• Privacy Policy
Sunday, January 29, 2023
Data Centre & Network News
ADVERTISEMENT
  • Data Centres
  • Networking
  • Infrastructure
  • Data
  • Media Kit
  • Events
  • SUBSCRIBE
  • Contact
No Result
View All Result
  • Data Centres
  • Networking
  • Infrastructure
  • Data
  • Media Kit
  • Events
  • SUBSCRIBE
  • Contact
No Result
View All Result
Data Centre & Network News
No Result
View All Result

ExtraHop Reveal(x) sheds light on the darkspace

Has a new bar for network traffic analytics at an enterprise scale really been set?

Jessica Foreman by Jessica Foreman
June 20, 2018
in Security
9 0
0
Share on FacebookShare on Twitter

ExtraHop announces Reveal(x) to be launched in summer 2018, which the company say is setting a new bar for Network Traffic Analytics at enterprise scale. The maker says its latest release includes new capabilities designed to modernise enterprise security operations with critical asset behaviour analysis that instantly surfaces the highest-risk threats, even those hiding within encrypted traffic. With this high-fidelity insight, ExtraHop has professed that security operations teams can zero in on critical threat patterns and investigate down to the root cause in seconds, not days.

Between 2017 and 2018, threat dwell time in the enterprise increased to 101 days, according to FireEye’s M-Trends 2018 Report. The Verizon Data Breach Investigations Report noted, ‘in many cases, it’s not even the organisation itself that spots the breach — it’s often a third party, like law enforcement or a partner. Worst of all, many breaches are spotted by customers.’

The company says its Reveal(x) release will significantly reduce dwell time by highlighting late stage attack activities, shining light on the ‘darkspace’ in the enterprise – the hard-to-reach areas of the network along the East-West corridor. Through comprehensive network traffic analytics, Reveal(x) is set to deliver real-time visibility and high-fidelity insight into threats to your critical assets throughout the hybrid enterprise. The new ‘headlines’ dashboard prioritises speed and accuracy, eliminating the fake news fire drills from other tools by highlighting the highest-risk detections correlated with external and industry threat intelligence. The company has announced that other key new features in the summer 2018 release include:

  • TLS 1.3 support: As of 2017, 41% of cyber-attacks used encryption to evade detection, so the ability to detect threats within encrypted traffic is even more critical. With the latest release, Reveal(x) claims to be the only solution that offers out-of-band decryption at up to 100 Gbps and supports the requirements of the new TLS 1.3 protocol as well as decryption of perfect forward secrecy.
  • Need-to-know decryption: Respect for privacy is simple now that authorised threat hunters and forensic investigators can be given rights to look inside suspicious packets for authoritative evidence (including content and user information), while other analysts only see the detections and metadata insights gleaned from the decrypted traffic.
  • Network privilege escalation detection: Reveal(x) is said to identify changes to behaviour that indicate an attacker has compromised a device, escalated access rights, and is using these higher privileges to explore and attack within the enterprise. The company say that Reveal(x) now infers escalation attempts on critical assets automatically based on changes in device behaviour, commands, and protocol use, enabling detection of attacks underway and allowing SecOps teams to contain them before damage is done.
  • Peer group anomaly detection: Reveal(x) claims to automatically correlate device behaviour against peer devices for more precise assessment of anomalous behaviour, leveraging auto-discovery and classification of critical assets. This strong outlier validation, the company says, improves insider threat and compromises host detection and enriches Reveal(x)’s investigative workflows with critical asset context that helps SecOps collaborate

“Today’s threat actors are taking advantage of vast attack surfaces that extend across every endpoint from the branch office to the datacentre or the cloud and too often they operate unnoticed,” says Jesse Rothstein, CTO and co-founder, ExtraHop. “At ExtraHop we’ve spent years developing technology that can analyse the entire network in real time – every critical asset and every transaction so that there are no blind spots. With Reveal(x) Summer 2018, we’ve applied that deep domain expertise to security operations, closing the visibility gap and surfacing the accurate, targeted information that allows SecOps teams to act quickly and with confidence.”

Share4Tweet2Share1

Related Posts

Three steps to protect your organisation from wiper malware

Three steps to protect your organisation from wiper malware

January 26, 2023
59
Six Degrees welcomes new advisor to its ranks

Six Degrees welcomes new advisor to its ranks

January 24, 2023
45
Vívaro Telecom teams up with MDC Data Centers in San Diego

Vívaro Telecom teams up with MDC Data Centers in San Diego

January 18, 2023
54
cyber secure

IT industry revealed as the least cyber-secure industry in the UK

January 13, 2023
86
University of Kent mitigates cyber attacks with Britannic

University of Kent mitigates cyber attacks with Britannic

January 12, 2023
76
The Agriculture and Horticulture Development Board takes its disaster recovery to pastures new

The Agriculture and Horticulture Development Board takes its disaster recovery to pastures new

January 11, 2023
47
Next Post

Vodafone sets 5G trials but is in no rush to roll it out

The rise of the collaborative contact centre

ADVERTISEMENT
New study examines application connectivity security in the cloud
Cloud

New study examines application connectivity security in the cloud

January 27, 2023
36
Ground Labs introduces Enterprise Recon 2.8
News

Ground Labs introduces Enterprise Recon 2.8

January 26, 2023
45

Head office & Accounts:
Suite 14, 6-8 Revenge Road, Lordswood
Kent ME5 8UD
T: +44 (0)1634 673163
F: +44 (0)1634 673173

Cloud

New study examines application connectivity security in the cloud

January 27, 2023
36
News

Ground Labs introduces Enterprise Recon 2.8

January 26, 2023
45
  • Privacy Policy

© 2023 All Things Media Ltd.

No Result
View All Result
  • Data Centres
  • Networking
  • Infrastructure
  • Data
  • Media Kit
  • Events
  • SUBSCRIBE
  • Contact

© 2023 All Things Media Ltd.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Cleantalk Pixel
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.