Posts
9.4.20
How to Respond to Incidents Quickly Despite Intentionally Confusing False Flags
False flags are deliberately planted details meant to distract or mislead investigators. Learn what to look out for and how to get more context.
Tyson Supasatit
9.1.20
Strange Behavior: The Case for Machine Learning in Cybersecurity
Many people are justifiably skeptical of machine learning's value. The strongest case for ML in cybersecurity lies in detecting unusual behavior that other approaches miss.
Tyson Supasatit
8.17.20
When They're Already Inside the Walls: How to Detect and Stop Lateral Movement
Attackers spend a lot of time moving laterally within your environment, trying to reach their targets. Detecting lateral movement can be a challenge, especially if they're using living-off-the-land techniques. Here's what you can do.
Tyson Supasatit
5.29.20
What's Worse? RDP Open to the Internet or Closing Up Shop? RDP Best Practices to Follow in 2020
Enabling remote desktop protocol has been a popular choice for IT teams in the mad dash of WFH access in 2020. Read five best practices to follow.
Tyson Supasatit
5.21.20
Collaboration in Crisis: How to Bring IT and Cybersecurity Teams Together
Dark Reading recently took a measure of the relationship between IT and Security teams. See at the results of the survey and learn best practices from our expert panel.
Tyson Supasatit
5.18.20
With Cybersecurity Budgets Under Scrutiny, It's Time to Get Into Shape
IT leaders need to make the most of their existing resources. By consolidating their toolset, they can maximize the impact of their budget and staff. Read the blog to learn how.
Tyson Supasatit
3.20.20
Remote Access Considerations: How to Ensure Availability and Security for Remote Workers
The COVID-19 pandemic is driving people to work from home and straining remote access infrastructure. Here's how IT and Security teams can cope.
Tyson Supasatit
2.18.20
How to Easily Spot LDAP Clear Text Binds Before the Windows Update
Sending LDAP passwords in clear text was never a good idea, but a Windows update due in the second half of 2020 will make it also painful. Learn how to spot applications that will be affected.
Tyson Supasatit
12.2.19
SANS WhatWorks: ExtraHop Reveal(x) for Security & IT Ops Integration
SANS director John Pescatore interviews Curo Financial to learn how they promoted collaboration between security and IT teams with a common detection and response tool.
Tyson Supasatit
9.18.19
Response Automation with Reveal(x)
Network detection and response (NDR) spots threats that other security solutions miss. Now learn how they automate the appropriate response.
Tyson Supasatit
8.14.19
Can You Encrypt Telnet?
Learn whether or not Telnet sessions are secure, how to encrypt Telnet, and alternatives to this protocol.
Tyson Supasatit
7.30.19
ExtraHop Security Advisory: Phoning Home Data
See four real-world examples of vendors 'phoning home' data without authorization, plus get data security best practices and questions you should ask vendors.
Tyson Supasatit
6.27.19
What Traffic Mirroring Means for Cloud Security
Learn why traffic mirroring in the public cloud (like Amazon VPC Traffic Mirroring) is the best news in years for security teams using AWS or Azure.
Tyson Supasatit
6.25.19
How Traffic Mirroring in the Cloud Works
Learn how the availability of traffic mirroring in the public cloud fills critical network visibility gaps for enterprise security teams using AWS or Azure.
Tyson Supasatit
6.3.19
Five Reasons to Integrate SecOps & NetOps
Learn why you should break down the barriers between Security Operations (SecOps) and Network Operations (NetOps) and align their tools, processes, and skills.
Tyson Supasatit
5.21.19
IT Detects Security Threats First. It's Worth Considering Why.
Security Operations and IT Operations are working together more effectively, but there are still challenges caused by visibility gaps. Read the 2019 Dark Reading survey results to learn what those are, and how to overcome them.
Tyson Supasatit
9.11.19
How Network Detection & Response Supports the CIS Top 20 Controls
Learn how network detection & response (NDR) solutions are the easiest way to get the most CIS Top 20 Control coverage in a short amount of time.
Tyson Supasatit
2.12.19
Show and Tell: What a Live Attack Simulation Looks Like in Reveal(x)
Our online demo now features a live attack simulation where you can observe a hacker doing her job: exploiting a Drupal vulnerability, installing custom executables through PsExec, and more.
Tyson Supasatit
1.4.19
Incident Response Under GDPR
Incident Response teams are under the gun with new data breach reporting requirements thanks to regulations like GDPR. Hear from EMA Research about how to use network traffic analysis as a force multiplier for IR.
Tyson Supasatit
12.11.18
Clarity in the Fog of War: The Value of Red-Blue Exercises
It's hard to win a fight if you've never thrown a punch. For cyber security, practice comes in the form of Red-Blue exercises like the one ExtraHop just hosted in our Seattle headquarters. Watch this 2-minute video to see the Blue team take on faux-attackers with Reveal(x)!
Tyson Supasatit
11.30.18
Top 2018 Risk Management Stats for Security Leaders
In their 2018 study on managing risk and stopping insider or external attackers, the Ponemon Institute revealed some sobering statistics about the state of risk management today. Get the full scoop to help you evaluate and improve your 2019 security posture.
Tyson Supasatit
11.15.18
Decrypt Perfect Forward Secrecy with F5 BIG-IP and ExtraHop
Learn how to use F5 BIG-IP to capture perfect forward secrecy session keys and forward them to ExtraHop in order to passively analyze PFS-encrypted network traffic.
Tyson Supasatit
5.11.18
TLS 1.3: Will Your Network Monitoring Go Blind?
Not sure how to maintain IT and security visibility now that TLS 1.3 requires perfect forward secrecy encryption? Watch this webinar (or read the transcript!) for current encryption trends, what's next for TLS 1.3, and how ExtraHop provides an elegant and lightweight solution to the visibility challenge.
Tyson Supasatit
4.15.18
How ExtraHop Analyzes 1 PB+ Per Day Without Breaking a Sweat
If you can't scale your analytics platform to match cloud adoption and unprecedented data growth, you'll be making IT and security decisions based on guesswork. Learn how ExtraHop analyzes over 1 PB of data per day, and why that scalability matters.
Tyson Supasatit
2.20.18
INFOGRAPHIC: Keep Your Application Vendors Honest About Performance
Learn how to use insights derived from network communications when your commercial application vendors won't help troubleshoot performance issues.
Tyson Supasatit
2.20.18
How to Keep Your Software Vendors Accountable for Performance
While you can't instrument commercial on-prem and SaaS apps, here's how to derive valuable performance insights from the network.
Tyson Supasatit
2.8.18
How to Save Your Data Center Migration
Few organizations trust their CMDB fully, so come learn a better way to discover assets and dependencies, as well as measure performance baselines!
Tyson Supasatit
11.27.17
Network Teams, Need A Wingman?
Learn why EMA Research picked ExtraHop Addy for a 2017 Innovator's Award, calling the machine learning offering an 'intelligent co-pilot' for stressed network engineers.
Tyson Supasatit
11.2.17
It's Not Citrix...AD, Storage, etc., Are to Blame
Citrix CTA Rory Monaghan shares his experience using ExtraHop to understand how the underlying infrastructure affects Citrix performance.
Tyson Supasatit
11.2.17
The Network Engineer's Guide to the Galaxy...of Application Teams
Network engineer Rasika Nayanajith shares his experience using ExtraHop to gain credibility with application teams.
Tyson Supasatit
9.19.17
Introducing ExtraHop 7.0
The ExtraHop 7.0 release advances the state-of-the-art in terms of gaining visibility into your environment. Finally, you can know the shape of your enterprise.
Tyson Supasatit
9.5.17
Hunter or Hunted ... Which Would You Rather Be?
While most organizations are left reeling after attacks, leading security teams are getting proactive about defense.
Tyson Supasatit
7.25.17
Digital Forensic Diaries: Q&A with Author Mike Sheward
We took a moment to chat with Mike Sheward, author of the Digital Forensic Diaries, about his collection of cybersecurity short stories.
Tyson Supasatit
10.4.18
Splunk Agrees: Wire Data Adds Crucial Context to Logs
Splunk and ExtraHop weigh in on the benefits of adding wire data to logs to fill critical visibility gaps. Learn why wire data is the ultimate source of truth for security and IT!
Tyson Supasatit
4.27.17
Lightboard Video: The Silent Scream in Your Datacenter
Monitoring your data combined with security measures, improve your tactical data timeline.
Tyson Supasatit
3.14.17
Data Gravity: What It Is and Why You Should Care
How to solve the problem of data gravity using machine learning for cloud analytics.
Tyson Supasatit
3.14.17
Do IT Pros Think Machine Learning Is Hope or Hype?
Is it all hype, or does machine learning offer real hope for IT organizations? We surveyed IT professionals to find out!
Tyson Supasatit
1.3.17
Microsoft Will Block SHA-1 Certs in 2017. Here's How to Find Them.
Edge, IE, Chrome, and Firefox plan to stop supporting the SHA-1 algorithm. ExtraHop lets you easily see what applications in your environment use that hash function.
Tyson Supasatit
11.30.16
Network Engineers Love Watching Paint Dry
Dan Greer compares a typical PCAP troubleshooting workflow with the ExtraHop platform, which enables you to get from metrics to packets in seconds.
Tyson Supasatit
11.3.16
Log Data vs. Wire Data: Why There's a Clear Winner
SIEM or log analytics platform user? Watch this lightboard video to see the comparisons between traditional log data and wire data.
Tyson Supasatit
10.27.16
Don't Trust Log Data! Lessons from the Cryptonomicon
It's been clear for decades that logs are flawed when it comes to security. Even the cyberpunks in Cryptonomicon knew it. What should you use instead?
Tyson Supasatit
8.30.16
Manage and Monitor Containerized Applications with VMware and ExtraHop
Get better visibility into virtualized and containerized apps by adding stream analytics and wire data to the mix.
Tyson Supasatit
8.26.15
The Results Are In: "State of ITOA" Survey
Industry-research firm TechValidate surveyed IT professionals to find out what IT organizations' plans were for IT Operations Analytics.
Tyson Supasatit
8.13.15
How Lockheed Martin Uses Wire Data For Situational Awareness
Eric Sharpsten, CTO of Lockheed Martin's Federal Health practice, discusses how his organization gains visibility in large, dynamic IT environments.
Tyson Supasatit
1.12.15
ExtraHop Is the Proud Home of the Binary 12th Man!
The 00001100th Man is ExtraHop's geeky salute to a beloved Seahawks tradition. It's our way of showing our love for the amazing Seattle technology community that is cheering for the Seahawks alongside us.
Tyson Supasatit
11.5.14
The Big Data Opportunity for Healthcare with HL7 Analytics
By analyzing HL7 transactions on the wire, healthcare organizations can gain insight into a wealth of clinical and operations data.
Tyson Supasatit
10.15.14
Neuter the POODLE: Detect All SSLv3 Clients and Servers with ExtraHop
Looking for an easy way to identify systems using SSL version 3.0 (SSLv3)? The free ExtraHop Discovery Edition makes the process extremely simple!
Tyson Supasatit
9.12.14
IT Is Drowning in Data, But Thirsty for Insight
IT teams have plenty of data. What they lack is visibility and insight. What the IT monitoring industry needs is a data liberation front.
Tyson Supasatit
9.3.14
Why IT Needs a Culture of Healthy Paranoia
To stop advanced persistent threats, IT needs to suspect users inside the perimeter, even if they are approved accounts using approved ports and private keys.
Tyson Supasatit
6.18.14
See Which World Cup Matches Are Popular in Your Office
With the World Cup Tracker module, you can see streaming activity for ESPN.com and other sites, along with the client IP addresses and device names.
Tyson Supasatit
5.29.14
Server Decommissioning: Wait, We Have How Many DNS Servers?!
ExtraHop auto-discovers and classifies every device transacting on a network. Auto-discovery makes it easy to identify and decommission legacy DNS, web, and other servers.
Tyson Supasatit
5.13.14
Run Your "Microsoft Shop" Better with Wire Data Visibility
Visibility into wire data helps IT teams manage SharePoint, SQL Server clusters, CIFS/SMB file servers, .NET web services, ActiveSync, and more.
Tyson Supasatit
5.1.14
Target's Data Breach: What IT Pros on LinkedIn Had to Say
After we posted on the Target data breach, we received 52 responses from IT professionals in what turned out to be a really insightful discussion.
Tyson Supasatit
4.11.14
Detect Heartbleed Exploits with ExtraHop's Free Download
ExtraHop can detect the heartbeats that are used in the Heartbleed exploit, revealing potential attacks against your SSL servers.
Tyson Supasatit
4.4.14
More Time with Patients, Less Time Waiting for the Application
Think your IT environment is complex? Try delivering more than 200 applications to 11 regional hospitals. That's why Steward Health Care System deployed ExtraHop.
Tyson Supasatit
2.17.14
You Should Never Send to Know "For Whom the SYN ACKs"
A dramatic reading video of For whom the SYN ACKs: "No packet is an island, Entire of itself. Each is a piece of the payload, a part of the flow." Thanks, John Donne.
Tyson Supasatit
2.15.14
Paying Down Technical Debt in Your IT Infrastructure
It is difficult to allocate resources to eliminating waste in the IT environment, but ExtraHop can make continuous improvement efforts easier.
Tyson Supasatit
2.1.14
Monitoring at Scale: Questions You Should Ask Your Vendor
While it's somewhat faddish to boast about monitoring at scale, the crucial question you should be asking is "What are you monitoring at scale?"
Tyson Supasatit
1.30.14
Seahawks Get a Geeky Salute with ExtraHop's "Binary 12th Man"
Apart from a few folks in our Denver office, ExtraHop is rooting for the Seahawks with a binary tribute to the Seahawks' 12th man—our rabid fan base.
Tyson Supasatit
1.3.14
What IT Can Learn from Target's Data Breach
For IT teams, the data breach at Target reaffirms the need to assume that your systems have already been breached and to use wire data analytics.
Tyson Supasatit
10.23.13
Four Data Sources for IT Operations Analytics (ITOA) – A Conceptual Framework
This simple conceptual framework will help you understand what you need to monitor everything in your IT environment and where there might be gaps.
Tyson Supasatit
9.18.13
Transaction Tracing for Web Gateways, Load Balancers, and Other Proxies
A web security company used ExtraHop to pinpoint the cause of latency for its web gateway/proxy SaaS offering using recognize-and-trace transaction tracing.
Tyson Supasatit
6.5.13
Wire Data: The Visibility You Need for Microsoft Environments
If you run a "Microsoft shop," then this blog post is a must-read. ExtraHop can help you improve performance, efficiency, and security.
Tyson Supasatit
11.15.12
Reimagining Packet Capture in Light of Riverbed's Opnet Acquisition
The difference between ExtraHop's approach to packet capture and that of Riverbed and Opnet is telling. "You'll have to pry it from my cold, dead hands" aptly describes network engineers' loyalty to packet-capture tools. However, even the most ardent defenders of packet capture must admit that the traditional method of recording, storing, and analyzing terabytes of packet data is slow and inefficient.
Tyson Supasatit
10.24.12
Case Study: DevOps Collaboration with Application Performance Management (APM)
Read a case study on how Practice Fusion moved to preventing application performance issues by enabling DevOps and IT Operations across all tiers of network environment.
Tyson Supasatit