Illusive Networks Active Defense Solution

Additional Info

Company size (employees)100 to 499
Type of solutionCloud/SaaS


Unlike traditional threat detection, Illusive’s technology doesn’t just prevent attacks, it learns everything there is to know about how they’re carried out – and uses it against threat actors. Illusive’s technology effectively reverses the roles, forcing the attacker into a defensive position. As hackers move laterally across a network (that they believe to be legitimate), Illusive is tracking them, gathering tangible data and forensics to map an effective attack response strategy. This agentless approach captures deterministic proof of in-progress attacks and provides actionable forensics to empower a quick and effective response.

Illusive has developed the Attack Defense Suite, featuring attack surface management, deterministic attack detection and actionable forensic insight that speeds response. Illusive’s active defense stops attackers from accessing critical assets and detects the lateral movement that enables today’s most dangerous ransomware and nation-state attacks. Despite significant investments and industry advancements, it’s still difficult to see and stop attackers moving inside your environment. The Illusive Active Defense Suite identifies and removes the vulnerable connections and credentials that enable attackers to move undetected, and then replaces them with deceptive versions that fool attackers into revealing their presence upon engagement.

This alleviates the burden on security teams and SOC analysts that are constantly tracking attackers and triaging incidents. Rather than having to continuously monitor the security infrastructure and environment for ceaseless threats, companies can depend on Illusive’s Active Defense Suite to do the monitoring for them and resolve the situation before damage is done. This creates a self-sufficient environment that allows security teams to focus on priority areas of cybersecurity that aren’t yet able to squash threats without a human, hands-on approach.

Illusive’s technology is making hackers mad and making security teams’ jobs easier, all while providing valuable insights that help companies plan for a safe, secure future.

How we are different

Illusive focuses first on removing any unnecessary pathways to critical assets. Most networks are not really segmented as intended; rogue or “shadow” connections between systems remain, often as remnants of IT projects or service tickets. By focusing on this task first, Illusive is limiting the fuel that attackers need to live off the land, mask their malicious activity behind legitimate connections and credentials and launch attacks undetected.

Since deception does not rely on established access patterns or user behavior, rapid environmental change, such as the massive migration to remote work, has no effect on detection efficacy. Detection is based on the simplest of algorithms – either an attacker interacted with a deception or they did not. Massively distributed, highly authentic deceptions force nefarious actors to unknowingly interact to progress their attack. When an Illusive notification fires, it’s not white noise – this incident requires immediate investigation. The deterministic detection provided by Illusive is in contrast to most threat detection platforms that rely on probabilistic risk thresholds that require further investigation to confirm whether an attack is truly in progress.

Unlike SIEM and security logs, which can be used to piece together a picture of an incident once identified, Illusive flags the malicious activity as it happens and begins recording everything that is taking place on that system. The full forensic picture is then delivered to security teams for remediation and further action, saving countless hours of investigation time.