Additional Info

Company size (employees)500 to 999
Headquarters RegionNorth America


Cyber criminals pose a serious threat by remaining invisible within defenders’ own networks, as evidenced by recent high-profile attacks, including those against ​​SolarWinds, Kaseya, and the Colonial Pipeline, in which attackers hid their malicious behavior within encrypted channels. . ExtraHop is on a mission to help defenders take back the advantage with security that can’t be undermined, outsmarted, or compromised. Decryption of encrypted network traffic is one of the most powerful ways we’re able to do that. ExtraHop provides the only NDR platform that has the ability to natively decrypt SSL/TLS traffic, according to Gartner’s Market Guide for NDR. This differs from other vendors, who rely primarily on encrypted traffic analysis (ETA) techniques, making the data less precise, and their detections prone to false positives. ExtraHop Reveal(x) 360 applies cloud-scale ML and behavior models to all traffic following through the network–including encrypted channels–from core to cloud to edge, to help enterprises stay ahead of emerging threats and significantly reduce false positives.

Furthermore, with new expanded Reveal(x) Advisor services that provide threat detection and hunting capabilities alongside network assurance analysis, ExtraHop helps customers assess their cybersecurity maturity, clear their alert queues, and proactively hunt for threat activity across workloads.

ExtraHop’s partnerships with CrowdStrike and Exabeam offer powerful integrations to provide protection from the network to the endpoint and tightly aligns with our philosophy of adding the most value for our customers. We invest heavily in developing our robust REST APIs, our OpenDataStream technology, and our direct partnerships with other vendors to assure that customers can seamlessly integrate our NDR solution with the best tools for their other evolving security needs.

How we are different

ExtraHop is the only NDR provider that securely decrypts network traffic, according to the Gartner Market Guide for NDR. Strong encryption is critical to protecting sensitive business and personal data. Google estimates 95% of its internet traffic uses the encrypted HTTPS protocol and most industry analyst firms conclude that between 80-90% of network traffic is encrypted today. Unlike most decryption techniques, which are performed in-line and can raise both security and privacy concerns, Reveal(x) 360 decryption takes place out-of-band. Reveal(x) 360 is able to extract all relevant contextual data providing unparalleled security deductions and visibility into organizational traffic.

Addressing the larger societal issue of supply chain cyberattacks: A behavior transparency framework allows companies within the supply chain to detail the expected actions that the software will take on a device or on the network. This will help security analysts to develop a baseline of expected behavior and distinguish between expected noise and indications of compromise. In turn, security teams are given an advantage in identifying exploitation of unknown vulnerabilities in any proprietary or open-source software.

Industry leadership and recognition. According to IDC and Gartner, the NDR market is the second fastest growing cybersecurity market segment. The segment grew at 24% CAGR in 2020 and is expected to grow at a similar rate for at least the next three years. ExtraHop is among the top three companies in the segment by both revenue and growth rate. According to IDC, ExtraHop’s growth rate in 2020 significantly outpaced the segment, and ExtraHop was the fastest growing company in network detection and response. Also, the company's leadership around the MITRE ATT&CK framework, which is natively integrated into the ExtraHop Reveal(x) 360 interface, provides new guidance for organizations as they integrate NDR into their security operations.