ExtraHop has launched a solution for threat visibility, detection, and response across multi-cloud, datacenter, and IoT deployments. With ExtraHop Reveal(x) Cloud, security operations teams can harness the power of the cloud to eliminate friction in finding and addressing threats across workloads, reduce tool sprawl associated with multi-cloud and hybrid cloud deployments, and accelerate the adoption of network detection and response (NDR) within their organizations.
“Today, more than 85 percent of organizations have workloads running in multiple cloud environments. By next year, it will be 98 percent. At the same time, the proliferation of IoT devices and the deployment of IT infrastructure across remote sites have vastly expanded the enterprise attack surface beyond cloud and data center deployments. Those challenges are compounded by the exponential increase in tooling and agents required to monitor and manage these deployments, particularly cloud workloads and IoT. Security operations teams have long viewed the cloud as part of the problem; with its latest features, ExtraHop is turning cloud into the solution,” the company said in a statement.
Reveal(x) Cloud is the first and only cloud-delivered, cloud-agnostic, and cloud-intelligent NDR platform providing immediate value and continuous protection across the entire attack surface. For the first time, SecOps teams can manage detection, investigation, and response via an integrated workflow with a SaaS-based solution that scales to the demands of the business. This cloud-native model removes points of friction for security operations itself, helps to break down silos between security, IT, and cloud infrastructure teams, and gives them the tools they need to move with the speed and agility the business demands.
- Cloud-Delivered: Reveal(x) Cloud reduces friction and accelerates time to value with a fully hosted NDR solution. The SaaS offering aggregates and analyzes data from sensors deployed across networks in data centers, remote offices, and multi-cloud environments, and it surfaces information in a single UI for seamless management across workloads. ExtraHop automatically updates detectors, threat intelligence feeds, and IoT profiles via the cloud, eliminating the need for manual intervention to ensure that policies or software on sensors are up to date.
- Cloud Agnostic: Reveal(x) Cloud integrates with AWS Traffic Mirroring, Google Cloud Packet Mirroring, and Microsoft Azure to deliver visibility, threat detection, and response capabilities across major cloud providers – as well as data centers and remote sites – in a single, SaaS-based management pane. This cloud-agnostic approach supports collaboration between security, IT, and cloud teams for better threat response across multi-cloud and hybrid deployments.
- Cloud Intelligence: Reveal(x) Cloud leverages the scale and scope of the cloud to provide 360-degree visibility and situational awareness across datacenter, remote site, multi-cloud, and IoT environments to monitor and respond to threats. Real-time intelligence derived from petabytes of anonymized threat telemetry collected daily makes our cloud-based machine learning uniquely reliable – all without impacting sensor performance. Cloud-scale ML provides more than 1 million predictive models for a typical enterprise deployment to identify suspicious behaviors and potential threats. A cloud record store provides streamlined investigation with index record search and query of data from every segment of the hybrid environment.
“Organizations should be able to easily secure their workloads across public, private, and hybrid clouds without requiring multiple tools or creating a management headache,” said Jesse Rothstein, ExtraHop co-founder, and CTO. “ExtraHop takes advantage of the virtually unlimited compute resources of the cloud to perform machine learning at scale across more than 15 million devices – and over four petabytes of threat telemetry per day – across our customer base to deliver global intelligence to prepare every security team, from the large enterprise to the midmarket, to handle both present and future threats.”
Reveal(x) Cloud for multi-cloud and hybrid cloud environments will be available in May 2020.