4.11.19
Network Traffic Analysis for MITRE ATT&CK
The MITRE ATT&CK Framework gives security teams a way to evaluate threat detection tools against real-world adversary tactics, techniques, and procedures (TTPs). Learn how network traffic analysis tools like Reveal(x) detect more TTPs, faster, than other security solutions.
Chase Snyder
4.9.19
The ExtraHop PM Blog Series Kickoff
Our customers see the results of the Product Management team's hard work every day, and now we're excited to give you a look behind the curtain of our design choices. Follow along as ExtraHop PMs reveal the *why* of various aspects of our ground-breaking network traffic analysis product.
Corey Bodzin
4.4.19
What Is TLS Version 0xfb1a?
Have you spotted TLS v.0xfb1a in your SSL/TLS sessions, or are you curious about how to look into unknown versions in your own network? Read on to follow my investigation through ExtraHop and Wireshark.
Ben Higgins
3.27.19
Boost SOC Analyst Productivity with Reveal(x) Spring '19
Learn how the latest release of ExtraHop Reveal(x), network traffic analysis for the enterprise, accelerates security investigations, incorporates MITRE & OWASP links, and more!
Chase Snyder
3.27.19
What's New in ExtraHop 7.6 and Reveal(x)
Learn about the new features and capabilities included in our 7.6 release and Reveal(x) Spring 2019, from accelerated investigations to system health dashboards.
Jeena Khan
3.21.19
The Great Migration Part 2: Backup Arrives
If you're in charge of a marketing website or just curious about the development process, learn from our pitfalls and successes as we document the migration of our website to a different tool. In this post, Zoltan is hired on to join Zach in web production and discusses the problems with the site he encounters.
Zoltan Talaber
3.15.19
The Great Migration Part 1: The State of the Site
If you're in charge of a marketing website or just curious about the development process, learn from our pitfalls and successes as we document the migration of our website to a different tool. In this post, I'll describe our existing toolset and how it came together—and then I'll tell you why it no longer works.
Zach Balter
2.22.19
TCP_NODELAY: 2019 Best Practices for TCP Optimization
How to use TCP_NODELAY, Nagle's Algorithm, QUICKACK, and more settings and algorithms to get better TCP performance on your network.
Kshama Datar
2.20.19
Intelligent CMDB Meets Real-Time Analytics
Learn how ExtraHop integrates with ServiceNow to help you automatically keep your CMDB up to date, streamline workflows, increase security, and speed up incident response by hours or even days.
Dan Tucholski
2.18.19
Palo Alto Firewall: Remediation Integration
Learn how ExtraHop integrates with Palo Alto Firewall to help you automatically remediate security threats in real time.
Christine Shaw
2.14.19
Shut Down SMBv1, Already!
Learn what SMBv1 is and why should you shut it down immediately before this exploit can be used against you.
Tom Roeh
2.12.19
Show and Tell: What a Live Attack Simulation Looks Like in Reveal(x)
Our online demo now features a live attack simulation where you can observe a hacker doing her job: exploiting a Drupal vulnerability, installing custom executables through PsExec, and more.
Tyson Supasatit
2.6.19
How to Recognize Malicious Network and Port Scanning
Network scanning and port scanning aren't inherently hostile, but they're often used maliciously. Learn to tell the difference between safe and hostile scanning on your network.
Christine Shaw
2.5.19
EMA Names Reveal(x) a Top 3 Winner
Why does Reveal(x) lead the pack on critical security use cases including asset classification and inventory, early breach detection, encrypted traffic analysis, and more? Learn why Enterprise Management Associates named Reveal(x) a Top 3 Winner in their new report, Security Analytics for Threat Detection and Breach Resolution in 2019.
Barbara Kay
1.31.19
Hacker, Interrupted
What happens when you find a data leak in your own environment using your own network traffic analysis product? You investigate, of course, and record the whole process. Read on to learn how I used Reveal(x) to catch the fake Postman Chrome extension red-handed, complete with screenshots of the hunt.
Matt Schurr
1.31.19
Espionage Through Chrome Extensions
After detecting and investigating a fake Postman Chrome Extension using Reveal(x) network traffic analysis, one question remained: how much damage could a more sophisticated attacker do? I made my own Chrome malware to find out. Here's what I learned.
Matt Schurr
1.25.19
TCP RTOs: Retransmission Timeouts & Application Performance Degradation
In an effort to rid the world of needless application and network performance slowdowns, we turn to retransmission timeouts (RTOs). What are they and what can you do about them? What Is TCP…
Justin Baker
1.24.19
Reveal(x) Feature Short: Encryption Audit
Watch this 3-minute video to learn how ExtraHop Reveal(x) uses network traffic analysis to help you quickly and easily audit your network for expired certifications, weak ciphers, and more.
Chase Snyder
1.12.19
What Is Silly Window Syndrome?
Explained in detail: Silly window syndrome, how it degrades network performance, and how to avoid it.
Christine Shaw
12.11.18
Clarity in the Fog of War: The Value of Red-Blue Exercises
It's hard to win a fight if you've never thrown a punch. For cyber security, practice comes in the form of Red-Blue exercises like the one ExtraHop just hosted in our Seattle headquarters. Watch this 2-minute video to see the Blue team take on faux-attackers with Reveal(x)!
Tyson Supasatit
