ExtraHop, provider of cloud-native network detection and response, announced that it has been identified as a ‘Representative Vendor’ in the second annual Gartner’s Market Guide for Network Detection and Response (NDR) report. NDR solutions “Enterprises should strongly consider NDR solutions to complement signature-based tools and network sandboxes. Many Gartner clients have reported that NDR tools have detected suspicious network traffic that other perimeter security tools had missed,” wrote Gartner security analysts, Lawrence Orans, Jeremy D’Hoinne, and John Chessman. “We live in a post-compromise world in which prevention-based approaches to security leave organisations woefully unprotected,” said Bryce Hein, Chief Marketing Officer (CMO) at ExtraHop. Full-spectrum detection, investigation and intelligent response Bryce adds, “With the rise of multi-cloud environments, the proliferation of IoT devices, and increasingly distributed operations, the ability to analyse East-West traffic is now a must have.” He further stated, “ExtraHop’s powerful combination of full-spectrum detection, advanced investigation, and intelligent response capabilities have quickly established Reveal(x) as the go-to network detection and response solution.” ExtraHop Reveal(x) ExtraHop Reveal(x) provides the visibility, speed, and scale that enterprises need to secure multi-cloud environments ExtraHop Reveal(x) provides the visibility, speed, and scale that enterprise security teams need to secure complex hybrid and multi-cloud environments against advanced multi-stage attacks. The approach uses stream processing to auto-discover and classify every transaction, user, session, device, and asset in the hybrid enterprise at up to 100 Gbps, with line-rate SSL/TLS decryption and continuous packet capture. Network detection and response ExtraHop Reveal(x) also uses the scalable computing resources of the cloud for Machine Learning and AI, applying millions of models to over 5,000 features of data derived from 4-plus petabytes of anonymised threat telemetry collected from more than 15 million devices and workloads worldwide every day. With the recently introduced Reveal(x) 360, ExtraHop now offers network detection and response as a fully hosted and managed SaaS solution.
ExtraHop, a provider of cloud-native network detection and response, announced the results of a SANS Institute survey, Network Visibility and Threat Detection. According to the report, more than 64 percent of respondents reported suffering at least one successful attack within the last year, and 59 percent believe a lack of network visibility poses a high or very high risk to their operations. Perhaps most concerning in light of the recent large-scale shift to remote work, 44 percent of respondents see employee desktops as the most likely attack vector. As enterprise organisations and government agencies grapple with how to enable, manage, and secure newly distributed remote workforces, network visibility is more critical than ever as they adjust to the new IT reality. Accessing enterprise resources The survey exposes key gaps in enterprise security, including that 98 percent of respondents are concerned about their ability to see into encrypted traffic, while over 80 percent identified east-west traffic and network connected devices as areas of opacity. “Having visibility of every device and how they are meant to behave on your network is crucial to understanding what constitutes normal traffic and what could be considered a deviation,” writes survey author Ian Reynolds. Bryce Hein, SVP of Marketing at ExtraHop, concurs. “At a time when organisations are rapidly transitioning to remote work and cloud usage is surging, network visibility has never been more critical,” said Hein. “Organisations need to be able to see into east-west traffic to identify threats in the growing number of cloud workloads, as well as get visibility into which devices are accessing enterprise resources. The fewer tools, less time, and less friction required to get that visibility, the better.” Cloud-based systems In addition to identifying critical gaps in network visibility, key survey findings include: 40 percent of respondents identified cloud-based systems as a potential entry point for malicious actors Growing complexity within the enterprise environment. Over 93 percent of respondents indicated that they manage more than a thousand endpoints, and almost 90 percent manage between hundreds to thousands of servers. Lack of cloud visibility affects security posture. 40 percent of respondents identified cloud-based systems as a potential entry point for malicious actors. At the same time, only 17 percent reported high visibility into their lateral communication inside their network (east–west traffic), including all cloud traffic. Need to reduce tool sprawl. The majority of companies use tooling from more than 10 vendors, with nearly one-fifth utilising more than 20.68 percent of respondents expressed a desire to reduce the complexity of their systems by reducing the overall number of tools involved in their operations. More network visibility The survey also found that, while organisations want more network visibility, there are operational impediments. Lack of staff (62 percent), lack of time, including having other issues with greater importance, (51 percent) and lack of appropriate skills in the existing staff (46 percent) were the leading concerns. According to Reynolds, machine learning will play a key role in overcoming these challenges. “Choose tools that use machine learning to provide improved analytics for access to the right data in less time,” he writes. “This might assist in meeting staffing concerns and provide faster resolution of unexpected behaviours, threats and incidents.”
ExtraHop, global provider of analytics for security, is upending the SOC status quo at the Black Hat USA 2018 Conference. The company will be showcasing its Reveal(x) network traffic analytics (NTA) solution at Booth 1004, demonstrating how real-time analytics and machine learning eliminate the dark space within the enterprise. ExtraHop has received industry recognition from Gartner, EMA, and Ovum as these and other major industry organisations recognise the need for NTA at enterprise scale. Black Hat USA 2018 The ExtraHop booth at Black Hat USA will feature a series of industry thought leadership presentations from Phantom, Ixia, and others speaking on the rapidly emerging role of NTA in the enterprise SOC, the importance of TLS 1.3 decryption for security visibility, and the power of orchestration automation. Special sessions will occur throughout the day at Booth 1004 on August 8 and 9, 2018. "Security teams are drowning in alerts and many are left without the resources they need to stay ahead of attackers," said Bryce Hein, SVP of Marketing at ExtraHop. "Threat hunting in the modern attack landscape is not possible without enterprise-class network traffic analytics, making NTA a must-have for the modern enterprise SOC." Reveal(x) network traffic analytics ExtraHop Reveal(x) significantly reduces dwell time by highlighting late-stage attack activities and shining light on the darkspace in the enterprise ExtraHop Reveal(x) significantly reduces dwell time by highlighting late-stage attack activities and shining light on the darkspace in the enterprise—the hard-to-see areas of the network along the east-west corridor. Through comprehensive analysis of network traffic, Reveal(x) automatically identifies attack behavior, delivering high-fidelity insights into threats to critical assets. By merging insights into investigative workflows, Reveal(x) helps security operations teams shrink detection and response times, disrupt threat activity, and identify ways to reduce the attack surface. Analyst Recognition ExtraHop was listed as a Sample Vendor in the Gartner "Hype Cycle for Threat-Facing Technologies, 2018" report. ExtraHop was named in the Network Traffic Analysis (NTA) category. According to the Gartner report, "NTA solutions are valuable tools that assist network security professionals in the detection of compromised endpoints and targeted attacks that have not been seen in the past. These tools have limited blocking ability, or none at all (because they are implemented outside of the line of traffic), but they are effective in shortening the incident response window and reducing the dwell time of malware." The recent analyst report from EMA titled: Radar Report for Network-Based Security Analytics: Q3 2018 identified ExtraHop Reveal(x) as a ‘Value Leader’ and ‘Vendor to Watch,’ noting that, ‘Reveal(x) exhibited strong functionality due to its impressive feature differentiation, out-of-box reporting, and high-performance sustained data capture and processing.’ Leading European analyst group Ovum touted Reveal(x) in a recent report stated, “It analyzes all network interactions, applying machine learning to detect abnormal behavior, and then automates basic functions to streamline threat investigations. The launch of Reveal(x) takes ExtraHop into the network detection and response (NDR) market.” Customers Choose Reveal(x) Global 2000 customers are already using ExtraHop Network Traffic Analytics to modernise their programs and protect their enterprises Global 2000 customers are already using ExtraHop Network Traffic Analytics to modernise their programs and protect their enterprises. A top provider of life insurance in the United States is using Reveal(x) as the cornerstone of their next-generation SOC, while other ExtraHop customers report improving their security visibility by as much as 75 percent and reducing time to detect threats by as much as 95 percent. Industry Accolades Reveal(x) has also won numerous cybersecurity industry awards in the last six months including the AI Breakthrough Award for Best AI Solution for CyberSecurity, 2018 Fortress Cyber Security, Best of Citrix Synergy 2018, and was named to the 2018 JMP Securities Super 70 List.
ExtraHop, specialising in analytics for security and performance management, has announced it has been recognised by Gartner in the Visionaries quadrant of the ‘Magic Quadrant for Network Performance Monitoring and Diagnostics’. For the second consecutive year, ExtraHop is positioned furthest to the right on the completeness of vision axis in the entire Magic Quadrant. “From our view, ExtraHop has built a reputation as a disruptor, delivering unmatched scale and accuracy that keeps our customers focused on the assets and information that matter most. We are proud that Gartner has recognised ExtraHop as Visionary in the NPMD market for the second year in a row," said Arif Kareem, CEO, ExtraHop. "We view the network as a powerful source of insight for IT and security operations – not just traditional performance management – and we're combining machine learning with highly scalable workflows to deliver true security and operational intelligence. We feel that our placement in the 2018 Gartner Magic Quadrant for Network Performance Monitoring and Diagnostics recognises our vision.”The network has never been a more powerful source of intelligence for the enterprise Security risk mitigation The world’s leading businesses trust ExtraHop to deliver the insight required for a secure and high-performance enterprise. The company’s differentiated approach to combine an analytics-first workflow with machine learning to surface insights and threats within the enterprise, helping networking, IT, and security teams optimise performance and minimise security risk. The ExtraHop platform analyses every digital interaction on the network, from the data centre to the cloud to the branch office, turning this vital data into the most timely, definitive, and complete source of business intelligence. “The network has never been a more powerful source of intelligence for the enterprise, and ExtraHop delivers on that promise,” said Bryce Hein, Senior Vice President of Marketing at ExtraHop. “Our AI leads the industry in delivering insight at scale for performance and security. We were the first vendor to support PFS decryption at line rate. Our hybrid and cloud deployment supports the reality of modern architectures. We are the analytics vendor our global customers trust to deliver a secure, high-performance enterprise.”