back caretBlog

What's New in 8.8 and Reveal(x)

While release notes provide a comprehensive view of our release updates, here is a preview of our most exciting new features!

Reveal(x) 360 Integrations

Reveal(x) 360 users can take advantage of the following new integrations to bring ExtraHop data into select third-party applications:

Third-party integrations for Reveal(x) 360

IBM Security QRadar

Export ExtraHop metrics to your QRadar application with the ExtraHop App for QRadar.

Splunk

Export ExtraHop detections and metrics to your Splunk application with the ExtraHop Add-On for Splunk.

Microsoft Protocol Decryption

Connect a Microsoft Active Directory domain controller to a Reveal(x) 360 sensor to decrypt Microsoft protocol traffic and improve detection of security attacks within your Microsoft Windows environment.

Investigations

You can now access detection cards and tracking directly from an investigation timeline.

Detection cards, accessed from an investigation timeline

Security Overview

Quickly view high-risk detections that are ongoing in the Open Detections chart. (Closed detections do not appear in the chart.) This chart can help your SOC team more easily triage detections that haven't been closed.

High-risk open detections in Reveal(x) 360

Threat Briefings

Links to record queries about potential threats can appear even before new detections are updated in the system. By viewing these records, you can jump start your search for threat vectors in your environment.

Record queries for JNDI injection exploit attempts in http

Devices

In 8.8, we've added a number of filters that can help you quickly find your devices:

The Users page now enables you to filter by protocol so you can see which users have accessed devices that are communicating over a protocol.

Filtering users by protocol in Reveal(x) 360

The Devices page enables you to filter for devices that accepted or initiated an external connection, which can help you determine whether devices are engaged in suspicious activity.

Filtering devices by external or internal connection in Reveal(x) 360

You can also filter for devices by analysis level, which determines what data and metrics are collected for a device.

Filtering devices by analysis level in Reveal(x) 360

VPC Flow Logs for Reveal(x) 360

Introducing the Reveal(x) 360 Standard subscription. The EFC 1291v flow sensor enables the ExtraHop system to collect data from flow logs instead of packets.

View of devices discovered on flow sensors in Reveal(x) 360

Administration and API

 

Visit our Customer Portal for upgrade options and let us know if you have any questions!

Related Blogs

Sign Up to Stay Informed