ExtraHop Security Overview

By allowing our people, products, and services into your environment, we recognize the trust you have placed in our organization. ExtraHop is committed to protecting our customers.

ExtraHop Security Operations Framework

ExtraHop has built a Security Operations Framework consisting of an extensive set of policy and procedure documentation built around ISO 27001, SOC2 guidelines and our own experience building security products. We use this framework to build secure policies, process and procedures into everything we do.

SOC2 Certification

SOC2 Logo
ExtraHop has obtained SOC2 compliance certification for the Addy service. This certification reinforces ExtraHop's commitment to secure practices. As part of the certification security controls such as firewalls, audit logs, and access controls were audited.

Secure Development Practices

ExtraHop believes in a secure development process that starts with a Secure Development Lifecycle. This development lifecycle is applies to both our appliances and our software services.

  • Design: ExtraHop starts with secure designs, using threat modeling and secure design techniques to build secure software.
  • Construction: ExtraHop uses modern tools with security functions enabled to build secure software.
  • Test: ExtraHop performs security testing on all components.
  • Vulnerability response: ExtraHop believes that once software is shipped, we still have an obligation to keep our customers secure. If issues are found, we issue updates.

Secure Operations

It should come as little surprise that our internal teams use ExtraHop to get great visibility into our own networks, allowing our IT and security teams to identify potentially malicious activity, just as our customers do.

You Own Your Data

ExtraHop believes your data belongs to you, and you should be able to store it, move it around, and analyze it in the ways that work best for you. For more information on how we enable you to use your data however you choose, read about our Open Data Stream technology.

Further Information

This is a brief overview of ExtraHop's security footprint. Customers are encouraged to read further information in the Security and Privacy document. ExtraHop's privacy policy can be found on the Privacy Policy page.

Contact us About Security

If you have found a security issue in our product or want to speak with us about security, feel free to contact us at security@extrahop.com.

Get the overview white paper Start your ExtraHop demo