ExtraHop, a leader in analytics for security and performance management, has announced the global availability of ExtraHop Reveal(x).
This new network security analytics product harnesses real-time wire data analytics and machine learning to analyse all network interactions for abnormal behaviour and identify critical assets in the environment.
With a three-in-one workflow optimised for discovery, correlation and investigation, Reveal(x) focuses the security analysts’ attention on the most important risks and streamlines response to limit exposure.
Security teams face a convergence of factors that complicate operations and decrease visibility. Hybrid and multi-cloud architectures increase agility but reduce operational control.
Encryption is vital but disguises both benign and malicious activities. A new source of insight is required for modern architectures, one that provides empirical evidence to help analysts triage and investigate threats with confidence and timeliness.
Reveal(x) delivers situational intelligence and automated investigation that turns the network into the most complete objective source of insight into the threats and vulnerabilities in your environment.
Unprecedented enterprise visibility
Reveal(x) analyses all network traffic across the entire application payload, identifying in real time all encrypted traffic, rogue nodes, IoT devices and BYOD systems. It analyses 40+ protocols, decrypting SSL and perfect forward secrecy (PFS) traffic and auto-discovers and auto-classifies all connected devices, keeping security teams focused on the most critical assets.
Advanced behavioural analytics
Utilising real-time analytics and advanced machine learning, Reveal(x) identifies abnormal behavioural patterns as they occur and correlates them against continuously monitored critical assets so that security teams can target the most immediate threats.
The Reveal(x) analytics-first workflow takes you from issue to associated packets in a matter of clicks. This simplicity replaces hours spent manually collecting and parsing through data, enabling real-time insights and rapid root cause determination. Global search and indexing provide immediate access to security insights. And ExtraHop integrates with your existing security infrastructure and automates response using Splunk, Phantom, Palo Alto, ServiceNow, Cisco, Ansible and others.
“Attack surfaces are expanding and the sophistication of attackers is increasing. There simply aren’t enough talented security professionals to keep up,” said Jesse Rothstein, CTO and co-founder, ExtraHop.
“Reveal(x) provides security teams with increased scrutiny of critical assets, detection of suspicious and anomalous behaviours and workflows for both automated and streamlined investigation. With the global availability of Reveal(x), we now enable practitioners across the world’s largest enterprises to do more with less by getting smarter about the data they already have.”
Reveal(x) addresses the gaps in security programmes by harnessing wire data, which encompasses all information contained in application transactions.
It auto-discovers, classifies, and prioritises all devices, clients and applications on the network and employs machine learning to deliver high-fidelity insights immediately. Anomalies are directly correlated with the attack chain and highlight hard-to-detect activities, including internal reconnaissance, lateral movement, command and control traffic and exfiltration.Click below to share this article