ExtraHop Extends Response, Forensics with Deep Threat Insights for Hybrid Cloud

ExtraHop, a leader in cloud-native network detection and response (NDR), announced new features and offerings that provide deep forensic insight for advanced threat response activity.

New Reveal(x) 360 Threat Briefings deliver one-click incident response reports to investigate critical CVEs and exploits retroactively, while the introduction of Reveal(x) 360 Ultra Sensors to Amazon Web Services (AWS) workloads provides highly scalable, SaaS-based detection, response and forensic investigation capabilities.

ExtraHop also is making forensic data available to AWS customers with ExtraHop Packet Basics, a free packet capture product available exclusively on the AWS Marketplace.

These innovations focus on assisting strapped security teams with the investigation into and remediation of advanced threats.

According to a recent report from ESG Research, top threat detection and response goals include improving detection of advanced threats (34 percent) and improving the mean time to respond to threats (29 percent). Incident response teams need better threat detection and response efficacy, especially as it relates to advanced persistent threats that move laterally across networks over extended periods of time.

ExtraHop says it is the only NDR provider with the ability to look back 90-days to assess the “blast radius” for critical CVEs, exploits, and zero days. New in-product Threat Briefing reports include comprehensive information about the threat and highlight potentially vulnerable devices on the network. They also include detections associated with the threat and recommended remediation actions for recent incidents like the REvil (Kaseya) ransomware campaign and Microsoft’s PrintNightmare vulnerability. The Threat Briefing and embedded detectors help security teams know the impact footprint which in turn drives a decisive incident response process.

With 84 percent of organizations planning to migrate more workloads and data to cloud-based models within a year, cybersecurity teams need a plan for network security in the cloud. The ability of cybercriminals to proliferate attacks via cloud infrastructure means teams need packet-level visibility into their network to track north-south and east-west movement and a means for incident response. Reveal(x) 360 Ultra Sensors give users all the security capabilities of ExtraHop’s flagship cloud NDR solution plus packet capture forensics. It provides streamlined deployment for AWS users and always-on incident response tools.

For recent attacks like the REvil (Kaseya) ransomware campaign, which didn’t cause detections to fire, continuous packet capture enabled analysts to go back in time and inspect packets for proper forensics. ExtraHop Packet Basics is a free solution for AWS that provides incident responders, threat hunters, and investigators with richer forensic detail than what is available in logs and data from agents and firewalls. Available on AWS Marketplace, ExtraHop Packet Basics can be deployed in an AWS environment with the click of a button.

All product innovations are available now. For more information, go www.extrahop.com.