Wizards of the CoastはExtraHopでアジャイルゲーム開発に対するセキュリティ強化を実現
Know and do more, faster. ExtraHop + ServiceNow makes IT service management even more seamless.
The Home DepotはExtraHopの可視性で統一されたカスタマー・エクスペリエンスを構築しています。
How to Hunt for, Detect, and Respond to SUNBURST
The SUNBURST backdoor, disclosed on December 13th, is a supply-chain attack …
セキュリティ・アラート: NDR を用いた CVE-2020-1472 Zerologon の悪用の検知
Network Detection and Response (NDR) Vs. Extended Detection & Response (XDR)
Get some clarity on the alphabet soup of security vendor acronyms by reading …
ULTA Beauty Securely Scales High-Growth e-Commerce Operation in the Cloud with ExtraHop
Detect network threats and automatically quarantine impacted devices. Inventory devices not yet protected by endpoint security.
2020 Gartner Market Guide for Network Detection and Response
ExtraHop is a representative vendor two years running. Learn why.
Get the latest news and information about ExtraHop, including press releases and third-party coverage.
With hybrid environments on the rise, most organizations have reported gaps in their toolset. Cloud-native network detection and response uses network data to address visibility and detection gaps.
Discover Ways to Take Action and Protect Your Organization
How Advanced Detection and Investigation Features Make Threat Detection Accessible
Dave Shackleford will share his insights on the many enhancements and new features of Reveal(x) that help intrusion analysis and investigation teams analyze malicious behavior rapidly and effectively.
We discuss the lack of skills in cloud security technologies, the much faster deployments and changes to keep pace with, and a need for better controls to help combat these systemic challenges.
See how the ExtraHop Network Detection & Response (NDR) platform can be used, not only to automatically detect the latest threats, but also for proactive Threat Hunting workflows.
Discover how healthcare organizations can maximize security as they increase cloud services.
Find out what tools and techniques can help overcome challenges to safeguard healthcare.
Join a panel of IT and security executives as they discuss the root causes of technology sprawl, a path out of this cycle, and the benefits to be achieved.
Watch this webinar to hear details on Grand Canyon Education's selection, deployment and experience using ExtraHop.
Learn how AWS and ExtraHop empower security teams to stop breaches, not business, with frictionless network detection and response.
This webcast takes a deeper dive into the whitepaper, How to Address a Pervasive and Unrelenting Threat.
Discover how DevOps can see faster deployment in the cloud by integrating security.
A roundtable of security experts discuss results from the SANS 2020 survey of the same name, and explore best practices for DevSecOps teams to follow when leveraging todays cloud-based environments.
Mit Keysight und ExtraHop können Sie alle Geräte im Kontext Ihres restlichen Netzwerks erkennen und überwachen, um Angriffe zu erkennen und darauf zu reagieren, bevor sie zu einem Verstoß werden.
Learn how you can discover and monitor all devices in context of the rest of your network, to detect and respond to attacks before they become a breach.
This session will discuss how to leverage Network Detection and Response based tools to uncover, scope, and respond to new malware variants.
We cover new HTTP Request Smuggling attack variants that work against web servers and HTTP proxy servers. Then we go over a class library that can provide robust socket-level protection against them.
Learn about the critical role network detection and response plays in achieving MITRE ATT&CK Framework coverage, and how to use the network to detect late-stage attack tactics and stop the breach.
Learn from nine real-world attacks, from exploits to mitigation tactics.
Join us as we discuss the recent Forrester Research Total Economic Impact (TEI) study commissioned by ExtraHop where we will discuss how to improve response times by 84% and more.
Get a glimpse into the current state of cloud incident response, and learn what SANS experts predict about the future of cloud security.
Learn how to improve operational efficiencies and reduce costs through tool rationalization.
In this webcast, survey author Chris Dale and survey advisor Matt Bromiley will join experts representing the survey sponsors to discuss results from the 2020 SANS Enterprise Cloud Incident Response …
Learn how the integration of ExtraHop Reveal(x) 360 and CrowdStrike Falcon helps security teams detect and respond instantly to sophisticated attacks.
Cloud providers offer log-based event and configuration monitoring tools but real-time detection and response needs full packet data. Learn how NDR in the cloud presents new opportunities.
Learn how virtual taps from AWS, Azure, and Google Cloud enable NDR solutions to help secure cloud environments covertly with out-of-band, agentless monitoring and threat detection capabilities.
Please join us for a conversation on as we bring healthcare leaders from MEDHOST , Pacific Dental Services and AdventHealth together to discuss the new realities and challenges facing healthcare IT …
Join ExtraHop and (ISC)2 as we explore the ramifications of Ripple20, how to detect vulnerable devices and determine if you should patch or replace.
In this webcast, learn about the challenges of teleworking and remote workers, and the new Remote Work bundle to help organizations get visibility into remote locations.
Understand this series of vulnerabilities and what you can do about them, plus see data from ExtraHop on how widespread the issue is.
This webinar will do a recap of our BlackHat talk, privilege escalating remote build execution, and generally talk through the updates from Google and how they impact attacks.
Forrester Consulting interviewed and conducted a financial analysis of ExtraHop customers, finding that Reveal(x) leads to an overall ROI of at least $1.1 million over three years.
This webinar will discuss how organizations can use the network to detect stealthy post-compromise activity that evades other monitoring techniques.
Get real-world examples from Cloud Security Alliance and ExtraHop of how these cloud threats can affect your business, as well as steps you can take now to strengthen your security posture.
See how together ExtraHop and Keysight provide comprehensive visibility into all devices to stop attacks before they cause damage.
Sponsor representatives and report author John Hubbard will discuss the new SANS report, "Measuring and Improving Cyber Defense Using the MITRE ATT&CK Framework."
SANS Director of Emerging Security Trends and survey author John Pescatore will discuss results from our 2020 SOC Skills Survey.
Learn about the MITRE ATT&CK security framework and how it can help you strengthen your security and measure your success.
Learn about the ways in which NDR compliments and in many cases improves the efficacy of your existing investments in SIEM and EDR.
John Pescatore and Barbara Filkins
Learn how investing in your current staff results in more effective security operations centers.
AWS and ExtraHop will discuss ways to apply AWS controls and services to create a security visibility strategy for the cloud, deliver an agentless, scalable approach that provides SecOps with unified …
We discuss the trends that are complicating the job of security professionals today, including the overnight move to remote work and the acceleration of cloud adoption.
Vince Stross, Jake Williams
Get a better understanding of the techniques attackers use to cover their tracks and confuse investigators, so you can identify false flags and know who's attacking—and why.
We'll demonstrate techniques showing how attackers can plant forensic evidence, misdirecting investigators about their intentions and identities.
See how the tech workforce has adapted to work-from-home and how organizations have navigated the new challenges posed.
Analysts from SANS and ExtraHop discuss the data from a recent poll about remote working and explore the critical topics on how to adapt to semi-permanent remote work situations at enterprises of …
Join Extrahop and (ISC)2 to learn how integrating the two operations can help you eliminate redundant tools, break down data silos, streamline processes, and optimize your budget.
Learn directly from ExtraHop and CrowdStrike about how our Fortune 100 customers are using this solution, and how the integration can provide enterprise security operations teams with capabilities and …
A quick review of DevOps and 5 steps to integrate effective DevSecOps into your security and DevOps programs.
Learn about the changing risks of IoT and get a two-part method for securing this growing attack surface.
Lawrence Orans, Jeremy D'Hoinne, and Josh Chessman
Learn about Reveal(x) 360 and how ExtraHop's SaaS offering is natively delivered from the cloud and provides Network Detection and Response capabilities to create faster time to value without …
Gain guidance for how to gain visibility into eIoT and how machine learning can provide the needed context and correlation of all devices to detect threats and improve the overall security posture of …
Explore the growth of enterprise IoT devices and the implications for incident detection and response. With the right approach, your team can quickly identify IoT devices for greater visibility to …
Learn how cyber attackers can exploit RDP misconfigurations, and what you can do to detect and mitigate attacks.
John Pescatore & Juan Canales
As companies tighten their belts, the need for coordination between operations and security has never been more urgent. This webinar explores the state of the relationship between IT Ops and SecOps …
Learn about the unexpected risks and complexities of connected devices during a pandemic, plus broader security implications for 2020 and beyond.
Juan Canales from Hill Physicians Medical Group provides insight on what he went through in the business justification and deployment of ExtraHops Reveal(x) to increase visibility into network traffic …
ExtraHop and (ISC)2 hold a timely discussion on how to deal with performance and security implications of the shift to a remote workforce.
Scott Crawford et. al.
Lack of visibility creates blind spots, while good visibility brings improved situational awareness. Monitoring and analyzing network data assists as part of those crucial first steps in closing any …
Hear best practices on how to handle the performance and security implications of the shift to a remote workforce.
Discover SANS' recommendations for bridging critical security gaps.
Understand the current state of visibility and how organizations can make better use of network data to detect threats and troubleshoot connectivity problems.
Learn how cloud deployments are affecting security teams and how they can use agentless NDR to help developers bake security into their processes, gaining gain the speed and agility they need to grow …
The COVID-19 pandemic is driving people to work from home and straining remote access infrastructure. Here are some considerations for IT and Security teams.
Chris Marsh, Connor Forrest, Raul Castanon-Martinez, Rosanna Jimenez
Among the aspects that go into making remote working effective, the right strategy around workforce tooling is critical. We look at different options to support employees and explain why it's about …
ExtraHop and (ISC)² discuss the MITRE ATT&CK Framework as we look at how to get the most value from the MITRE ATT&CK Framework in a hybrid environment, how upcoming changes in MITRE ATT&CK may affect …
Discussion of ExtraHop's cloud native approach to network detection and response across your hybrid environment, tackling the challenges of visibility and control in the cloud.
This webinar will cover the 2020 Cybersecurity Insiders Threat Hunting Survey Results: trends, gaps, areas for improvement, and proven best practices in threat hunting.
SANS outlines potential improvements to help organizations match their security spend to key trends.
Barbara Filkins and John Pescatore from SANS will provide analysis of survey results and reveal strategies that organizations can use to justify security spending.
Learn how IT managers can implement cyber hygiene practices with existing phishing penetration testing and awareness training approaches to instill a culture of cyber safety within the enterprise.
Industry analyst Paula Musich from EMA and Ryan Davis from ExtraHop will take a Dickensian journey through cloud security past, present, and future, and offer strategies for how security teams change …
Follow along with the cloud security journey that many enterprises have been on during the past years, looking at the realities of the high points and low points. Then, hear about what organizations …
Learn details on the selection and deployment of ExtraHops Reveal(x) to increase visibility into network traffic, gain detailed and timely insight into performance and security issues and cross …
Gain valuable insights into SOC best practices, Network-based detection tools and barriers to SOC success from principal SANS Senior Instructor Christopher Crowley and SANS Director of Emerging …
Learn how NDR solutions leverage cloud virtual taps to complete Gartner's SOC Visibility Triad of SIEM, EDR, and NDR for strong cloud security.
Mathias Fuchs and Joshua Lemon
Learn which threat hunting strategies you should implement in 2020 based on research from the SANS Institute.
SANS 2019 Threat Hunting Survey authors Mathias Fuchs and Joshua Lemon will discuss key themes that emerged during their analysis of survey results, joined by a panel of representatives from …
In this SC Solutions tech research report, experts differentiate ML from AI and alert you to areas where AI can improve.
Jeff Costlow, Deputy CISO at ExtraHop, shares insights about how data-first approaches and cross-collaboration improve security posture and help reduce tool sprawl.
Learn about the security category of network detection and response (NDR), including key capabilities to look for in NDR products and questions to ask vendors.
Join ExtraHop and (ISC)2 for a discussion on cyber insurance, demystifying the current insurance landscape and what are the right questions to answer.
This white paper provides some background information about the NIST Cybersecurity Framework and NIST Special Publication 800-53 Revision 4 and walks through how ExtraHop Reveal(x), cloud-native …
In this SANS webcast, expert Dave Shackleford and Tom Stitt from ExtraHop discuss how Reveal(x) can help an organization evaluate threat activity in multiple scenarios, and how key new features make …
Read the 12-page review to learn how Reveal(x) addresses five core security issues as well as detailed use cases including detection/response and active threat hunting.
ExtraHop and Security Weekly discuss the challenges and opportunities facing security and IT teams when it comes to scaling security talent.
As deployment models evolve so does the need for our responses. With technology such as Cloud, containers, and rapid update deployment rolling out, what's going on with security?
We'll show you the latest ransomware in action, with videos and screenshots from actual cases, and discuss strategies for monitoring and detecting ransomware, including mistakes to avoid and tactics …
Get IDC's take on the limitations, requirements, and best practices for cloud security under the shared responsibility model.
Learn how you can go beyond the traditional perimeter security provided by a firewall, IPS, etc. to actively search for threats that have infiltrated your network.
This webcast takes a deeper dive into the results of the SANS 2019 Incident Response (IR) Survey.
Read this technical brief for a deep dive into why decryption capabilities are crucial for the modern SOC, the two primary methods for accessing and decrypting data for security analytics, how …
Dive into what's working for security incident response, what needs to improve, and what the SANS Institute recommends.
In this Security Advisory, we discuss four real-world examples of data being 'phoned home' by third-party vendors and share best practices for ensuring data security, privacy, and compliance.
It's the dawn of a new era in network detection and response for the cloud. Read EMA's latest research to understand why.
Enterprise-ready strategies for building a collaborative NetSecOps team.
This webcast digs more deeply into the results of the SANS 2019 SOC Survey, in a panel moderated by SANS Director of Emerging Technologies John Pescatore.
Christopher Crowley and John Pescatore
In this presentation you'll learn how to take your ATT&CK understanding and coverage to the next level with network traffic analysis.
Step through a rapid, end-to-end investigation and response process, from early breach detection to forensic analysis in just minutes, relying on Network Traffic Analysis for authoritative and …
Learn why closing the gap between network and security teams is crucial for delivering a secure, world-class customer experience, and how to integrate these systems smoothly and effectively.
Learn the process for building a threat hunting program, and for optimizing the efforts of designated threat hunters in the organization.
This webcast digs more deeply into the results of the SANS 2019 Cloud Security Survey, conducted in cooperation with the Cloud Security Alliance.
Learn about the changing roles of, and relationship between, IT Operations and Cybersecurity Operations, as well as what your organization can do to improve collaboration between these two groups.
Read on to learn about the challenges facing cloud security teams today, as well as how industry leaders are adapting IR and forensics strategies and integrating the most effective cloud security …
This Black Hat-hosted presentation will explore typical administration methods and how attackers exploit them, as well as provide the best methods of secure administration to protect privileged …
ExtraHop Deputy CISO Jeff Costlow discusses how security operations teams can escape the cycle of reactivity characterized by constantly responding to a flood of alerts, and move toward a more …
Learn how to go from APM black box to complete app visibility with enterprise application analytics.
Learn how Reveal(x) network detection and response enables greater TTP coverage for security teams using the MITRE ATT&CK framework to evaluate threat detection tools.
Learn about research findings to help you gain support for a proactive plan and avoid retrofitting security. Security pros will learn what to consider and prioritize and how to engage productively …
The CIS Critical Security Controls are meant to help your SOC rise above the noise. This document explains how cloud-native NDR with Reveal(x) supports CIS Controls version 7, including several of the …
Shamus McGillicuddy, Jon Kies
This webinar will discuss the role that network traffic analysis can play in speeding up incident response, quickly investigate incidents and get definitive answers.
Learn how Network Traffic Analysis can provide the visibility and data access needed to take investigations from many hours to just a few clicks.
Read new research on how encryption is impacting enterprises, and how they're preparing for even further transformation due to TLS 1.3 and perfect forward secrecy.
EMA evaluated 32 vendors across a range of security analytics use cases and listed Reveal(x) as a Top 3 Winner in six different categories.
Learn the ways that machine learning can help in security operations, how it can speed threat analysis, and how to evaluate and choose technologies that will work in your organization.
The experts from ExtraHop and Ixia will reveal new insights into best practices for alignment and delivering the right data—even if it's the same data—to each team.
Hear war stories and recommendations in SOC operations –including how to analyze and respond to new attacks that have evaded traditional defenses.
EMA Managing research Director David Monahan joins ExtraHop CIO John Matthews to explain how you can automatically prioritize your most critical assets, provide context to alerts, and put full …
This webinar explains why ExtraHop and Splunk make such a great fit, and how you can use the ExtraHop App for Splunk to stream wire data such as details for DNS, database, storage, and more.
In this webinar, you will learn about what cloud providers can help you with, what gaps you need to fill, and the role that network traffic analysis can play in securing your cloud environments.
This SANS Institute review evaluates the ExtraHop Reveal(x) product and its ability to support detection, investigation and response for these late-stage attack activities.
Join this interactive Q&A to discover the latest trends in cyber crime, your organization's vulnerabilities, and how to go about preventing, detecting and responding to a breach.
This whitepaper explores the benefits of leveraging untapped wire data in your network, how the ExtraHop platform correlates this data to provide greater visibility into application performance, and …
In this webcast, we'll cover how your peers are using NTA technology to focus on what matters, the impact of forward secrecy and TLS 1.3 encryption on network analysis, how NTA can simplify CIS …
Tim Grieser, Harsh Singh
IDC doesn't mess around with their research into consumer technology — and neither does ExtraHop when it comes to providing value for our customers. Now we've got the numbers to prove it.
In this webcast, learn the tools and technologies SOCs are deploying to integrate and manage all their security, operational and response data for better protection, detection and response.
In this webcast, learn how respondents to our 2018 SOC survey are staffing their SOCs, the value of cloud-based services to augment staff and technology, and respondents' level of satisfaction with …
Paula Musich, David Monahan
In this webinar, you will learn how your peers are using NTA technology based on a new market research from 451 Research, as well as ExtraHop's approach to NTA that goes beyond just detecting threats.
Join top security experts for this interactive Q&A discussion on trends in ransomware attacks, backups, patches and other ways to protect your data, how to bolster your organization's security culture …
In this webinar, you will learn about TLS 1.3's implications for enterprise performance and security monitoring, and how ExtraHop offers a novel method of decrypting traffic using ephemeral session …
ExtraHop and Cerner provide the ability to see, in real time and down to the transactional level, exactly what's happening across your healthcare IT and clinical systems. This visibility isn't just a …
The General Data Protection Regulation brings about a new era of data protection and security requirements. ExtraHop can help your compliance in three critical areas.
Eric Ogden, Patrick Daly, Jasmine Rishi
This report from 451 Research includes expert analysis on the cybersecurity market and how the new security analytics product, ExtraHop Reveal(x), is poised to disrupt and outcompete established …
Many network operation teams struggle to address data friction issues by failing to leverage their network. Using a network as a real-time data source allows you to confidently maximize the value of …
Cyber Protection Teams (CPTs) on the prowl need fast, accurate information in order to spot and track down threats before they have time to attack. This white paper explains how wire data is a crucial …
David Monahan, Paula Musich
ExtraHop makes a lot of big claims because we believe we can prove them true. Third party research from analyst groups like EMA is just one way we follow through.
Learn how ExtraHop Reveal(x) provides auto-discovery, intelligent classification, and service-centric analytics to help beleaguered SOC analysts concentrate their energies on the most important and …
This webinar will discuss the pieces of a cybersecurity ecosystem model, and how this type of model requires policies, processes, and technologies that allow your healthcare organization to take a …
ExtraHop, APCON, and Portland Community College (PCC) discuss the challenges PCC faced when trying to expand visibility and aggregate network traffic from multiple remote sites.
Join this webinar to discover how you can track five key metrics that characterize the performance of your Citrix environment. We call these metrics "The Five Ls": Launches, Logon Time, Load Times, …
This white paper explains how you can keep SaaS vendors honest about performance with the ExtraHop platform.
This webinar will explain the SOAPA approach and how wire data fits, and will include use cases for integration and orchestration of wire data with other security tools such as SIEM platforms.
Download the ebook to learn how to evolve your distributed network in order to stay agile and service-focused in a cloud-based world.
In this webinar, we'll share a story from an ExtraHop customer who underwent a large datacenter migration after it acquired a new business.
Learn how ExtraHop helps you identify ransomware by providing full, real-time visibility into which devices are accessing network share and what type of behavior they are exhibiting, backed by machine …
In this white paper, we outline the fundamental business values that come with modern network segmentation, and offer clear, prescriptive guidance on the methodologies needed to make it a reality for …
The ExtraHop platform takes the guesswork out of application and data center migration by providing complete visibility and performance metrics that make clear the risks, but also support the success, …
In healthcare IT, the stakes are high. Get insight on prioritization in this survey of Healthcare IT professionals covering pain points, areas for improvement, and common roadblocks.
After reading this paper, you'll have a better understanding of some oft-misunderstood methods for improving TCP performance, which will make it easier to troubleshoot network performance problems in …
Learn the six steps of the NSA's playbook for breaking into sophisticated, highly-secured networks, and how you can use the NSA's mindset to protect your own network from hackers.
Modern security teams can no longer guarantee their companies won't experience a breach, but they can still stay ahead of increasingly sophisticated attackers—if, that is, they change the way they …
Enterprise security organizations have made significant investments in SIEM platforms but struggle to optimize their accuracy. SIEM platforms depend on data from your environment to identify threats …
With knowledge handpicked from real-world observations and testing, this paper offers practical and prescriptive guidance on how in-flight data analysis from ExtraHop gives you the power to detect and …