Category: ExtraHop Analysis

Community: The Icing on Your ExtraHop & Why I’m Here

December 17, 2014 | By Colin Walker | 8 Comments

Some days I just frackin’ love what I do. Taking a figurative hammer to the metaphorical tough nut in the form of a complex problem and cracking that baby wide open is just plain fun. Getting to use wickedly cool technology to do so is just icing on the cake. Tasty, decadent icing. Whether it’s [...]

0

Continue Reading

Track the Entire Threat Lifecycle with ExtraHop + FireEye TAP

December 8, 2014 | By Chris Abella | Add a Comment

Visibility gets you many things: high-performing applications, faster remediation and, perhaps most importantly, peace of mind. That’s why we’re super excited to show off our recently announced partnership with the FireEye Threat Analytics Platform (TAP). Taking advantage of the ExtraHop Open Data Stream, we combine industry-leading security expertise from FireEye with the ExtraHop platform’s unprecedented [...]

0

Continue Reading

Detect and Track HTTP-based C&C Traffic for Backoff Malware

December 3, 2014 | By Mitchell Schwartz | Add a Comment

Roughly 1,000 retail companies have been impacted by the Backoff point-of-sale malware with costs related to data breaches totaling more than $150 million, according to a recent eWEEK article. If your organization relies on point-of-sale terminals, the best approach is to assume that your systems are already compromised and to look for malicious activity within [...]

0

Continue Reading

The Big Data Opportunity for Healthcare with HL7 Analytics

November 5, 2014 | By Tyson Supasatit | Add a Comment

If there’s any industry that stands to benefit from IT-enabled insights, it’s healthcare. However, traditional methods of analyzing healthcare operations data are costly, rigid, and complex. Clinical and operations data must first be logged in applications such as Cerner, Epic, PeopleSoft, LabMed, and Allscripts, and then cleansed and fit into a standard data model. When [...]

0

Continue Reading

Neuter the POODLE: Detect All SSLv3 Clients and Servers with ExtraHop

October 15, 2014 | By Tyson Supasatit | Add a Comment

Following on the heels of the Heartbleed and Shellshock exploits, the new POODLE vulnerability in SSL version 3.0 (SSLv3) is the latest to require IT teams to identify and patch vulnerable systems. Published by Google’s security team today (Tuesday, October 14), the POODLE vulnerability targets a version of SSL that is 15 years old but still [...]

0

Continue Reading

Monitor Shellshock Attempts with ExtraHop

September 27, 2014 | By Ryan Corder | Add a Comment

On Wednesday, NIST released information about a vulnerability in the GNU Bash shell that enables remote attackers to execute arbitrary code on the target system. For details, I recommend this excellent post from Troy Hunt: Everything you need to know about the Shellshock Bash Bug. One of the especially worrisome aspects of this vulnerability is [...]

0

Continue Reading

IT Is Drowning in Data, But Thirsty for Insight

September 12, 2014 | By Tyson Supasatit | Add a Comment

Water, water, every where, Nor any drop to drink. – The Rime of the Ancient Mariner IT teams have plenty of data. What they lack is visibility and insight. Over the past several weeks, ExtraHop has introduced two new capabilities that help IT organizations extract more value out of the data that they already have. [...]

0

Continue Reading

Why IT Needs a Culture of Healthy Paranoia

September 3, 2014 | By Tyson Supasatit | Add a Comment

There are three words to explain why IT professionals need a dose of healthy paranoia: Advanced. Persistent. Threat. The term “advanced persistent threat” was coined in 2006 to differentiate from hacktivists and opportunistic attacks. Advanced persistent threats bypass or thwart traditional IT security tools such as IPS/IDS and firewalls by using approved ports, stolen credentials, [...]

0

Continue Reading

See Who’s Using (or Abusing) Your Network

August 1, 2014 | By Anna Brown | Add a Comment

In our previous post, we explored how network issues can impact web application performance, and how you can use the free ExtraHop Discovery Edition to see if the network caused a web application slowdown. What’s even more interesting is to know why the network is performing so poorly. In other words, if the network switch died, [...]

0

Continue Reading

ExtraHop ♥ Visio Stencils

June 23, 2014 | By Jon Garrison | Add a Comment

Turning ideas into infrastructure means one thing to IT Architects, engineers, and technicians: diagrams. And usually the idea-to-infrastructure process begins with Visio. Before joining ExtraHop’s Solutions Architecture team, I was a network engineer. Every day revolved around those diagrams. Some days I was drawing the future (I hoped) and sometimes we would huddle nervously around [...]

0

Continue Reading