6.11.19
NSA's Advice on BlueKeep: Know Your Network
Reveal(x) Now Detects Evidence of BlueKeep (CVE-2019-0708)
Jeff Costlow
5.20.19
LDAP Encryption: What You Need to Know in 2019
Get the skinny on LDAP encryption, including whether LDAP traffic is encrypted automatically and how you can best secure traffic using this protocol.
Jaq Evans
5.2.19
The OSI Model Explained for 2019 and Beyond
Learn what the OSI model is, why it still matters for security and IT, and what you're missing if you can't analyze one layer in particular.
Dale Norris
4.29.19
Basic Threat Hunting with Reveal(x)
Watch this 5-minute video to see how ExtraHop Reveal(x) network traffic analysis makes it simple to proactively search for and investigate potential threats like risky database and DNS activity.
Chase Snyder
3.20.19
The Trouble with Native Cloud Security
Public cloud vendors have no choice but to take security seriously - but even the Big Two (AWS and Azure) are still cloud vendors, not security vendors. Here's a breakdown of what cloud-native security really means for the consumer according to the Shared Responsibility Model.
Eric Thomas
3.12.19
What Is Silly Window Syndrome?
Explained in detail: Silly window syndrome, how it degrades network performance, and how to avoid it.
Christine Shaw
3.5.19
Network Traffic Analysis for Enterprise Security
Watch this 6 minute video to learn exactly what sets enterprise-class network traffic analysis products apart from the basic definition of the category and which capabilities are required to be truly best-of-breed.
Chase Snyder
2.22.19
TCP_NODELAY: 2019 Best Practices for TCP Optimization
How to use TCP_NODELAY, Nagle's Algorithm, QUICKACK, and more settings and algorithms to get better TCP performance on your network.
Kshama Datar
2.14.19
Shut Down SMBv1, Already!
Learn what SMBv1 is and why should you shut it down immediately before this exploit can be used against you.
Tom Roeh
2.13.19
The Search for a Scalable Security Solution
Network Traffic Analysis (NTA) vs. SIEM: What are the key differences, and how can these two types of security solution work together for a proactive, cost-effective, and scalable SOC? Dive into our blog series for the answers.
Chase Snyder
2.7.19
Of Fables and False Alerts
Dive into our blog series comparing network traffic analysis products to traditional security solutions with this bakeoff between NTA and Intrusion Prevention Systems (IPS).
Chase Snyder
2.6.19
How to Recognize Malicious Network and Port Scanning
Network scanning and port scanning aren't inherently hostile, but they're often used maliciously. Learn to tell the difference between safe and hostile scanning on your network.
Christine Shaw
1.25.19
TCP RTOs: Retransmission Timeouts & Application Performance Degradation
In an effort to rid the world of needless application and network performance slowdowns, we turn to retransmission timeouts (RTOs). What are they and what can you do about them? What Is TCP…
Justin Baker
1.24.19
Reveal(x) Feature Short: Encryption Audit
Watch this 3-minute video to learn how ExtraHop Reveal(x) uses network traffic analysis to help you quickly and easily audit your network for expired certifications, weak ciphers, and more.
Chase Snyder
1.23.19
Exploring the Frontier of Enterprise Security
Are you interested in the benefits of network traffic analysis but want to understand exactly how network detection and response solutions compare to the enterprise security technology you already know? This blog series will give you the answers in detail. Let's start by comparing network traffic analysis to intrusion detection systems.
Chase Snyder
12.12.18
TCP vs. HTTP
What's the difference between TCP and HTTP? How do they both work, and how do they work together? Read the blog for definitions of both protocols as well as a breakdown of what makes them different.
Zoltan Talaber
11.28.18
A Case Study for Modern Threat Hunting
Cyber security experts are in high demand but many so-called threat hunters begin as network engineers, admins, or analysts. Read this step-by-step case study to learn the basics of confirming and investigating a breach using ExtraHop Reveal(x), network traffic analysis for the enterprise.
Adam Hebert
11.7.18
Reveal(x) Feature Short: Signal Metrics
Watch this 3-minute video to see how the unique Signal Metrics feature in Reveal(x) highlights behaviors that could be impacting your security posture and reducing your hygiene and compliance so you can quickly act on these potential vulnerabilities.
Chase Snyder
11.5.18
How To Detect That Hadoop/YARN DemonBot Exploit That's Going Around
A new 'DemonBot' is exploiting remote code execution in Hadoop YARN to build a huge botnet, but the possibility of data theft via this exploit also looms large. Here's how to detect it quickly.
Matt Cauthorn
10.31.18
Reveal(x) Feature Short: Threat Intelligence
Watch this 3-minute video to see how you can use ExtraHop Reveal(x), network traffic analysis for the enterprise, to quickly investigate suspicious communications identified by third party threat intelligence feeds using STIX files.
Chase Snyder
