cl-au logo
Story image

ExtraHop Reveal(x) brings cutting-edge AI to network security analytics

15 May 2018

ExtraHop, a leader in analytics for security and performance management, has now released Reveal(x), bringing all of the latest threat detection and anomaly reporting technologies to customers worldwide.

ExtraHop Reveal(x) is a purpose-built security analytics solution designed to help security practitioners improve visibility to their critical assets by 40% and cut investigation time from days to seconds.

At the core of Reveal(x) is ExtraHop analytics and machine learning technology that has been honed in the most demanding enterprise environments to deliver complete situational intelligence and to automate threat detection and investigation.

Traditional packet capture solutions rely on post-mortem analysis and workflows measured in days and weeks. They also tend to use flow-based network traffic analysis systems, which only analyse a fraction of the network data. This leads to incomplete insights in the alert queue and security teams face two problems: impractical analytics and junk data.

Those problems are unacceptable, particularly when attack surfaces are expanding and attackers are becoming more sophisticated, says ExtraHop CTO and co-founder Jesse Rothstein.

Lead by customers searching for more sophisticated threat detection, ExtraHop decided to take an innovative approach to network security by utilising wire data to capture a complete set of network data.

With the complete set of network data, the company then applies machine learning to analyse and correlate behaviour from the application to the device to the infrastructure. The combination wire data and advanced behavioural analytics delivers high fidelity insights in real-time and at scale.

"In security, your intelligence is only as good as the data source from which it's derived," comments 451 Research senior analyst Eric Ogren.

"The network is an ideal place to identify active computing devices and call out threats as they attempt to probe and communicate. ExtraHop Reveal(x) balances real-time critical asset insights with machine learning-based network traffic analytics to create visibility that will help security teams stay one step ahead of security incidents for those assets that matter most."

Reveal(x) delivers situational intelligence and automated investigation that turns the network into the most complete objective source of insight into the threats and vulnerabilities and includes:

Unprecedented Enterprise Visibility: Reveal(x) analyses all network traffic across the entire application payload, identifying in real-time all encrypted traffic, rogue nodes, IoT devices, and BYOD systems. It analyses 40+ protocols, decrypting SSL and perfect forward secrecy (PFS) traffic, and auto-discovers and auto-classifies all connected devices, keeping security teams focused on the most critical assets.

Advanced Behavioural Analytics: Utilising real-time analytics and advanced machine learning, Reveal(x) identifies abnormal behavioural patterns as they occur and correlates them against continuously monitored critical assets so that security teams can target the most immediate threats.

Automated Investigation: The Reveal(x) analytics-first workflow takes you from issue to associated packets in a matter of clicks. This simplicity replaces hours spent manually collecting and parsing through data, enabling real-time insights and rapid root cause determination. Global search and indexing provide immediate access to security insights. And ExtraHop integrates with your existing security infrastructure and automates response using Splunk, Phantom, Palo Alto, ServiceNow, Cisco, Ansible, and others.

ExtraHop Reveal(x) is available now in Singapore, Australia, South Korea, the UK, European Union, and North America via ExtraHop's value-added resellers and for an annual subscription.

For more about ExtraHop Reveal(x) click here or view a demo here.

Story image
Trend Micro integrates with AWS Network Firewall
As a Launch Partner, Trend Micro has integrated managed threat intelligence feeds from its cloud security solution to enable superior protection in line with this new AWS managed firewall service.More
Story image
Pure expands as-a-service offerings with focus on transparency
It aims to provide the economic benefits of cloud, along with those of Evergreen architecture including non-disruptive expansions and maintenance. More
Story image
Valtatech set to be Digital Workforce's primary channel partner for APAC
“Our partnership with Digital Workforce will ensure APAC businesses have access to and can leverage the right processes, skills and technology to transform their finance and procurement functions."More
Story image
Hands-on review: Bose Sport Earbuds
Despite not being noise-cancelling, the Sport Earbuds come with an abundance of features that make them a great option for anyone in the market for some premium, durable earbuds.More
Link image
Join Nintex on 3 December for Workflow Wonders: TLC for Kids
TLC for Kids is a charity that puts smiles back on childrens’ faces during times of illness. Learn how the charity leverages Nintex to free up resources so it can focus on what really matters. Nintex will donate A$5 for each registration to TLC for Kids! Find out more.More
Story image
Apple launches App Store Small Business Programme
Developers can qualify for the programme and a reduced 15% commission if they earned up to US$1 million in proceeds during the previous calendar year.More