back caretBlog

ExtraHop Puts the Spotlight on Securing Cloud Services

Organizations will benefit from better visibility and faster threat triage in the cloud

Over the past year, migration of critical workloads from on-premises data centers to the cloud has shifted into overdrive with a new boost of urgency from the pandemic. The explosion of remote workers has forced IT operations to quickly re-architect to a more cloud-centric layout with cloud-based workloads delivering critical applications to users. What's not as well-known is how this changes the game for security operations.

Already overburdened with multiple tools and staff shortages, security teams are also being tasked with purchasing additional cloud security tools and learning how to apply them to the new cloud infrastructure and workloads. However, security directives remain the same—achieve and maintain a strong security posture for the organization on a limited budget.

Here at ExtraHop, we feel the same sense of urgency and responsibility to help our customers overcome cloud security challenges. To assist security experts forced to grapple with new cloud deployments, our latest Reveal(x) 360 8.2 release includes a new Cloud Services view. With a single click, SecOps and SOC teams can quickly discover what cloud services they're using, eliminate blind spots in their networks, detect cloud threats faster, and improve attack response and remediation times.

Accessible via the "Assets" tab in the Reveal(x) 360 Cloud Console, the Cloud Services view provides the ability to quickly discover, group, and drill down on metrics associated with a wide variety of cloud services.

Cloud Services Overview

Fig. 1: Cloud Services Overview pane showing top five cloud services by bytes in & out, and bit rates over time.

Security and IT teams working in AWS environments can quickly gain granular insight into traffic volumes and flow rates, IP addresses, and users associated with popular cloud-native services including Amazon S3, Amazon EC2, Amazon ECR, Amazon DynamoDB, and Amazon API Gateway.

AWS Services View

Fig. 2: AWS Services pane showing top five AWS services by bytes in and out, and bit rates over time.

Organizations can also conduct detailed forensic analysis of individual packets to discover and track interactions over time with other cloud services, devices, and users. Even encrypted cloud traffic can be unencrypted and examined at line rate to discover advanced persistent threats, lateral movement, data breach attempts, and ransomware attacks.

S3 Activity

Fig. 3: Most active devices and related IP addresses associated with Amazon S3 activity.

Reveal(x) 360's new Cloud Services view can provide much-needed relief for organizations and security teams struggling to gain visibility in the cloud. Key benefits include:

  • Complete visibility of cloud services and related device activities—no more cloud blind spots!
  • Faster discovery and triage of cloud-related threats—expose and stop attackers in their tracks.
  • Improved cloud security posture and reduced organisational risk—discover and remediate vulnerabilities impacting cloud security.

ExtraHop network detection and response (NDR) applies machine learning to network data extracted from hybrid networks, providing security and IT operations teams with the ground source of truth for rapid threat detection and response. Reveal(x) 360 deploys ExtraHop NDR as SaaS, providing visibility and threat detection that cannot be detected, evaded, or disabled by attackers. And with access to Amazon VPC Packet Mirroring, ExtraHop Reveal(x) 360 provides a fast and easy cloud-native path to securing AWS environments.

Additionally, ExtraHop is an Amazon Partner Network (APN) Advanced Technology Partner with Security Competency on the AWS platform. That means ExtraHop has deep expertise in helping to secure workloads, applications, and data on AWS, and that our products have been vetted and validated to demonstrate technical proficiency with proven customer successes.

To learn more about the technical details of Reveal(x) 360, visit our How It Works page.

Or, try Reveal(x) 360 for Free! See how SaaS-based Reveal(x) 360 detects threats up to 95% faster and slashes your time to respond by up to 70% with a 15-day proof of value in your AWS environment. Request your free trial today!

AWS Advanced Technology Partner

Related Blogs

Sign Up to Stay Informed