• The Platform

    ExtraHop Reveal(x)

    Cloud-native visibility, detection, and
    response for the hybrid enterprise.

    Reveal(x) 360

    SaaS-based network detection
    and response.

    Learn More

    How It Works

    Reveal(x) Enterprise

    Self-managed network detection
    and response.

    Learn More

    How It Works

  • For Security

    For Security

    Protect and scale your business with complete visibility, real-time threat detections, and intelligent response.

    Use Cases

    • Comprehensive Inventory of All Devices
    • Detect Lateral Movement
    • Monitor Sensitive Data Movements
    • Respond to Alerts That Matter
    • Simple, Streamlined Threat Hunting
    • Next Generation Intrusion Detection System
    • See All Use Cases

    Security Resources

    • 2020 Gartner Market Guide for Network Detection and Response
    • 2020 SANS Network Visibility and Threat Detection Survey
    • Beginners' Guide to Network Detection and Response

    See All Resources

    Enterprise-Ready Integrations

    Crowdstrike Logo

    Detect network threats and automatically quarantine impacted devices.

    Read More...

    See All Integrations

    Featured Customer Story

    Ulta Beauty Logo

    ULTA Beauty Securely Scales High-Growth e-Commerce Operation in the Cloud with ExtraHop

    Read More...

    See All Customer Stories

  • For Cloud

    For Cloud

    Secure rapid cloud adoption and maintain control of applications, workloads, and data in cloud or multi-cloud environments.

    Use Cases

    • Monitor Critical Cloud Workloads
    • Detect Supply Chain Attacks
    • Cloud Detection and Response
    • Respond to Alerts That Matter
    • Security for AWS
    • Security for Azure
    • Security for Google Cloud
    • See All Use Cases

    Cloud Resources

    • Using MITRE ATT&CK In Cloud and Hybrid Environments
    • Multi-Cloud Security: Removing Friction from the Development Process

    See All Resources

    Enterprise-Ready Integrations

    Amazon Web Services Logo

    Unified cloud security and monitoring with AWS and ExtraHop.

    Read More...

    See All Integrations

    Featured Customer Story

    Wizards of the Coast Logo

    Wizards of the Coast Delivers Frictionless Security for Agile Game Development with ExtraHop

    Read More...

    See All Customer Stories

  • For IT Ops

    For IT Ops

    Boost NOC/SOC collaboration and ensure availability and performance across your hybrid enterprise.

    Use Cases

    • Resolve Performance Issues
    • Support Distributed Workers
    • Reliably Scale to the Cloud
    • NetOps and SecOps Collaboration
    • See All Use Cases

    IT Ops Resources

    • 451: Digital Experiences Are Front and Center In Coping with Coronavirus
    • Office Shutdown: Securing an Increased Remote Workforce

    See All Resources

    Enterprise-Ready Integrations

    ServiceNow Logo

    Know and do more, faster. ExtraHop + ServiceNow makes IT service management even more seamless.

    Read More...

    See All Integrations

    Featured Customer Story

    The Home Depot Logo

    The Home Depot Builds Unified Customer Experience with Visibility from ExtraHop

    Read More...

    See All Customer Stories

  • More
    • Blog
    • Customers
    • Partners
    • Resources
    • About Us

    How to Detect and Respond to the SUNBURST Attack

    Sunburst attack 2020: Learn how to detect and respond to the Sunburst backdoor …

    Read More...

    All Blog Posts

    Security Alert: Detecting CVE-2020-1472 Zerologon Exploitation with NDR

    The recent Zerologon vulnerability (CVE-2020-1472) could allow attackers to get …

    Read More...

    • Support
    • Support Overview
    • Documentation
    • Hardware Policies
    • Services
    • Services Overview
    • ExtraHop Reveal(x) Advisor
    • Deployment
    • Training
    • Training Overview
    • Training Sessions
    • Community
    • Customer Portal Login
    • Solution Bundles Gallery
    • Community Forums
    • Customer Stories

    Partners

    • Partner Portal Login
    • Channel Partner Program
    • Find a Technology Partner
    • Become a Partner

    Resources

    • Customer Stories
    • Remote Access Resource Hub
    • All Resources
    • White Papers
    • Datasheets
    • Industry Reports
    • Webinars
    • Network Attack Library
    • Protocol Library
    • Documentation
    • Firmware
    • Training Videos
    • About ExtraHop
    • About Us
    • The ExtraHop Difference
    • What Is Cloud-Native?
    • Leadership
    • Board of Directors
    • Careers
    • Careers Overview
    • Search Openings
    • News
    • Newsroom
    • Press Releases
    • ExtraHop in the News
    • Engage with Us
    • Contact Us
    • Upcoming Webinars and Events
    • Take the Live Demo

    Network Detection and Response (NDR) Vs. Extended Detection & Response (XDR)

    Get some clarity on the alphabet soup of security vendor acronyms by reading …

    Read More...

    Ulta Beauty

    ULTA Beauty Securely Scales High-Growth e-Commerce Operation in the Cloud with ExtraHop

    Read More...

    Crowdstrike

    Detect network threats and automatically quarantine impacted devices. Inventory devices not yet protected by endpoint security.

    Read More...

    2020 Gartner Market Guide for Network Detection and Response

    ExtraHop is a representative vendor two years running. Learn why.

    Read More...

    Newsroom

    Get the latest news and information about ExtraHop, including press releases and third-party coverage.

    Read More...

X button
Login
Logout
Start Demo

The Platform

For Security

For Cloud

For IT Ops

More

Start the Democaret-right

Contact Uscaret-right

caret-left Back

ExtraHop Reveal(x)

Cloud-native visibility, detection, and
response for the hybrid enterprise.

Reveal(x) 360

SaaS-based network detection
and response.

Learn More

How It Workscaret-right

Reveal(x) Enterprise

Self-managed network detection
and response.

Learn More

How It Workscaret-right

caret-left Back

For Security

Protect and scale your business with complete visibility, real-time threat detections, and intelligent response.

Learn More

Agentless, Comprehensive Inventory of All Devices

Detect Post-Compromise Recon and Lateral Movement

Monitor Sensitive Data Movements

Respond to Alerts That Matter

Simple, Streamlined Threat Hunting

Next Generation Intrusion Detection System

caret-left Back

For Cloud

Secure rapid cloud adoption and maintain control of applications, workloads, and data in cloud or multi-cloud environments.

Learn More

Monitor Critical Cloud Workloads

Monitor Unexpected Upstream Dependencies in Cloud Workloads

Detect Post-Compromise Recon and Lateral Movement

Respond to Alerts That Matter

Security for AWS

Security for Azure

Security for Google Cloud

caret-left Back

For IT Ops

Boost NOC/SOC collaboration and ensure availability and performance across your hybrid enterprise.

Learn More

Resolve Performance Issues

Support Distributed Workers

Reliably Scale to the Cloud

NetOps and SecOps Collaboration

caret-left Back

Customers

Partners

Resources

About Us

Blogcaret-right

caret-left Back

Customers

Customer resources, training,
case studies, and more.

Visit Customer Portal

Support

Professional Services

Training

Solution Bundles Gallery

Community Forums

caret-left Back

Partners

Partner resources and information about our channel and technology partners.

Visit Partner Portal

Channel Partner Program

Find a Technology Partner

Become a Partner

caret-left Back

Resources

Find white papers, reports, datasheets, and more by exploring our full resource archive.

All Resources

Customer Stories

Network Attack Library

Protocol Library

Documentation

Firmware

Training Videos

caret-left Back

About Us

See what sets ExtraHop apart, from our innovative approach to our corporate culture.

Learn More

The ExtraHop Difference

What Is Cloud-Native?

Careers

Newsroom

Upcoming Webinars and Events

How to Detect and Respond to the Sunburst Attack Security Alert: Detecting CVE-2020-1472 Zerologon Vulnerability Exploitation with NDR NDR vs XDR: Network Detection and Response vs Extended Detection and Response

Blog

How to Detect and Respond to the SUNBURST Attack

  • ExtraHop
  • December 14, 2020

Security Alert: Detecting CVE-2020-1472 Zerologon Exploitation with NDR

  • Jeff Costlow
  • September 16, 2020

Network Detection and Response (NDR) Vs. Extended Detection & Response (XDR)

  • Jesse Munos
  • August 7, 2020

Security Alert: Detecting CVE-2020-1472 Zerologon Exploitation with NDR


Network Detection and Response (NDR) Vs. Extended Detection & Response (XDR)


How to Detect and Respond to the SUNBURST Attack

  • All Posts
  • Security
  • Cloud
  • Tech
  • Community
  • Trending
  • Security Alerts
  • NDR
  • Security Frameworks
  • Decryption
  • Industry Trends

1.26.21

SANS Review: Taking on Modern Threats

In this SANS review of ExtraHop Reveal(x) network detection and response, Dave Shackleford discusses why network truth combined with sophisticated machine learning count for a lot in security. Intuitive design and usability take a solution to the next level.

Carol Caley

Read On

1.20.21

Sunburst Origin Story Part 2: A Forensic Examination of SUNBURST After Detection

The SolarWinds Orion SUNBURST supply chain attack has rocked the confidence of many security teams across industries. This blog reconstructs the timeline of the attack and provides insights on how to improve threat detection in the future.

Todd Kemmerling

Read On

1.14.21

What's the State of Hybrid and Cloud Security Tools?

Understand the current state of cybersecurity tooling from security and IT pros who shared their insights in our newest must-have report.

Dale Norris

Read On

1.9.21

Professional Services Customer Success Stories: Streamlining an IT Merger

Hear how ExtraHop Professional Services helped streamline a stubborn IT merger.

Walter Phillips

Read On

1.7.21

Free Learning Path: The Keys to Cryptography

We've unlocked our cryptography learning path, making it free and available to everyone. Learn the basics of encryption, decryption, secure connections, and how to interpret key security data.

Kurt Shubert

Read On

1.7.21

Why Supply Chain Attacks Are So Destructive

What are supply chain attacks and why can they be so damaging? In this first installment of our blog series, we'll identify some common elements of a supply chain attack and how you can discover these attacks in the early stages.

Dan Frey

Read On

1.6.21

SUNBURST: An Origin Story

The SolarWinds Orion SUNBURST supply chain attack has rocked the confidence of many security teams across industries. This blog examines the domains used in order to better understand how the attack went undetected for so long.

Todd Kemmerling

Read On

12.21.20

Grand Canyon Education Masters Security and Performance With ExtraHop Reveal(x)

Grand Canyon Education turned to ExtraHop Reveal(x) network detection and response (NDR) to help them bridge visibility gaps to optimize security and performance.

Katie Lockett

Read On

12.21.20

Video: SUNBURST Attack Series

SUNBURST is an advanced persistent threat. Detecting and responding to it requires network truth. Learn what steps ExtraHop and Reveal(x) recommend to ensure your network is not compromised.

ExtraHop

Read On

12.21.20

Video: What You Need to Know After SUNBURST

ExtraHop is closely following the SolarWinds Orion SUNBURST exploit. Our videos detail what we have learned about how the attack works, and how network detection and response is essential to detecting any malicious activity in your environment.

ExtraHop

Read On

12.19.20

How to Identify Malicious Network and Port Scanning

Network scanning and port scanning aren't inherently hostile, but they're often used maliciously. Learn to identify malicious network scanning and differentiate it from benign behavior.

Christine Shaw

Read On

12.18.20

Analyzing the SUNBURST SolarWinds Attack Campaign For Threat Intelligence

SolarWinds attack: ExtraHop is sharing 1700+ suspicious IP addresses (for threat hunters and data scientists) that were associated with the Sunburst backdoor attack.

Todd Kemmerling

Read On

12.16.20

What's New in 8.3 and Reveal(x)

While release notes provide a comprehensive view of our 8.3 release updates, here is a preview of our most exciting new features.

Jeena Khan

Read On

12.14.20

Designing a Color System: Intuitive UX and Happy Developers

Learn how the ExtraHop UX team redesigned our color system.

Creighton Chamberlain

Read On

12.14.20

How to Detect and Respond to the SUNBURST Attack

Sunburst attack 2020: Learn how to detect and respond to the Sunburst backdoor supply chain attack with ExtraHop's spectrum of detection approaches.

ExtraHop

Read On

12.10.20

Advanced Persistent Threats Can Affect Even the Best of Us

A note from ExtraHop on the recent FireEye breach.

ExtraHop

Read On

12.9.20

Securing Healthcare: Frameworks, Visibility, and the Cloud

Healthcare IT and security teams face a rapidly changing landscape, increasing their workloads while keeping up with emerging security challenges. Get two new resources on securing healthcare.

Karen Crowley

Read On

12.8.20

Paving the Way for Secure DevOps in the Cloud

SANS conducted their annual DevOps survey, seeking to understand whether or not security teams are able to keep pace with DevOps. They concluded that shifting security earlier in the process is a smart strategy for faster deployment.

Carol Caley

Read On

12.4.20

Folding@home for COVID-19 Research

A team of ExtraHoppers has made it into the top 800 in Folding@home, a competitive distributed computing project aiming to better understand COVID-19.

Carol Caley

Read On

12.3.20

ExtraHop Reveal(x) Advisor Available on AWS Marketplace for Professional Services

ExtraHop Reveal(x) Advisor can maximize the value of your security solution and help your existing staff function with more efficiency and expertise. Now available through the AWS Marketplace.

Michael McPherson

Read On
Next

+

ExtraHop uses cookies to improve your online experience. By using this website, you consent to the use of cookies. Learn More

Global Headquarters
520 Pike St
Suite 1600
Seattle, WA 98101
United States


EMEA Headquarters
WeWork 8
Devonshire Square
London EC2M 4PL
United Kingdom

APAC Headquarters
3 Temasek Avenue
Centennial Tower
Level 18
Singapore 039190

Platform

  • Reveal(x) 360
  • Reveal(x) Enterprise

Security

  • Comprehensive Inventory of All Devices
  • Detect Lateral Movement
  • Monitor Sensitive Data Movements
  • Respond to Alerts That Matter
  • Simple, Streamlined Threat Hunting
  • Next Generation Intrusion Detection System

Cloud

  • Monitor Critical Cloud Workloads
  • Detect Supply Chain Attacks
  • Cloud Detection and Response
  • Respond to Alerts That Matter
  • Security for AWS
  • Security for Azure
  • Security for Google Cloud

IT Ops

  • Resolve Performance Issues
  • Support Distributed Workers
  • Reliably Scale to the Cloud
  • NetOps and SecOps Collaboration

More

  • Blog
  • Customers
  • Partners
  • Resources
  • About Us
  • Careers
  • Newsroom
  • Contact Us
  • Copyright ExtraHop Networks 2021
  • Terms of Use
  • Privacy Policy
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram
  • YouTube