2024 Global Cyber Confidence Index

Arrow pointing right
ExtraHop Logo
  • Productschevron right
  • Solutionschevron right
  • Why ExtraHopchevron right
  • Blogchevron right
  • Resourceschevron right

Featured

Technology Partner

Google

Security

Performance

Threat detection and response for Google Cloud Platform and hybrid environments

Overview

Accelerate cloud adoption while securing your customers and your business

Analyze network traffic at scale and expand control across your entire attack surface

Modern businesses leverage the cloud to drive agility and growth. Whether it’s to speed innovation, support a remote workforce, improve application performance or datacenter efficiency, ensure a backup and disaster recovery strategy, or solve the most complex computing challenges – the cloud can drive massive impact.

But as networks grow in complexity, and data is distributed across various environments, security teams need to be able to monitor and analyze all network traffic for indicators of compromise and suspicious behaviors. Getting access to network traffic in public cloud environments, however, can be challenging.

Challenges

Adversaries 🖤 the cloud

Threat actors are increasingly abusing features unique to the cloud

Google reports that nation state actors are increasingly targeting cloud services and infrastructure as industries across the globe increasingly adopt the cloud. According to the report, threat actors are targeting:

  • Public cloud storage services that are unprotected or have weak naming conventions
  • Misconfigured cloud applications and systems
  • Cloud instances with weak or no passwords on common remote access protocols, Secure Shell (SSH) and Remote Desktop Protocol (RDP)

Once inside the network, adversaries have been known to:

  • Escalate their privileges by modifying policies or adding identities to privileged groups
  • Move back and forth between cloud and on-premises environments
  • Exfiltrate data to adversary-controlled cloud storage to either sell for profit or threaten to make public if ransomware demands are not met
  • Encrypt cloud-stored file shares and delete cloud-stored backups


In line with shared responsibility, Google states:


“Even though major cloud platforms invest heavily in security and in abuse detection and mitigation, organizations should monitor their own cloud computing resources for suspicious activity to best align billing monitoring and security needs.”


You need maximum visibility to understand and secure assets in Google Cloud environments, including compute instances, containerized workloads, data storage services, and more.


Solution

RevealX 360

A SaaS-based network detection and response solution that is purpose-built for Google Cloud, multi-cloud, and hybrid environments

With RevealX 360, security teams gain the complete visibility they need to understand and secure assets in Google Cloud environments, including compute instances, containerized workloads, data storage services, and more.

Google Cloud’s packet mirroring copies network traffic and sends it to RevealX for real-time analysis at scale, detection and response.


Key Benefits

87%

Faster threat detection

Get the necessary visibility to Reduce downtime due to outages “With improved visibility and AI-powered analysis, Reveal(x) 360 decreases time to threat detection by 83% and time to threat resolution by 87%.”


Key Benefits

“The new integration between ExtraHop Reveal(x) and Google Cloud's new packet mirroring accelerates our cloud adoption by giving us the visibility we need to secure our applications and protect our most precious asset, our customers.”

Diane Brown Senior Director of IT Risk Management & CISO, Ulta Beauty

Associated content