sb-eu logo
Story image

ExtraHop listed as Representative Vendor in Gartner guide

23 Jun 2020

Gartner’s Market Guide for Network Detection and Response (NDR) has named ExtraHop as a Representative Vendor this year.

ExtraHop is recognised for its capabilities including full-spectrum detection, advanced investigation, and intelligent response, as included in the company’s Reveal(x) network detection and response solution.

“Enterprises should strongly consider NDR solutions to complement signature-based tools and network sandboxes. Many Gartner clients have reported that NDR tools have detected suspicious network traffic that other perimeter security tools had missed,” explain Gartner analysts Lawrence Orans, Jeremy D’Hoinne, and John Chessman.

ExtraHop RevealX uses stream processing to auto-discover and classify every transaction, user, session, device, and asset in the hybrid enterprise at up to 100 Gbps, with line-rate SSL/TLS decryption and continuous packet capture. 

ExtraHop adds that the offering also uses the scalable computing resources of the cloud for ML and AI, applying millions of models to more than 5,000 features of data derived from 4-plus petabytes of anonymised threat telemetry, collected from more than 15 million devices and workloads worldwide every day. 

ExtraHop also recently announced Reveal(x) 360 as a fully hosted and managed software-as-a-service (SaaS) solution.

“We live in a post-compromise world in which prevention-based approaches to security leave organisations woefully unprotected,” comments ExtraHop CMO Bryce Hein. 

“With the rise of multi-cloud environments, the proliferation of IoT devices, and increasingly distributed operations, the ability to analyse East-West traffic is now a must have.”

The company recently announced a partnership with CrowdStrike, which will combine ExtraHop Reveal(x) and CrowdStrike Falcon for combined detection and response capabilities from the network to the endpoint.

The partnership enables real time detection across a network, instant threat response, and continuous endpoint visibility.

“The threat environment continues to grow in complexity as sophisticated cyber adversaries advance their attack techniques, evading security controls and gaining access to corporate networks,” says CrowdStrike vice president of worldwide business development and channels, Matthew Polly.

“Comprehensive visibility and real-time threat detection that allow for fast investigation and response at scale are imperative for organisations to spot and stop threats quickly.”

“Through this partnership, CrowdStrike and ExtraHop are providing customers the ability to identify and respond to malicious activity across the entire attack surface with a fully cloud-native integration that allows them to adapt with speed and agility.”

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation.