back caretBlog

Modern Threat Hunting with ExtraHop Reveal(x) (Video)

Today’s threat landscape demands a lot from security analysts: unwavering attention, unflagging energy, and an uncanny ability to hunt for unknown threats on an organization’s network. 

In a recent video, ExtraHop expert Josh Snow explains step by step how to proactively hunt for threats with Reveal(x). He begins by detailing the three key components:

  • Coverage. This includes data sources (logs, agents, network data), encrypted traffic, communication between devices and the network, and the correlation between these disparate streams.
  • Workflow. How easily are you able to access proprietary telemetry data to make correlated context-driven insights, and be able to search across large amounts of this data? 
  • Retention. The ability to look back through historic organizational data to uncover and contain dormant threats.

These steps provide analysts with a rich data source and the broad spectrum coverage required to hunt for advanced threats—which is how members of the ExtraHop Detections Research and Data Science teams successfully detected and contained a Cobalt Strike attack on an organization's network environment.

Watch the video for a comprehensive guide to threat hunting with Reveal(x).

 
ExtraHop Reveal(x) Live Activity Map

Stop Breaches 87% Faster

Investigate a live attack in the full product demo of ExtraHop Reveal(x), network detection and response, to see how it accelerates workflows.

Start Demo

Sign Up to Stay Informed