The security team might want to know if an impatient hacker was trying to make away with sensitive data. The application developers might have pushed some new code that had an undesirable side effect. The operations team might be worried about the impact on network bandwidth and application performance.

The sad news is that an abnormality on the network might be of concern to any of these teams, but most of the time none of them would notice. ExtraHop Reveal(x) surfaces abnormal behaviors on the network in a way that all teams can see and understand them (extracting the Layer 7 application details that make sense to people, such as users, file names, methods, and errors).

Mitch Roberson is the director of enterprise systems at Curo Financial, a company with 400 retail locations that serves under-banked customers with loans and financial services. He says that Curo grew quickly from a very small company to a very large one, and that things were pretty messy. "When I got here, there were a lot of things that people couldn't answer for me about how things worked. So I started pushing for visibility into the environment pretty early."

SANS director John Pescatore interviewed Roberson recently in a SANS WhatWorks case study about how Curo deployed Reveal(x) to gain detailed and timely insight into security and performance issues in a single platform. The solution also helped promote cross-departmental collaboration. "We operate under the premise that we can't be siloed anymore," says Roberson.

At Curo, each team uses Reveal(x) for their own unique purposes:

The Security team monitors and investigates behavioral threats. Reveal(x) not only detects threats but also provides analysts with context to evaluate the detections and investigate the root cause.
The IT and Network Operations teams can measure the impact of changes, allowing them to target and disable services using vulnerable protocols (such as SMB1) without causing outages. "I've got over 100 different scenarios where we've made changes just based on the data that we've pulled out of Reveal(x) over the past year to 18 months," says Roberson.
The Application teams can easily see how their new code affects performance in the production environment and identify areas for tuning the performance.

To learn more, download the SANS WhatWorks case study or watch the on-demand webinar.

Posted in NDR, Cybersecurity, Community, Company, Reveal(x)
See other posts by Tyson Supasatit

For Security

For Cloud

For IT Ops

Hunter Challenge

The Platform

Solutions

Customers

Partners

Blog

More

Start the Demo

Contact Us

ExtraHopReveal(x) 360

How It Works

Competitive Comparison

Why Decryption Matters

Integrations and Automations

Cybersecurity Services

Complimentary Shields Up Assessment

AWS Cloud Security

What is Network Detection & Response (NDR)?

Reveal(x) Enterprise: Self-Managed NDR

Solutions

Security

Cloud

IT Ops

Use Cases

Explore By Industry Vertical

Customers

Customer Portal Login

Cybersecurity Services

Training

ExtraHop Support

Partners

Channel Partners

Integrations and Automations

Partners

Blog

About Us

News & Events

Careers

Resources

About Us

The ExtraHop Advantage

What Is Cloud-Native?

Contact Us

News & Events

Sign Up for a Live Attack Simulation

Upcoming Webinars and Events

Careers

Careers at ExtraHop

Search Openings

Connect on LinkedIn

Resources

Customer Stories

Shields Up Resources

Ransomware Attacks in 2021: A Retrospective

Cyberattack Glossary

Network Protocols Glossary

Documentation

Firmware

Training Videos

SANS WhatWorks: ExtraHop Reveal(x) for Security & IT Ops Integration

How to get IT Operations, Application, and Security teams on the same page

Stop Breaches 87% Faster

Related Blogs

Customer Spotlight: CURO Financial Technologies

The Tricks of Our Trade: How Reveal(x) Uses Machine Learning

Five Reasons to Integrate SecOps & NetOps

Trending

Sign Up to Stay Informed

ExtraHop
Reveal(x) 360