ExtraHop July TL;DR

Welcome to the July edition of the ExtraHop TL;DR! This is your place to get the highlights on what we're talking about this month. You can also watch our video broadcasts on the fourth Friday of every month on our LinkedIn page.

Empower XDR with ExtraHop + CrowdStrike

Cyberattackers are growing more sophisticated at evading security measures. Tightly integrated extended detection and response (XDR) with network detection and response (NDR) helps to enrich endpoint data with relevant network intelligence, alongside additional telemetry across multiple domains, to empower security teams to defend against common and advanced threats.

Eradicate Active Software Supply Chain Threats

Cyber attackers get into your environment undetected by abusing privileged relationships. Software update paths, service providers, and open source components are all part of the enterprise attack surface. With Reveal(x), your team can detect and stop supply chain attacks inside your environments and eliminate risk of future attacks across your edge, core, and cloud assets.

Customer Success: U.S. Xpress

Discover how this critical infrastructure company smoothly integrated Reveal(x) with their EDR and SIEM to get complete visibility that scales with their expanding business.

Threat of the Month: HTTP Request Smuggling

Websites often rely on load balancers, content delivery networks (CDNs), or reverse proxies to manage incoming HTTP requests over a single connection. HTTP request smuggling is a web application attack that takes advantage of inconsistencies in how front-end servers (proxies) and back-end servers process requests from more than one sender.

From the ExtraHop Blog

Take a look at some of our recent stories.

How Attackers are Leveraging the Log4j Vulnerability Six Months Later

Learn how attackers are still leveraging the Log4J vulnerability six months after its initial disclosure and how you can protect your organization from breaches.

Gain PCAP and Forensics in Google Cloud

ExtraHop is honored to have received the Silver Award for Cybersecurity for Innovative Services. Learn more about the Edison Awards and why decryption is necessary for security.

What's New in 8.9 and Reveal(x)

Discover expanded detection tuning, new detection categories, and our newest CrowdStrike integration, all in Reveal(x) 8.9.

In Other News

Read, watch, or listen to some interesting news from around the internet.

The Verge: Daycare Monitoring Apps are 'Dangerously Insecure,' Report Finds

According to the Electronic Frontier Foundation (EFF), some daycare and childcare communications apps are exposing parents and children to the risk of data breaches.

Dark Reading: Only 3% of Open Source Software Bugs are Actually Attackable

A new study says 97% of open source vulnerabilities linked to software supply chain risks are not attackable, but this method for prioritizing bugs may not be the most efficient.