While release notes provide a comprehensive view of our 8.0 release updates, here is a preview of our most exciting new features.
Detections enable teams to quickly assess potential risks and unusual changes on the network—speed matters. In 8.0, we bring relevant data directly into the detection detail page to make it easier and faster for you to investigate.
Each investigative section displays a table with the associated metrics or records. You can click entries within these tables to view the information on their own page and modify the query to continue your investigation as needed.
We also added a horizontal bar with filters that can quickly toggle your view between detections that match categories in the Attack chain or cautionary and IT Operations (such as watching for expiring certificates).
Assets & Endpoints
The Devices page now enables filtering by model sets. Model sets are logical groupings of known device models from a particular vendor. The filter suggests model sets based on the devices discovered on your network.
View the analysis level of each device in the device list.
Click on a device name in a transaction on the Records page to preview the device properties or click on an external IP address to see the device geolocation and links to the ARIN database.
Devices that provide authentication or essential services to other devices are now identified as a Critical Device.
For ExtraHop Administrators and API Developers
- New 8.0 ExtraHop systems are configured to discover devices by MAC address, to improve tracking device metrics even as IP addresses change.
- Enable a global privilege policy for user-level detection access.
- Deploy the Reveal(x) EDA 1100v on Google Cloud Platform (GCP).
- Deploy the 5G ExtraHop EDA 4200.