How It Works
ExtraHop Integrations and Automations
What is Network Detection and Response (NDR)?
Cloud-Native Security Solutions
Reveal(x) Enterprise: Self-Managed NDR
With the power of machine learning, gain the insight you need to solve pressing challenges.
Stand up to threats with real-time detection and fast response.
Learn More >
Gain complete visibility for cloud, multi-cloud, or hybrid environments.
Share information, boost collaboration without sacrificing security.
Featured Customer Story
Wizards of the Coast Delivers Frictionless Security for Agile Game Development with ExtraHop
See All Customer Stories >
Our customers stop cybercriminals in their tracks while streamlining workflows. Learn how or get support.
Our partners help extend the upper hand to more teams, across more platforms.
Featured Integration Partner
Detect network attacks. Correlate threat intelligence and forensics. Auto-contain impacted endpoints. Inventory unmanaged devices and IoT.
See All Integration Partners >
Get hands-on with ExtraHop's cloud-native NDR platform in a capture the flag style event.
Cloud-native visibility, detection, and response for the hybrid enterprise.
Customer resources, training,case studies, and more.
Partner resources and information about our channel and technology partners.
See what sets ExtraHop apart, from our innovative approach to our corporate culture.
Get the latest news and information.
We believe in what we're doing. Are you ready to join us?
Find white papers, reports, datasheets, and more by exploring our full resource archive.
Jeff Costlow is the CISO at ExtraHop. He started his career in computer security in 1997. Jeff has deep experience with networking protocols, a passion for secure software development and many years of software engineering under his belt.
In his spare time, Jeff enjoys building and sailing small boats, making beer or cider, mentoring for FIRST robotics, and raising Pacific Northwest mason bees.
Connect with Jeff on Twitter or LinkedIn!
An explanation of the latest SonicWall exploitation. Learn how to detect attacks by inventorying and monitoring SRA and SMA devices, plus information about the SolarWinds Serv-U vulnerability.
The latest REvil ransomware attack is a sophisticated supply chain-based attack on software provider Kaseya that has put up to 1,500 customers at risk.
What you need to know about the latest PrintNightmare vulnerability (CVE-2021-34527), how it differs from other recent issues with the Print Spooler service, and what you can do to secure your organization.
Today was Microsoft Patch Tuesday, and while there were a relatively small number of patches issued—55 as compared to the usual 100 plus—a few of those vulnerabilities require immediate attention.
The SonicWall vulnerabilities are the latest in a spat of serious CVEs. Learn how to inventory your devices and software to prevent exploits.
The recent ransomware attack on Acer evidences an increasing trend of combining ransomware and exfiltration for a two-pronged attack. Learn how ExtraHop Reveal(x) can detect and stop ransomware.
How to secure Microsoft Exchange Server and why decryption is a critical capability for security solutions.
A new Exchange server vulnerability is being exploited to perpetrate active server side request forgery (SSRF) attacks.
A recent cybersecurity advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) warns of an imminent cybercrime threat to hospitals.
The Windows 10 vulnerabilities unveiled by Microsoft on October 13 include a remote DoS (CVE-2020-16899) and a remote code execution flaw (CVE-2020-16898) dubbed 'Bad Neighbor'. Get the rundown on potential exploits and what you should do.
The recent Zerologon vulnerability (CVE-2020-1472) could allow attackers to get control of a Windows domain without any user credentials. Learn how it works and how to protect against exploits.
The Ripple20 group of vulnerabilities affects hundreds of millions of devices across many industries. Learn how to identify devices using the vulnerable Treck software and detect Ripple20 exploits.
Reveal(x) Now Detects Evidence of BlueKeep (CVE-2019-0708)
A mysterious (and fake) Chrome extension. A clever data exfiltration scheme. They would have gotten away with it, too, if it weren't for those meddling security analysts using ExtraHop Reveal(x)! Follow along as we go from threat detection to response in this real-life threat hunt with network traffic analysis.
There is a new Apache Struts vulnerability and it's a doozy. ExtraHop customers can use this technique to monitor for IOCs while they work to update their software.
ExtraHop users, there's a nasty new Android worm that spreads via remote debugging services, but don't worry—install this remote ADP connections dashboard to quickly find and shut down at-risk devices.
How to defend against WPAD exploit aPAColypse now
What is Perfect Forward Secrecy encryption and how ExtraHop allows you to decrypt Perfect Forward Secrecy in real time.
For those of us in the computer security industry, the end of July in Las Vegas means the annual week of conferences; BlackHat and DefCon. It's always a great—albeit exhausting—week.
New ransomware campaign utilizes the EternalBlue exploit to infect systems across the globe.
The public cloud is a natural place to perform machine learning and deep analytics, but your IT data is on-premises. What's needed to bridge the gap securely?
ExtraHop Bundle Now Directly Detects EternalBlue Portion of WannaCrypt.
If you have younger kids - especially if they are interested in STEM - take them to your local FIRST Robotics competition and encourage them to participate.
The RSA Conference is the largest security industry convention in the world. This year, ExtraHop had a booth there for the first time...and it was busy!