FAQs
Frequently Asked Questions
What does Invisinet do?
We are a cybersecurity technology company specializing in innovative solutions that proactively protect network infrastructure and critical assets from advanced threats. Our Zero Trust software enables cloaking of network assets and enforcement of identity-based access through First Packet Authentication™, as well as granular identity-based micro-segmentation across all industry segments. With more than 15 patents and FIPS 140-2 certification, we continue to develop solutions to address the evolving advancements of cyber-attacks.
What are the origins of Invisinet?
Our unique security solution was originally developed for the US Department of Defense to protect the military by cloaking connected IP devices during active conflict. Built on the innovative intellectual property of Blackridge and later renamed Blue Armor, our solution made its way to the DOD approved product list in 2018 and was recognized as a Gartner Cool Vendor in Cyber-Physical Systems Security 2020. After 10 years of working with the DOD, built for military-grade technology and 15 patents, Invisinet’s Zero Trust Authentication solution is now available for IT and OT applications.
What is the problem Invisinet’s technology solves?
Invisinet addresses the problem of identity exposure at the network layer and cloaks identity at the first point of attack. This happens during the TCP three-way handshake at the network session initiation.
Our solution:
- Cloaks customer networks, network segments or specific network resources.
- Invokes identity and the policies attached to that identity at the earliest possible time, making identity-based micro-segmentation is a natural feature of our solution. With Invisinet, there is no need for complex and expensive-to-manage firewall access control lists, or VLans.
- Enables your AI to be smarter by pointing AI based Threat Intelligence platforms at “Authenticated” network connections, Invisinet frees compute power to focus on unusual behaviors of authenticated network connections vs failed network attempts by pray-and-spray attackers.
Pushing trusted-identity through the IP network layer and blocking unauthorized access at the first packet creates a highly scalable way to realize the full benefits of your Zero Trust Network Architecture stack.
What types of cyber-attacks does Invisinet prevent or is it just an alerting platform?
Invisinet is an attack prevention solution versus Threat Detection. It’s important to note that when deployed, Invisinet is the only solution to successfully prevent “Reconnaissance,” which is the first step in a hacker’s playbook, and how attackers know where and what to attack, and the potential vulnerabilities associated with a particular resource.
Is Invisinet hardware or software?
Invisinet is a software-only solution that can be deployed as a virtual gateway on prem or in cloud environments. VMWare, KVM, and Proxmox as well as in cloud environments such as AWS, Azure, and OCI.
How is Invisinet different from other Zero Trust technologies?
Invisinet is implemented at the TCP/UDP layer, stops malicious actors at the earliest point and is a lightweight implementation. It carries user identity past access to the network to specific network resources based on user identity and permissions.
Invisinet is the only supplier that can address the following aspects:
- Provide continuous assured network level security on a session-by-session basis using Invisinet’s patented First Packet Authentication
- Proactively blocks unauthorized scanning, mapping and discovery
- Provides per session identity attribution reporting to downstream IDPs improving visibility to network traffic, and reducing false positives on IOC’s
- Dynamic policies managed by system wide analytics using the Confidence Level API’s and Adapt to policy changes across different network boundaries or network layers
- Work in heterogenous environments with end-to end protection, no increased overhead or increased latency
- Bridges IT and the OT layer
Can Invisinet replace VPN?
Invisinet is a perfect complement and completely compatible with VPNs. By themselves, VPNs allow access into a corporate network but don't carry identity "to and through" the network to protected resources. Invisinet carries identity "to and through" the network and provides visibility only to the resources that the user is authorized to access.
Is Invisinet a Secure Access Service Edge (SASE) solution or similar?
No. SASE solutions are designed to mitigate TCP’s inherent flaws by re-routing traffic to a proxy server which hosts security tools such as firewalls and deep packet inspection. Invisinet is a true Zero Trust network access solution that can cloak networks and network assets from discovery and enumeration, without the need to reroute traffic. Because of this, Invisinet is considerably less expensive and simpler to deploy, is lighter weight, introduces no latency, and works well in OT environments.
What are the environments that Invisinet supports?
Invisinet software is extremely flexible and supports multiple environments for:
- Protected assets within:
- Cloud Environments: Amazon, Azure and Oracle Cloud environments are currently supported. Google coming soon.
- On-Prem Environments: VMWare EXSI, VMotion, VCloud, KVM, Proxmox, CentOS
- Endpoint Assets
- Windows, Ubuntu, MacOS, iOS. Android coming soon.
Can it secure Information Technology (IT), Industrial Internet of Things (IIoT) and Operational Technology (OT) devices?
Yes, Invisinet can secure IIoT and OT devices. It uses First Packet Authentication to authenticate the identity of devices at the very first packet of a TCP network session request, effectively blocking unauthorized or unidentified traffic on your network.
Can Invisinet be used over satellite networks?
Yes. Invisinet is the most effective solution for industries and companies that leverage satellite networks. Because Invisinet adds Identity to the first TCP packet of a network session - and does not encrypt satellite traffic – Invisinet adds zero latency vs encryption.
How does Invisinet work with other security solutions?
Invisinet is complementary to other security solutions. Invisinet’s first packet authentication is an extra layer of security that ensures that only trusted identities are allowed access to protected resources