back caretBlog

What's New in 8.7 and Reveal(x)

While release notes provide a comprehensive view of our 8.6 release updates, here is a preview of our most exciting new features.

Insights for Log4Shell

Are you concerned about the recent Log4Shell vulnerability? Check out our forum and blog post to learn about our response!

Detection Catalog

We expanded our Detection Formats page into a Detection Catalog. You can still create custom detection formats through these settings, but now you can also view all built-in detections. Click any entry to navigate to more details.

Apache Tomcat JSP Exploit detection in the Reveal(x) detections catalog

Decryption-Enabled Detections

We can't find what we can't see! Decryption provides visibility into encrypted traffic where attacks are often hidden. Easily identify detections enabled by the secure decryption of your network traffic.

RPC Response Decryption Detection in Reveal(x)

Threat Briefings

Threat briefings can now be archived and restored; briefings are automatically restored anytime information is added or updated by the system.

SUNBURST Threat Briefing in Reveal(x)

Plus, you can configure the system to email you when a threat briefing is published or an archived briefing is restored with an update.

Setting notification rules for Threat Briefings in Reveal(x)

Custom Models for Devices

Although the ExtraHop system automatically determines the model of a device, you can now manuallychange the device model.

Customizing Device Properties in Reveal(x)

This feature is also available through the REST API with the PATCH /devices/{id} operation.

Reveal(x) 360 Only

For our existing tenants, we'll be reaching out to you soon with details about your specific implementation, but consider this preview your first look at our upcoming improvements to authentication and user management.

Over the next few months, we'll reach out to schedule your migration from the ExtraHop Okta built-in identity provider to a native configuration that is more convenient and with an improved user experience. Instead of navigating to Okta, you will be able to manage users directly from the Reveal(x) 360 console.

We are committed to minimizing the hassle to you during this update. Here are the basics you need to know:

  • For tenants configured with the built-in identity provider, we migrate these settings for you. All users will need to reset their password once.
  • For tenants with a custom identity provider, we'll work with you to identify a good maintenance window for the migration. You'll need to update the entity ID with your identity provider before your users can log in again.
  • All users configured for multi-factor authentication must reset their settings.

Look for emails from ExtraHop over the next few months for more details!

Administration and API

Firmware Downloads

The Firmware page in the Administration settings now shows you when an upgrade is available and enables you to download and upgrade the firmware directly from the system.

Firmware download and installation in the Administration settings

This feature is also available through the REST API with the POST /extrahop/firmware/download operation.

Visit our Customer Portal for upgrade options and let us know if you have any questions!

Related Blogs

Sign Up to Stay Informed