Story image

ExtraHop Reveal(x) brings cutting-edge AI to network security analytics

15 May 18

ExtraHop, a leader in analytics for security and performance management, has now released Reveal(x), bringing all of the latest threat detection and anomaly reporting technologies to customers worldwide.

ExtraHop Reveal(x) is a purpose-built security analytics solution designed to help security practitioners improve visibility to their critical assets by 40% and cut investigation time from days to seconds.

At the core of Reveal(x) is ExtraHop analytics and machine learning technology that has been honed in the most demanding enterprise environments to deliver complete situational intelligence and to automate threat detection and investigation.

Traditional packet capture solutions rely on post-mortem analysis and workflows measured in days and weeks. They also tend to use flow-based network traffic analysis systems, which only analyse a fraction of the network data. This leads to incomplete insights in the alert queue and security teams face two problems: impractical analytics and junk data.

Those problems are unacceptable, particularly when attack surfaces are expanding and attackers are becoming more sophisticated, says ExtraHop CTO and co-founder Jesse Rothstein.

Lead by customers searching for more sophisticated threat detection, ExtraHop decided to take an innovative approach to network security by utilising wire data to capture a complete set of network data.

With the complete set of network data, the company then applies machine learning to analyse and correlate behaviour from the application to the device to the infrastructure. The combination wire data and advanced behavioural analytics delivers high fidelity insights in real-time and at scale.

"In security, your intelligence is only as good as the data source from which it's derived," comments 451 Research senior analyst Eric Ogren.

"The network is an ideal place to identify active computing devices and call out threats as they attempt to probe and communicate. ExtraHop Reveal(x) balances real-time critical asset insights with machine learning-based network traffic analytics to create visibility that will help security teams stay one step ahead of security incidents for those assets that matter most."

Reveal(x) delivers situational intelligence and automated investigation that turns the network into the most complete objective source of insight into the threats and vulnerabilities and includes:

Unprecedented Enterprise Visibility: Reveal(x) analyses all network traffic across the entire application payload, identifying in real-time all encrypted traffic, rogue nodes, IoT devices, and BYOD systems. It analyses 40+ protocols, decrypting SSL and perfect forward secrecy (PFS) traffic, and auto-discovers and auto-classifies all connected devices, keeping security teams focused on the most critical assets.

Advanced Behavioural Analytics: Utilising real-time analytics and advanced machine learning, Reveal(x) identifies abnormal behavioural patterns as they occur and correlates them against continuously monitored critical assets so that security teams can target the most immediate threats.

Automated Investigation: The Reveal(x) analytics-first workflow takes you from issue to associated packets in a matter of clicks. This simplicity replaces hours spent manually collecting and parsing through data, enabling real-time insights and rapid root cause determination. Global search and indexing provide immediate access to security insights. And ExtraHop integrates with your existing security infrastructure and automates response using Splunk, Phantom, Palo Alto, ServiceNow, Cisco, Ansible, and others.

ExtraHop Reveal(x) is available now in Singapore, Australia, South Korea, the UK, European Union, and North America via ExtraHop's value-added resellers and for an annual subscription.

For more about ExtraHop Reveal(x) click here or view a demo here.

Comms providers hit by most DDoS attacks in Q3 2018
New data indicates attackers preyed on the large attack surface of ASN-level communications service providers with a ‘bit-and-piece’ approach.
Check Point launches hyperscale network security solution
With Check Point Maestro, organisations can scale up their existing Check Point security gateways on demand.
Should AI technology determine the necessity for cyber attack responses?
Fujitsu has developed an AI that supposedly automatically determines whether action needs to be taken in response to a cyber attack.
Trend Micro’s telecom security solution certified as VMware-ready
Certification by VMware allows communications service providers who prefer or have already adopted VMware vCloud NFV to add network security services from Trend Micro.
Frost & Sullivan honours Honeywell's IIoT value creation
Frost & Sullivan has awarded Honeywell with the 2018 Global Customer Value Leadership Award for its work protecting industrial internet of things (IIoT) customers.
Top cybersecurity threats of 2019 – Carbon Black
Carbon Black chief cybersecurity officer Tom Kellermann combines his thoughts with those of Carbon Black's threat analysts and security strategists.
Google's €50m fine a wake up call for big data analytics
Data analytics are essential to company growth, competitive differentiation, and innovation. But there’s now a huge challenge.
UK security startup Barac sets sights on America
“Malware hidden in encrypted traffic is one of the biggest threats organisations are facing today,” says new EVP global sales.