Cyber dangers are more advanced and harmful than ever in the modern world. Network security is crucial, not just important. Invisinet Technologies, a Houston, Texas-based company founded in 2021, is leading the way in cybersecurity with its innovative products, such as the proprietary First Packet Authentication™ technology.

Invisinet's solutions, which were first created to encrypt communications for the US Department of Defense, are today being offered to companies and vital sectors like healthcare and energy to safeguard their networks. By concentrating on zero-trust principles, the business efficiently stops threats before they arise by making networks invisible to hackers.

Brendan Sullivan, CEO of Invisinet Technologies, spoke exclusively to Business Fortune about the company’s innovative journey in cybersecurity, the patented First Packet Authentication™ technology, and its mission to protect critical industries using zero-trust solutions. Below is an excerpt from the interview.

Q. Leading the way in zero-trust cybersecurity is Invisinet Technologies. Could you explain the factors that influenced the creation of your First Packet Authentication™ technology and how it alters network security practices for businesses?

Invisinet’s solution was initially developed for the U.S. Department of Defense to reduce signal intelligence gathering and protect troops communicating over public networks like cell phone networks and the internet. The goal was to secure and cloak internet traffic for military personnel and equipment. Over time, the company adapted this technology to meet similar needs in enterprise IT and critical infrastructure within IIoT/OT environments as Zero Trust Network Architectures (ZTNA) became more widely adopted.

Invisinet’s Zero Trust authentication system tokenizes both human and device identities at the point of origin and continuously verifies these identities at the network IP layer to protect network assets. Combined with our patented First Packet Authentication™ technology, this system proactively conceals protected assets from network scanning and mitigates threats at the earliest point of attack. Additionally, Invisinet can implement identity-centric policies to ensure that systems are inaccessible to unauthorized users and groups while also dynamically micro-segmenting networks and providing continuous session-based identity verification and reporting.

TCP traffic is ubiquitous, but it was designed primarily for ease of communication and not for security. It relies on external mechanisms, such as firewalls or VPNs, for protection. Malicious actors can exploit these vulnerabilities to probe, monitor, and attack targeted networks. However, networks protected by Invisinet remain completely invisible to these bad actors. Attackers won’t be aware of the existence of the protected network, and what they can’t see, they can’t attack. Furthermore, Invisinet’s built-in micro-segmentation facilitates seamless communication between networks, allowing for protected connections similar to a VPN, but with more flexibility to communicate “to and through” different networks. This approach helps safeguard organizations from both internal and external threats simultaneously, eliminating the need for multiple, disparate, expensive, and cumbersome security solutions.

Q. Proactive solutions from Invisinet stop cyberattacks before they even reach the first packet. In comparison to other platforms, how does this early interception help to provide stronger, more dependable security?

All network-based hacks begin with reconnaissance, where malicious actors programmatically probe networks to identify access points and search for vulnerabilities. Typically, companies are scanned tens of thousands of times each month. Invisinet offers unparalleled proactive threat prevention security through patented technology that disrupts this reconnaissance phase.

First Packet Authentication, as the name suggests, passes a tokenized identity in the very first IP packet header during session setup. This method blocks unauthorized users in a way that prevents network scanning, keeping your network off hackers' target lists.

Other products often limit access after the network setup during a security handshake or at the application level, but they lack the capability to disrupt reconnaissance. Remember, hackers can’t attack what they cannot see.

Q. Cloaking and micro-segmentation are essential elements of your product. Could you describe how these methods complement one another to offer strong protection against online attacks?

The core principle of Zero Trust Network Architectures is to always assume that you have been compromised and that all parts of your network are untrusted. Invisinet incorporates identity information within the IP packets, enabling the application of identity-centric rules at the Invisinet gateways whenever a connection is established. This allows for programmatic micro-segmentation of networks, meaning you can isolate a single asset to a specific user if desired, and dynamically adjust segmentation based on trust levels.

By breaking your networks into smaller segments, you compel potential attackers to move laterally within the network, which provides the best opportunity for your Intrusion Detection and Prevention (IDP) systems to detect them. In addition to gateway access management, the Invisinet system includes InvisiPoint Agents on endpoints and Enforcers deployed on servers across your network. These components all contribute real-time identity data—both known and unknown—to your Security Information and Event Management (SIEM) system, significantly enhancing the accuracy of Indicators of Compromise for your machine learning-based IDP and reducing the workload for Security Operations Center (SOC) analysts.

Q. As industries continue to combine information technology (IT) and operational technology (OT), what special difficulties does Invisinet encounter in protecting hybrid networks, and how are these difficulties resolved by your solutions?

IT and OT (or IIoT) networks are designed with different goals in mind. While IT networks primarily serve to provide information to employees or customers, IIoT networks focus on securing critical operations. Traditionally, these networks have been kept completely isolated, or "air-gapped," meaning there was no communication (or potential attacks) through them. However, with the increasing use of machine learning and AI, this air-gapping is no longer feasible.

Large OT networks are typically deployed for long-term use, following 20-year life cycles. This creates significant challenges due to the incompatibility of older equipment with modern tools and techniques. Invisinet addresses these challenges by functioning effectively across decades of legacy networks. It operates end-to-end at the network layer, utilizing hidden properties that add no additional overhead and maintain near-zero latency. This makes Invisinet particularly well-suited for use in hybrid and low-compute wireless networks, which are common in most OT environments.

Q. With AI systems being increasingly targeted by cybercriminals, how does Invisinet ensure the safety of business-critical AI technologies?

Invisinet specializes in securing AI applications and their use cases by providing real-time information and classifications of traffic to and from these systems. With Invisinet's Zero Trust Network Access (ZTNA) and comprehensive monitoring capabilities, our solution enables secure and enhanced access to critical AI systems.

Q. You serve a number of sectors, including energy and healthcare, both of which handle sensitive data. How does Invisinet modify its cybersecurity offerings to accommodate these industries' particular requirements?

Invisinet is not primarily focused on being a Data Loss Prevention (DLP) solution; however, it complements and enhances existing solutions effectively. For example, in 2024, healthcare systems were specifically targeted with the aimed of disrupting patient care and stealing valuable patient records for sale on the dark web.

Invisinet can assist by proactively cloaking healthcare networks while providing robust identity and access management. We can also strengthen several key HIPAA cyber requirements, including enhanced micro-segmentation of operational technology (OT) and information technology (IT) systems, improved privileged and vendor access, as well as establishing a real-time and forensic audit trail of system access through our newly released InvisiPoint enforcers.

Q. Globally, cybersecurity has grown into a major problem. What part do you think Invisinet will play in influencing the way cybersecurity develops in the future?

My vision for Invisinet is to remain true to our core principles. We offer Zero Trust technology that proactively reduces cyber-attack surfaces. Our goal is to be the leading innovator in this space. I am confident that our talented employees will continue to develop creative solutions that address cybersecurity gaps for a wide range of organizations. We will also continue to collaborate with various partners and OEMs to provide comprehensive solutions for enterprises. I firmly believe that Invisinet has the right solutions for critical infrastructure sectors that are burdened with legacy operational technology (OT) environments, while also expanding their Internet of Things (IoT) devices and enabling their artificial intelligence (AI) applications.

Q. In 2025, what are some of the major cybersecurity trends that Invisinet is concentrating on, and how do you intend to keep making progress in this area?

In 2024 there was an uptick in attacks on Operational technology in critical infrastructure. Russian state-sponsored hackers, notably the Sandworm group, engaged in cyberattacks against Ukraine and Western allies, focusing on critical infrastructure and government networks. Advanced Persistent Threat (APT) groups linked to China, such as Volt Typhoon and Salt Typhoon, targeted critical infrastructure in the United States, including telecommunications and energy sectors, aiming to gather intelligence and disrupt services. Ransomware groups, such as AlphV (also known as BlackCat), executed devastating attacks on healthcare providers, leading to significant operational disruptions.  Invisinet continues to expand its portfolio of solutions for the enterprise IT space but sees a significant opportunity to help reduce attacks on critical infrastructure and legacy OT networks.

Brendan Sullivan | CEO

Brendan Sullivan is an industry veteran with 25 years of leadership in emerging market technology and network design. Most recently he worked with Viasat where he held positions as Chief Commercial Officer – Enterprise division, and the Head of the Intelligent Edge Solutions business unit which combined a portfolio of satellite-based IOT services, 5G technology, advanced cybersecurity and AI.  Brendan has also served the role of CTO/CIO in multiple global segment leaders including at RigNet, Vubiquity, and DG Fastchannel.