We're happy to announce the availability of a new ExtraHop-supported bundle for our security solution: Reveal(x) Extras!
Security Hygiene Is Simple in Theory, but Difficult in Practice
The Reveal(x) Extras bundle provides a single concise dashboard with actionable data on the security hygiene of your network. It gives you an early heads-up about issues in your environment, things like soon-to-expire SSL certificates and unusual machine account activity, before those issues turn into really bad surprises.
These types of issues are easy to recognize if you know about them, but who has the time to go around ferreting out those problems? Reveal(x) is constantly analyzing network traffic and extracting valuable metadata, and the Reveal(x) Extras bundle makes it easy to keep track of the most common hygiene issues. Watch the video for a walkthrough, or just read the details below.
Each of the dashboard's four regions focuses on a key aspect of visibility into security concerns, powered by a trigger leveraging ExtraHop's robust wire data analysis. Ideally, you'd like this dashboard to be filled with zeroes: zero errors, zero weaknesses, zero concerns. When the dashboard highlights a potential problem, we provide the details you need to understand and remediate the issue.
Transport Layer Security Auditing shows where vulnerable cryptography is being used by servers in your network. By providing details on weak cryptography and expired certificates, you can quickly assess which servers are out of compliance.
The section on Authentication flags common errors for Kerberos and LDAP accounts and gives you the information you need to troubleshoot authentication problems. You can also track where privileged accounts are being used in your network and keep an eye on possible misconfigurations or vulnerabilities, like the presence of unencrypted LDAP bind requests.
North-South Monitoring watches traffic entering or leaving your network and compares it against the Reveal(x)'s threat intelligence data, alerting on suspicious sources and destinations.
Finally, the section of Other Indicators shows where insecure protocols like SMBv1 and Telnet are being used on your network and calls attention to authentication errors in HTTP and FTP.
The Reveal(x) Extras bundle should be the first thing you install after setting up your new Reveal(x). Its clean and concise dashboard harnesses the power of the Reveal(x) to provide the visibility and insight you need.