back caretBlog

Gas South Finds a Security Partner with ExtraHop

For companies like Gas South, change is inevitable. Network architectures are shifting to the cloud, and external threats have adapted to the new landscape just as the risk of insider threats has risen.

Senior Systems Engineer Rajiv Thomas has weathered change and is staying a step ahead. He's been with Gas South since the company's early years. He helped build their on-premises infrastructure from scratch, and he's now working on expanding their growing cloud infrastructure, all while staying on top of the latest advancements in cybersecurity.

Gas South is the largest natural gas provider in the state of Georgia, and their reach has expanded to serve customers across six states. Founded in 2006, the company is part of a competitive service market, which means the organization depends on their excellent customer care and great user experience to gain an edge.

Gas South relies on their IT team, including Thomas, to build and secure their customer-facing applications. As a service provider, they are entrusted with the security of their customers' financial data and transactions, and they take that role very seriously.

While Thomas is responsible for cloud architecture and network operations, his primary focus is security, and he names ExtraHop as one of his primary partners. On a recent episode of Enterprise Security Weekly, Rajiv Thomas discussed how he uses ExtraHop Reveal(x) network detection and response (NDR) to protect his hybrid network, comprising on-premises and multicloud environments, to stay one step ahead of both external and insider threats.

Answering a Need for East-West Visibility

When Thomas first sought out ExtraHop, shifts in both the threat landscape and his attack surface had changed, warranting a fresh defensive strategy. The company had protections at the perimeter to defend against intrusions by outside threats, but Thomas noted that the risk of insider threats had risen in his industry which could render his perimeter defenses useless.

The change in threat landscape was underscored by a shift in the concept of a perimeter itself—their expanding virtual environment created a demand for easy-west visibility to secure critical cloud workloads. Must-haves for Thomas were lateral movement detection and in-depth, packet-level diagnostic capabilities, which led him to ExtraHop.

Defending Against Threats From Every Side

Even in a hybrid environment, Thomas noted that ExtraHop Reveal(x) was up and collecting data from the entire network—cloud and on-premises—within a day. He noted how after installation, the ability to have a clear visual of all network activity allowed him to respond and remediate anomalies quickly, saying, "with ExtraHop, you can act. It actually gives you a visible graphical picture of any lateral movement."

Beyond the product's visual interface, the ability to detect both known and unknown attacks helps Thomas assure the organization's security. He adds, "it actually identifies Trojans and other malicious stuff happening on your network, flags it and shows it." Any abnormal behavior in his network, and Thomas gets a notification, "In earlier days, there was no way you're going to find that out. It's not going to pop up on my screen."

The security value was clear for Thomas, but what surprised him was the broader organizational value. Network diagrams were easily generated, infrastructure and database issues are resolved and optimized, and the organization has avoided adding unnecessary resources toward processing power. Today, they have extended Reveal(x) logins across their IT organization, from SecOps to network engineers, enabling insights and personalized reports.

Gas South NDR Use Cases Click image to zoom

Not a Vendor, but a Security Partner

"A lot of people overlook support." Thomas has experienced how otherwise phenomenal products can offer little value to an organization without proper support. His experience with ExtraHop has been different; he clarifies that "they're not a vendor, they're a security partner."

The biggest win for him has been gaining not just a tool, but an entire team who looks out for both his current state and his future plans. Support is there when he needs it, and his dedicated Customer Success team is proactive about keeping him informed about new launches and fresh innovations (such as ExtraHop's forensics and response capabilities). Whether it's one he asked about a few months ago, or just a helpful new feature, the team listens and gives him a call when it's ready for him to try. "They know me, my goals. As a partner they walk with me to help me get there."

His one gripe? Support is sometimes too fast. "I just open a ticket and these guys are on a call right there. …I'm like, guys, I'm not yet ready—but yeah, let's jump on it." He laughs and adds, "it's a good problem to have if you ask me."

ExtraHop Reveal(x) Live Activity Map

Stop Breaches 87% Faster

Investigate a live attack in the full product demo of ExtraHop Reveal(x), network detection and response, to see how it accelerates workflows.

Start Demo

Sign Up to Stay Informed