SEATTLE – July 26, 2018 – ExtraHop, the leader in analytics for security and performance management, today announced that a top provider of life insurance in the United States has selected ExtraHop Reveal(x) as the cornerstone of their next-generation security operations center (SOC). With Reveal(x), the insurer can now see into all east-west traffic, including encrypted traffic, in real-time, improving their security visibility by as much as 75 percent and eliminating blind spots left by traditional security monitoring tools.
Over five million policyholders rely on this insurance provider, which has been serving American consumers for more than 110 years. From life insurance and health insurance to agribusiness insurance, the company offers a broad line of products and services distributed through various channels. Maintaining a strong security posture requires extensive visibility and vigilant identification of issues that introduce risk.
Using ExtraHop Reveal(x) helps the provider minimize their attack surface, as well as zero in on emerging threats and suspicious attack activities. For example, immediately during the proof of concept, the insurance provider used ExtraHop to detect unencrypted cleartext protocols being used by clients communicating over the network with critical assets housing highly sensitive data. They also strengthened their defense-in-depth strategy by using ExtraHop to better audit their firewall and Network Access Control (NAC) rules for greater enforcement around ingress and egress traffic from specific countries.
ExtraHop Reveal(x) network traffic analytics (NTA) provides unprecedented visibility and definitive insights into threats and attack patterns so security teams can get immediate answers to investigative and forensic questions. Reveal(x) illuminates the darkspace left behind by other tools to uncover late stage attack activities within the East-West corridor as well as malicious North-South communications. It starts by auto-discovering and classifying every device on the network, then analyzing every transaction, focusing extra scrutiny on each customer's most critical assets. By decoding over 50 enterprise protocols and decrypting SSL/TLS traffic, even with Perfect Forward Secrecy (PFS) enabled, at up to 100Gbps, Reveal(x) acquires an order of magnitude more data than other analytics solutions. In real time, Reveal(x) extracts more than 4,600 metrics from this data to power precise, machine learning-driven behavioral analysis. This process yields high-fidelity alerts and rich records across the full sequence of any incident, reducing noise and keeping security teams focused on the riskiest threats. Reveal(x) goes beyond detection to support incident response with contextual visualization, one-click access to forensic evidence, and simple integrations to automate and orchestrate rapid response. On top of that, ExtraHop's rich set of technical integrations and powerful REST API allow any SOC to act on this powerful data via enterprise case management and remediation programs.
"Insurance companies represent high-value targets for attackers. Consumer information is representative of currency in today's information age, not to speak of actual cash flow. With the logistical challenges of distributed enterprises and thin margins for fair pricing, there are extremely high expectations for service delivery", says Raja Mukerji, Chief Customer Officer and co-founder, ExtraHop. "We're proud to partner with our customers in the insurance vertical to provide deep, actionable intelligence into applications and activities that reduce incidents, expedite forensic investigations, and prevent security breaches easily and cost-effectively."