Additional Info

CompanyExtraHop
Websitehttp://www.extrahop.com
Company size (employees)100 to 499
Type of solutionCloud/SaaS

Overview

ExtraHop Reveal(x) detects threats that other tools miss across cloud, on-premises, and hybrid environments by analyzing network data using a combination of real-time stream analysis, machine learning, and deep learning processes to understand the behavior of every device on the network in the context of the whole network.

Reveal(x) employs a Full-Spectrum Detection approach. Through real-time stream analysis at 100Gbps, Reveal(x) instantly detects urgent threats and CVEs. It then feeds the behavioral features and metrics captured from the network into a cloud-based ML system that builds sophisticated behavioral models of every device and peer group to detect stealthy attacks in a manner that attackers cannot disable or evade. Reveal(x) applies millions of machine learning models to 5,000+ features of data derived from 4-plus petabytes of anonymized threat telemetry collected from more than 15 million devices each day for higher fidelity detections, allowing understaffed security teams to focus on hunting and resolving high-priority threats.

According to a 2020 Total Economic Impact (TEI) Report conducted by Forrester Research, Reveal(x) decreases time to threat resolution by 84%. Reveal(x) gathers behavioral context and forensic data continuously in real time, and puts that information front and center for threat hunters.

Every detection features transaction contents, related detections, and access to full, decrypted packets for forensics. When network and cloud traffic is decrypted and analyzed in real time, Reveal(x) is able to expose the full spectrum of risks and eliminate blind spots with complete coverage. According to the Gartner Market Guide for NDR, only a small group of platforms have the ability to natively decrypt SSL/TLS traffic–ExtraHop one of them. Other vendors rely primarily on encrypted traffic analysis techniques, making the data that they are able to monitor less precise and detections prone to false positives.

How we are different

- Faster Detection & Response: Reveal(x) helps customers stop breaches 84% faster, and resolve threats with 59% less staff required. Reveal(x) accelerates response by providing vital details within immediate view and more context around every detection. With standard 90-days of transaction record lookback, investigators will have the data they need to quickly and confidently understand the scope and impact of a security incident or breach.
- Cloud native: Reveal(x) is the only cloud-native network detection and response solution, allowing users to gain visibility across their hybrid, on-premises, and remote/work-from-home systems and users in a single interface accessible through an internet browser.
- No agents required & no performance impact: Reveal(x) doesn’t require any agents to be installed on systems it monitors, and does not consume network or compute resources, unlike logging or agent-based solutions. Reveal(x) uses behavioral analysis rather than classical signatures, resulting in higher confidence detections and low-false.