ExtraHop named a leader in the Gartner® Magic Quadrant™ for Network Detection and Response

Search
Get a Demo
Menu iconX icon
  • Platformchevron right
  • Solutionschevron right
  • Modern NDRchevron right
  • Resourceschevron right
  • Companychevron right
User iconSign In
Contact Us

Welcome to the ExtraHop Blog

image representing the top featured blog post

ExtraHop Named a Leader in the Gartner® Magic Quadrant™ for Network Detection and Response Two Years Running

May 21, 2026

Discover why ExtraHop was named a Leader in the 2026 Gartner® Magic Quadrant™ for Network Detection and Response (NDR) for the second consecutive year.
GartnerNDR
image representing this featured blog post

Defensibility in the Age of Machine-Speed Decisions

May 13, 2026

Speed is no longer the SOC's hardest problem. Defensibility is. Why CISOs need to rethink the data foundation behind every machine-speed security decision.

NDRRevealXNetwork SecurityThreat IntelligenceNetwork Visibility
image representing this featured blog post

The AI Traffic Explosion: How to Close the Security Gap Before Attackers Exploit Them

May 18, 2026

Legacy security sensors weren't built for AI-scale traffic. Learn how unmonitored gaps are giving attackers room to operate and what closing those gaps actually requires.

Network Detection and ResponseNetwork VisibilityThreat DetectionSOC
image representing this featured blog post

The Data Layer is Becoming the Performance Ceiling for Agentic AI in Security Operations

May 18, 2026

The bottleneck for the agentic SOC is the quality of the data your agents are asked to reason over. Why the data layer is becoming the limiting factor.

NDRRevealXNetwork SecurityThreat IntelligenceNetwork Visibility
lock Icon

Anatomy of an Attack

post image

The DINDOOR Backdoor

May 12, 2026

Iranian APT MuddyWater (Seedworm) is targeting organizations with a new, undocumented backdoor called DINDOOR. Discover how this campaign exploits the Deno runtime and Rclone for cloud exfiltration to bypass EDR, and learn how network detection and response (NDR) can help provide the visibility needed to stop these stealthy threats.

cover image for The Copy Fail: Linux Kernel Local Privilege Escalation
The Copy Fail: Linux Kernel Local Privilege Escalation

May 4, 2026

Uncover the "Copy Fail" logic flaw (CVE-2026-31431) that enables instant root access on nearly all major Linux distributions. Learn how this vulnerability bypasses file integrity monitoring and why network-based behavioral analysis is critical for securing containerized and cloud environments.

cover image for The MIMICRAT CLICKFIX Campaign
The MIMICRAT CLICKFIX Campaign

April 28, 2026

Expose how the MIMICRAT campaign weaponizes compromised financial sites and ClickFix lures to deploy fileless malware. See how ExtraHop RevealX provides the network-level ground truth to detect telemetry suppression and stealthy C2 patterns that bypass EDR.

cover image for The Chrysalis Backdoor and the Notepad++ Supply Chain Hijack
The Chrysalis Backdoor and the Notepad++ Supply Chain Hijack

April 6, 2026

Unmask the Chrysalis backdoor and the sophisticated Notepad++ supply chain hijack orchestrated by Lotus Blossom. Learn how these state-sponsored attackers bypass traditional defenses and why network-level visibility is the ultimate key to stopping them.

cover image for CHAOS in a BLACKSUIT—Triple Extortion Ransomware
CHAOS in a BLACKSUIT—Triple Extortion Ransomware

March 11, 2026

Discover how the Chaos threat group utilizes triple extortion to pressure victims. See how ExtraHop RevealX provides the decryption and network visibility required to expose these stealthy attackers before data is leaked.

cover image for From the Wire to the Data Center: Unmasking UNC5221 and the BRICKSTORM Backdoor
From the Wire to the Data Center: Unmasking UNC5221 and the BRICKSTORM Backdoor

February 20, 2026

Discover how UNC5221 exploits vCenter and ADFS. See how ExtraHop RevealX decrypts authentication protocols to expose the threat actors.

cover image for DarkSpectre
DarkSpectre

February 4, 2026

Defend your supply chain against DarkSpectre’s evolving browser-based threats. This deep dive covers operational pillars like "The Zoom Stealer," MITRE ATT&CK TTPs, and actionable remediation strategies using allow-lists and network-centric security.

cover image for Anatomy of an Attack: European Cyber Threat Landscape: December 2025
Anatomy of an Attack: European Cyber Threat Landscape: December 2025

January 14, 2026

Explore how specialized cyber operations in December 2025 weaponized BitLocker and used traffic mimicry to target critical infrastructure in Romania, France, and the UK. Learn how ExtraHop RevealX detects these "Living off the Land" tactics and supply chain breaches.

cover image for SHADOW-VOID-042 Campaign Uses Deceptive Update Lures in Targeted Global Espionage
SHADOW-VOID-042 Campaign Uses Deceptive Update Lures in Targeted Global Espionage

January 8, 2026

Stop the SHADOW-VOID-042 espionage campaign. See how this Void Rabisu-linked threat uses deceptive lures and zero-days. Learn how ExtraHop decodes 90+ protocols @ 100 Gbps to catch it.

cover image for CVE-2025-55182: How ExtraHop Detects React2Shell RCE Exploits
CVE-2025-55182: How ExtraHop Detects React2Shell RCE Exploits

December 9, 2025

React2Shell (CVE-2025-55182) is a CVSS 10.0 RCE flaw in Next.js and React Server Components. See how ExtraHop NDR decrypts the payload and detects post-exploit credential theft.

View AllArrow pointing right

Explore Topics

magnifying glass icon
post image

ExtraHop Named a Leader in the Gartner® Magic Quadrant™ for Network Detection and Response Two Years Running

May 21, 2026

Discover why ExtraHop was named a Leader in the 2026 Gartner® Magic Quadrant™ for Network Detection and Response (NDR) for the second consecutive year.

GartnerNDR
post image

The Data Layer is Becoming the Performance Ceiling for Agentic AI in Security Operations

May 18, 2026

The bottleneck for the agentic SOC is the quality of the data your agents are asked to reason over. Why the data layer is becoming the limiting factor.

NDRRevealXNetwork SecurityThreat IntelligenceNetwork Visibility
post image

The AI Traffic Explosion: How to Close the Security Gap Before Attackers Exploit Them

May 18, 2026

Legacy security sensors weren't built for AI-scale traffic. Learn how unmonitored gaps are giving attackers room to operate and what closing those gaps actually requires.

Network Detection and ResponseNetwork VisibilityThreat DetectionSOC
post image

Defensibility in the Age of Machine-Speed Decisions

May 13, 2026

Speed is no longer the SOC's hardest problem. Defensibility is. Why CISOs need to rethink the data foundation behind every machine-speed security decision.

NDRRevealXNetwork SecurityThreat IntelligenceNetwork Visibility
post image

Anatomy of an Attack

The DINDOOR Backdoor

May 12, 2026

Iranian APT MuddyWater (Seedworm) is targeting organizations with a new, undocumented backdoor called DINDOOR. Discover how this campaign exploits the Deno runtime and Rclone for cloud exfiltration to bypass EDR, and learn how network detection and response (NDR) can help provide the visibility needed to stop these stealthy threats.

RevealXNDRNetwork Detection and ResponseThreat HuntingNetwork SecurityAnatomy of an Attack
post image

Your Cloud Provider's Security Logs Aren't Your Security Record: The Cost of Filtered Cloud Visibility

May 4, 2026

Close the cloud visibility gap. Learn why relying on provider logs creates security blind spots and how independent network telemetry restores authoritative evidentiary control.

NDRSecurityNetwork Security

Experience RevealX NDR for Yourself

Schedule a demo
Contact us