Category: ExtraHop Analysis

Detect Heartbleed Exploits with ExtraHop’s Free Download

April 11, 2014 | By Tyson Supasatit | Add a Comment

If you are responsible for secure web-based services, it is likely that you are scrambling to identify servers using OpenSSL versions 1.0.1 through 1.0.1f, trying to patch those servers, and reissuing certificates. ExtraHop can detect the heartbeats that are used in the Heartbleed exploit, revealing potential attacks against your SSL servers. This capability is available [...]

0

Continue Reading

DevOps Hearts Race While CISO Looks for Heartbleed

April 10, 2014 | By Vihar Chokshi | Add a Comment

I was in a meeting with a Chief Information Security Officer (CISO) of a large online company when the topic of Heartbleed came up. “How are you doing with this?” I asked him. The question obviously got his attention given the recent announcement of the popular OpenSSL cryptographic library’s vulnerability to steal protected information. He [...]

0

Continue Reading

HTTP Compression and Other ADC Optimization Wins

March 15, 2014 | By Tyson Supasatit | Add a Comment

Most enterprise IT organizations use application delivery controllers (ADCs) to improve the availability, speed, and efficiency of the IT infrastructure. However, ADCs offer limited metrics to help in tuning performance or troubleshooting problems. ExtraHop’s co-founders led the design of the BIG-IP v9 product and TMOS platform at F5 Networks, so we are perhaps more cognizant [...]

0

Continue Reading

How Retailers Can Protect Themselves from POS Malware

March 7, 2014 | By John Smith | Add a Comment

The Target data breach continues to garner headlines, with the most recent news being the resignation of the CIO. But while the scale of the breach was large, Target is hardly the first and won’t be the last to get hit with a persistent threat, according to Andrew Komarov of IntelCrawler: “More BlackPOS infections, as [...]

0

Continue Reading

Five Ways to Strengthen Healthcare IT Security with Wire Data Analytics

February 23, 2014 | By Mitchell Schwartz | Add a Comment

A Chicago Tribune article recently carried an ominous headline: “Healthcare organizations under siege from cyberattacks, study says.” According to the SANS-Norse report cited in the article, 375 healthcare organizations are currently comprised, with more expected to succumb as hackers target the growing amount of patient information from federal and state healthcare exchanges. The good news [...]

0

Continue Reading

Paying Down Technical Debt in Your IT Infrastructure

February 15, 2014 | By Tyson Supasatit | Add a Comment

The idea of “technical debt” is one of the most important things I learned from The Phoenix Project. Described as “a novel about IT, devops, and helping your business win,” the book has deeply influenced the IT operations community. In the simplest terms, technical debt is the result of not doing things right in the [...]

0

Continue Reading

ExtraHop Dominates Network World’s 2014 APM “Shootout”

February 5, 2014 | By Chris Blessington | Add a Comment

You’ve heard the old saying, “Never bring a knife to a gun fight.” Well, ExtraHop clearly had its guns blazing for Network World’s 2014 “APM Shootout” and won by a landslide. With an overall score of 4.8/5 (the closest competitor scored 3.9/5), the value, performance, and ease-of-use of ExtraHop’s wire data analytics platform crushed the [...]

0

Continue Reading

Monitoring at Scale: Questions You Should Ask Your Vendor

February 1, 2014 | By Tyson Supasatit | Add a Comment

The ExtraHop team was conducting on-site training recently and brought back a great validation of the importance of monitoring scalability: A SaaS provider for the healthcare industry is analyzing over 5 billion SQL transactions each day on a single ExtraHop appliance (even with one of our older hardware platforms). I’ll explain why this important later [...]

0

Continue Reading

Detecting Malware Such as BlackPOS with ExtraHop

January 31, 2014 | By Vincent Yesue | Add a Comment

A short time ago, Ken Westin at Tripwire wrote a great article about the high-profile credit card breach at Target. I’ve investigated how retailers design their systems to support large numbers of similar stores with few IT staff in each store, and Ken’s description of Target’s network sounded very familiar to me. While Target isn’t [...]

0

Continue Reading

Lean and Mean: Our Open-Source Enhancements to RPCAP

January 22, 2014 | By Kerry Bosworth | 1 Comment

Normally, IT organizations feed a copy of network traffic to the ExtraHop appliance using a SPAN or tap—a non-invasive, plug-and-play deployment that our customers love us for. But there are some scenarios where that is not possible. For these scenarios, we have a solution: A software tap that essentially mimics a traditional network tap by [...]

0

Continue Reading