back caretBlog

What's New in 8.5 and Reveal(x)

While release notes provide a comprehensive view of our 8.5 release updates, here is a preview of our most exciting new features.

Detections

Investigation Tracking enables you to track and annotate detections as part of your investigative workflow directly in the ExtraHop system. You can set a status, assign work, and add notes directly to a detection. Optionally, you can still configure tracking through a third-party ticketing system.

Detection Tracking for Data Exfiltration to S3 Bucket

And, when a detection that matches your specified criteria occurs, the ExtraHop system can now send an email to your designated recipients through Detection Notifications.

Daily summary for Credentials Received over HTTP detection

Devices

When you log back in to an ExtraHop system, the last relative time interval that you viewed appears by default.

Default last relative time display in Reveal(x) 8.5

We also added a Currently Active filter so you can find devices with activity observed in the last 30 minutes.

Devices, Currently Active filter in Reveal(x) 8.5

Records

A record query can result in millions of records based on the time interval and filter criteria. In 8.5, queries from Google BigQuery pause intermittently to display batches of the most recent records first. Click Continue Query to display the next batch of records.

Records pane in Reveal(x) 8.5

Filter records by cloud services in the Refine Results section.

Record filtering criteria in Reveal(x) 8.5

Reveal(x) 360 Only

Import threat collections from CrowdStrike Falcon to gain threat intelligence about IP addresses, domains, and hostnames.

Integrated Threat Intelligence with CrowdStrike Falcon

For ExtraHop Administrators

Visit our Customer Portal for upgrade options and let us know if you have any questions!

Related Blogs

Sign Up to Stay Informed