back caretBlog

What's New in ExtraHop 7.8 and Reveal(x)

ExtraHop 7.8 adds visibility, flexibility, and more opportunities to customize your workflows.

While release notes provide a comprehensive view of our 7.8 release, here is a preview of our most exciting new features.

Detections

Detections offer a powerful way to harness your traffic and proactively identify risks and potential attack vectors. We've added tools to show bigger picture perspectives as well as ease your navigation through investigative workflows.

Detections now identify participant roles: offenders and victims.

Victims and Offenders

Related detections that occurred before and after the current detection appear in a timeline below the detection details. Look for potential trends where a single offender is found on multiple detections or where an offender in one detection appears as a victim on another.

Related Detections

Investigation Steps can now be found at the top right corner of the detection details card.

Investigation Steps

After you click a link in the detection details card, you can quickly return to that detection by clicking the detection name in the navigation path or click the x to dismiss the link.

Return Path in Reveal(x)

When filtering for detections by criteria, the filtered list of detections now persists even after you click a detection. Click Detections in the navigation path at the top of the page to get back to your filtered list.

Detections Navigation Path

ExtraHop Web UI

Investigating and troubleshooting can take you through many parts of the ExtraHop Web UI.

The navigation path helps you keep track of where you are and where you started—so you can view different metrics about a single asset, but always easily return to the same starting point. Click the Recent Pages Icon icon on the left to see recent pages that you can navigate back to.

Navigation Path in Reveal(x)

Bundles

Bundles have always provided a shortcut to adding pre-formatted customizations to ExtraHop appliances. In 7.8, we've redesigned the Bundles page to make it easier to upload and install bundles.

Bundle Upload Path

Visit our Solution Bundles Gallery to find bundles that integrate with your third-party solutions or that address common use cases, such as the Palo Alto Networks Next-Generation Firewall and Panorama Integration, Cisco ISE Integration, or ExtraHop Detection SIEM Connector.

Device Roles

ExtraHop classifies most devices by the type of traffic associated with the device. In 7.8, we're adding roles that classify your PC, Printer, VoIP Phone, and Medical Device traffic.

PC Device Role Icon Printer Device Role Icon VoIP Phone Device Role Icon Medical Device Role Icon

Reveal(x) Only

Executive Reports

In 7.7 we introduced overview pages that provided at-a-glance key metrics about your system security, network, and perimeter. In 7.8 we've added the ability to Print an Executive Report as a PDF file to send to stakeholders who might not have access to your Reveal(x) system.

Print Executive Report

The report contains a fixed set of metrics from the overview pages for the previous week:

Executive Report Metrics

Precision Packet Capture

You can now write a trigger to target packets on your network to collect, store, and download for analysis in a third-party application such as Wireshark. You can filter and search for these packets from the Records page in the Web UI by selecting Packet Capture from the Record Type drop-down menu. Then, click the Packets icon to see more details and download the related PCAP file.

Precision Packet Capture

Threat Intelligence

Reveal(x) Premium and Ultra systems offer threat intelligence throughout system charts and tables. In 7.8 there are now ExtraHop-curated default threat collections that can identify known malicious IP addresses, hostnames, and URIs found in your network traffic. You must enable these collections before they can identify potential risks.

You can also still upload STIX files from free or commercial sources through the Web UI or REST API.

Curated Threat Intelligence

ExtraHop Discover Appliances in AWS

You can now deploy Reveal(x) systems of the EDA 1100v (1G), 6100v (10G), and 8200v (25G) in AWS.

Visit our Customer Portal for upgrade options and let us know if you have any questions!

Related Blogs

Sign Up to Stay Informed