illumio.com — AI Site Grade

Analysis

I have enough data. Let me compile the audit.

Illumio's homepage prominently links to a "Mythos: Time to Rewrite the Entire Cybersecurity Model" blog post that returns a 404 error, creating a dead-end for every AI crawler and human visitor who follows that call-to-action.

Crawler Access

All major AI crawlers -- GPTBot, ClaudeBot, PerplexityBot, Google-Extended, OAI-SearchBot, ChatGPT-User, Applebot-Extended, anthropic-ai -- receive a full 200 response with identical byte size (293KB) to a browser baseline. Only Bytespider (ByteDance) is blocked at the Cloudflare edge with a 403. The robots.txt uses a single User-agent: * catch-all with no AI-specific directives, disallowing search query pages, press release archives, resource filters, landing pages, and thank-you pages. No llms.txt exists (404). The site runs on Cloudflare behind Webflow hosting, with a 12-hour cache TTL and HSTS enabled. No JS-rendering risk: all pages return full HTML content to plain GET requests.

Cold-Knowledge Gap

The LLM prior knows Illumio as a Zero Trust Segmentation / microsegmentation company founded in 2013 by Andrew Rubin and PJ Kirner, with $650M+ funding and a $2.5B valuation. It cites products named Illumio Core, Illumio CloudSecure, and Illumio Endpoint -- none of which appear anywhere on the live site. The site has fully rebranded around Illumio Insights (AI cloud detection and response) and Illumio Segmentation (cloud/network breach containment). The prior knows nothing about the "Mythos" framework, the "breach containment" positioning shift, or the Insights Agent AI teammate product. The cold model also references JPMorgan Chase, Morgan Stanley, and Salesforce as customers; the site claims "more than 15 of the Fortune 100" but names only eBay, Cathay Pacific, Marriott Vacations Worldwide, QBE, and ServiceNow.

Schema Posture

The homepage carries a single Organization schema with basic NAP data (Sunnyvale address, phone, social profiles). The about page adds an AboutPage schema with founders and founding date. The blog uses BlogPosting schema with author, date, and keywords. The Illumio Insights product page has a strong SoftwareApplication schema with feature list and a 5-star Review from a Mondi Group manager. However, key pages lack schema entirely: the "Why Illumio" page and the platform page have zero JSON-LD. No FAQPage, Product, or BreadcrumbList schemas are used anywhere. The sitemap contains 2,292 URLs but the robots.txt blocks entire resource taxonomy paths (/*/resources-industries/*, /*/resources-products/*, /*/resources-topics/*, /*/resource-center/solution-brief/*, /*/resource-center/research-report/*) -- preventing AI crawlers from indexing the full resource library.

Content Signals

The site has aggressively repositioned around "breach containment" as the primary category, with "microsegmentation" as a supporting capability. The tagline "Breaches are Inevitable. Disasters are Optional." appears consistently. The blog is active (87 pages of articles, posts dated through May 2026) with rich content on the "Mythos" concept (AI-driven threats requiring containment over prevention). The resource center offers gated reports, guides, and briefs. FAQ patterns appear on most pages. However, the homepage's featured "Mythos" blog link is broken (404), and the canonical URL for that 404 page resolves to /404 rather than the intended blog path -- a structural issue that wastes crawler budget and undermines the site's own narrative.

Findings

1. Homepage featured blog link returns 404 error High

   The homepage prominently links to a blog post titled 'Mythos: Time to Rewrite the Entire Cybersecurity Model' that returns a 404 error. This creates a dead-end for AI crawlers and human visitors, wasting crawl budget and undermining the site's narrative.

   What to change: Fix the broken link by restoring the blog post or updating the homepage to point to a working URL.

2. LLM knowledge gap due to product rebranding High

   The LLM prior knows Illumio as a Zero Trust Segmentation company with products Illumio Core, CloudSecure, and Endpoint, but the live site has rebranded around Illumio Insights and Illumio Segmentation. The prior knows nothing about the 'Mythos' framework or the 'breach containment' positioning shift.

   What to change: Publish an llms.txt file and update external knowledge sources (e.g., Wikipedia, Crunchbase) to reflect the current product names and positioning.

3. Key pages lack structured data Medium

   The 'Why Illumio' and platform pages have zero JSON-LD schema. No FAQPage, Product, or BreadcrumbList schemas are used anywhere on the site, limiting AI understanding of page content.

   What to change: Add appropriate JSON-LD schemas (e.g., Product, FAQPage, BreadcrumbList) to all key pages.

4. Robots.txt blocks AI crawlers from resource library High

   The robots.txt disallows paths like /*/resources-industries/*, /*/resources-products/*, /*/resources-topics/*, /*/resource-center/solution-brief/*, and /*/resource-center/research-report/*, preventing AI crawlers from indexing the full resource library.

   What to change: Allow AI crawlers to access resource library paths by removing or relaxing the disallow rules for those paths.

5. No llms.txt file published Medium

   The site does not provide an llms.txt file, which is a recommended way to guide AI crawlers to important content and provide context about the site.

   What to change: Create and publish an llms.txt file that lists key pages and provides a brief description of the site for AI crawlers.

6. Site does not name specific customers despite claims Medium

   The site claims 'more than 15 of the Fortune 100' as customers but only names eBay, Cathay Pacific, Marriott Vacations Worldwide, QBE, and ServiceNow. The cold model references JPMorgan Chase, Morgan Stanley, and Salesforce, which are not mentioned on the site.

   What to change: Add a customer logo section or case study pages that list named customers to build credibility and provide structured data for AI.

7. 404 page uses canonical URL pointing to /404 Low

   The 404 page for the broken Mythos blog link has a canonical URL of /404 rather than the intended blog path, which wastes crawl budget and confuses search engines.

   What to change: Ensure 404 pages do not set a canonical URL or set it to the correct original URL if the page is restored.

8. FAQ patterns lack FAQPage schema Medium

   FAQ patterns appear on most pages but are not marked up with FAQPage schema, missing an opportunity for rich results in AI and search.

   What to change: Add FAQPage schema to pages with FAQ content to enable rich snippets.

9. No BreadcrumbList schema used Low

   The site does not use BreadcrumbList schema, which helps AI crawlers understand site structure and navigation.

   What to change: Add BreadcrumbList schema to all pages to improve navigation understanding.

10. Bytespider (ByteDance) blocked at Cloudflare edge Low

    Bytespider receives a 403 error, blocking content from ByteDance's AI crawler.

    What to change: Consider allowing Bytespider if the site wants visibility in ByteDance's AI products.

What's working

• All major AI crawlers receive full HTML content — GPTBot, ClaudeBot, PerplexityBot, Google-Extended, OAI-SearchBot, ChatGPT-User, Applebot-Extended, and anthropic-ai all receive a 200 response with identical byte size to a browser baseline, ensuring AI crawlers can access the site's content.
• Pages return full HTML content without JavaScript — All pages return full HTML content to plain GET requests, so AI crawlers do not need to execute JavaScript to see the content.
• Homepage has Organization schema with NAP data — The homepage includes an Organization schema with basic name, address, phone, and social profile information, helping AI crawlers identify the entity.
• Illumio Insights page has SoftwareApplication schema with review — The Illumio Insights product page includes a SoftwareApplication schema with feature list and a 5-star review from a Mondi Group manager, providing rich product information to AI.
• Blog posts use BlogPosting schema — Blog posts are marked up with BlogPosting schema including author, date, and keywords, which helps AI understand and surface blog content.
• Active blog with rich content on breach containment — The blog is active with 87 pages of articles dated through May 2026, covering the 'Mythos' concept and breach containment, providing substantial content for AI indexing.
• Consistent brand messaging around breach containment — The site consistently uses the tagline 'Breaches are Inevitable. Disasters are Optional.' and positions itself around breach containment, creating a clear narrative for AI to understand.
• Cloudflare hosting with HSTS and 12-hour cache TTL — The site uses Cloudflare with HSTS enabled and a 12-hour cache TTL, providing good performance and security for crawlers.