While release notes provide a comprehensive view of our 8.3 release updates, here is a preview of our most exciting new features.
Previously, you could adjust the signal-to-noise ratio of your detections by clicking Hide and selecting specific offenders and victims. We've expanded this option, which now appears on detection cards as Tune.
In 8.3, you can further Tune your detections by adding a trusted domain either from the detection itself...
...or by adding a list of known and trusted domains to the Network Localities page. The ExtraHop system will no longer generate detections for potential C&C attacks for these domains.
You can also now filter by CVE IDs or detection type names on the Detections page.
The Security Overview page now shows the top 20 offenders involved in detections across your network.
And the Perimeter Overview page now includes a halo visualization that shows New Traffic by Country.
Previously, clicking Records from the top navigation launched a complete query of all collected records. In 8.3, when you click Records, a New Query window appears and enables you to create a refined query for only the results you need.
Reveal(x) 360 Only
- We are expanding our Reveal(x) 360 SaaS offering to Asia-Pacific (APAC) region.
- Forward session keys from your EC2 workloads to Reveal(x) 360 to enable SSL/TLS decryption.
- Grant Remote Access privileges to ExtraHop Support and Account Team Members when you need extra troubleshooting or advanced configuration help.
- The ExtraHop REST API is now available for Reveal(x) 360 systems.
For ExtraHop Administrators
- ETA 1150v for Google Cloud Platform is now available.
- Detection properties are now accessible through the REST and Trigger APIs to support SIEM/SOAR integrations. These properties enable you to retrieve specific information about a detection, such as the protocol that the detection occurred on.
Documentation Website Updates
The ExtraHop Documentation website provides information about all ExtraHop systems. Quickly identify whether a topic applies to your ExtraHop deployment by reviewing the Product Requirements.
Any additional required system components, such as a recordstore or packetstore, are also identified.