ExtraHop Networks is an enterprise cyber analytics company headquartered in Seattle, Washington. ExtraHop helps organizations understand and secure their environments by analyzing all network interactions in real time and leveraging machine learning to identify threats, deliver critical applications, and secure investments in the hybrid cloud.
The core of ExtraHop technology is a passive network appliance that uses a network tap or port mirroring to receive network traffic, and then performs real-time full-stream reassembly to extract application-level protocol metrics and other custom-specified information contained in the transaction payload.
Reveal(X) – Network Detection and Response for a Secure Enterprise
Cloud adoption, tool sprawl, and increasingly advanced encryption are challenging resource-strapped security teams to rise above the noise of legacy tools and workflows so they can protect and accelerate their hybrid enterprise.
ExtraHop Reveal(x) is the industry leader in Network Detection and Response (NDR), providing complete east-west visibility, real-time threat detection inside the perimeter, and guided investigation through network traffic analysis (NTA) at scale.
Reveal Threats Inside.
ExtraHop Reveal(x) uses stream processing to auto-discover and classify every transaction, session, device, and asset in your enterprise at up to 100Gbps, decoding over 70 enterprise protocols and extracting over 4,800 features to keep our machine learning accurate and precise.
- Automatically detect new, rogue, and unmanaged devices so you always know what’s active in your network.
- Comprehensively detect late-stage attack activities using ML-based behavior, rules, and custom triggers.
- Assess relevant context and evidence in clicks so any analyst can easily resolve incidents with confidence.
Rise above the noise
Reveal(x) ensures an always up-to-date inventory with no manual effort by auto-discovering and classifying everything on the network.
Peer Group Detections
By automatically categorizing devices into highly specific peer groups, Reveal(x) can spot strange behavior with minimal false positives.
Perfect Forward Secrecy Decryption
Reveal(x) decrypts SSL and TLS 1.3 encryption passively and in real time so you can maintain compliance with full visibility into encrypted threats.
Advanced Machine Learning
With machine learning using 4,800+ features, Reveal(x) detects, prioritizes, and surfaces threats correlated against your critical assets.
Reveal(x) contextualizes detections from an entire transaction with threat intelligence, risk, and asset value for easier triaging and response.
Confident Response Orchestration
Reveal(x) handles detection and investigation while powerful integrations with solutions like Phantom and Palo Alto Networks help you automate remediation.
Reveal(X) Cloud – SaaS-based Threat Detection and Response
ExtraHop Reveal(x) Cloud is a SaaS-based solution that helps organizations adopt a cloud-first approach to protecting their hybrid attack surface.
With inside-the-perimeter threat detection, investigation, and response across Virtual Private Clouds (VPC), workloads, and AWS accounts, security teams can secure their applications and confidently scale their hybrid business.
Security for The Cloud-First Enterprise
ExtraHop Reveal(x) Cloud deploys immediately and requires no configuration or operational management. As soon as Reveal(x) Cloud runs in your AWS environment, you’ll gain continuous asset discovery and classification, real-time analysis across all workloads and into SSL/TLS encrypted traffic, and threat detection backed by machine learning.
- Instantly and automatically discover all cloud workloads with zero operational management
- Analyze cloud-based application content and payload in real time, with SSL/TLS decryption at scale
- Easily investigate threats with ML-driven detections plus integrations with orchestration platforms & more
Rise above the noise of cloud
Hybrid Cloud Security
Access and analyze all cloud-based transactions using the same interface as on-prem infrastructure.
Inventory and Configurations
Automatically discover and classify all cloud assets, track rogue instances, and flag exposed resources.
Hygiene and Compliance
Keep detections in tune with your unique policies with easily customizable alerts and dynamic activity groups.
Decryption and Decoding
Decrypt all SSL/TLS-encrypted traffic and decode 70+ enterprise protocols for comprehensive risk management.
Identity and Access Management
Analyze Active Directory payloads to automatically flag indicators of credential harvesting and brute force attacks.
Automate security settings and limit tool sprawl by integrating with AWS CloudTrail, Amazon CloudWatch and VPC Flow Logs, orchestration systems, and more.
The ExtraHop Performance Platform
As enterprises scale to support a seamless digital experience despite unprecedented complexity, IT must move from awareness, to understanding, to action faster than ever before. The ExtraHop Performance Platform transforms the network into a comprehensive source of truth that takes you from insight to answers in a matter of seconds.
With enterprise performance analytics powered by machine learning and robust integrations for investigation automation, ExtraHop Performance helps you deliver a world-class customer experience from Core to Edge to Cloud.
Realize the potential of your enterprise
The ExtraHop Performance Platform provides real-time visibility into everything from database to cloud traffic by securely decoding over 70 enterprise protocols, including SSL/TLS-encrypted sessions, at line rate (100 Gbps).
Using stream processing, ExtraHop transforms your network data in flight into structured wire data while machine learning helps you uncover and respond to hidden problems and opportunities with zero impact to performance.
- Auto-discover and classify every asset from the data center to the cloud
- Detect performance anomalies with machine learning trained on 4700+ wire data metrics
- Pivot from contextualized insights to forensic-level evidence in seconds
Rise above the competition
With a dynamic, real-time view of all transactions in your environment, every team from NetOps to SecOps can spot and solve problems fast.
ExtraHop decrypts SSL/TLS (including TLS 1.3) in real time so you can ensure both security compliance and full visibility for troubleshooting.
Answers In One Place
From a high level map of all assets in your environment to specific packet payloads for incident remediation, our enterprise analytics deliver both context and precision in a single UI.
Advanced Machine Learning
Machine learning guided on the most objective, complete data source provides high-fidelity analytics that cut through the noise of false positives.
Predictive Anomaly Detection
ExtraHop learns how a device should behave based on empirical, observed activity, then surfaces unusual behavior with full context of what will be affected and why.
Integrate with other analytics tools as well as orchestration platforms so you can automate response workflows and easily scale limited resources.