malware and ransomware detection based on automated analysis of payloads as they traverse the network. These detections protect managed and unmanaged devices (e.g., OT and IoT) from ransomware and malware.

According to the company, the platform’s hunt panel now features extended hunt, expanding the investigation window to 30, 60, and 90 days (per individual customer service level agreement) over metadata and the associated packet capture (PCAP) data.

This capability offers IronNet customers a fully integrated hunt platform designed for easy pivoting from an isolated alert down to the metadata and full PCAP associated with that alert, providing more time to respond and triage based on longer-term historical analysis and historical context.