Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Platform
Modern NDR
Overview
With seamless integration between Zscaler Private Access (ZPA) and ExtraHop RevealX, security and IT teams can accelerate investigations and simplify security operations with integrated workflows.
Challenges
In Security Service Edge (SSE) and Secure Access Service Edge (SASE) environments, getting visibility into traffic traversing the cloud-based service is challenging by design. Metadata such as origin IP address and user name is obscured, complicating forensic analysis and east-west traffic inspection. Teams struggle to get a complete picture of what is really happening. This includes understanding the root cause of application performance issues. Is it the user’s device? The network? The cloud service? The application code?
Brief
This joint solution brief from Zscaler and ExtraHop highlights an integrated approach to enterprise security by combining Zscaler Security Service Edge (SSE), powered by Zscaler Zero Trust Exchange, and ExtraHop RevealX NDR. Specifically, it details the correlation of Zscaler Private Access (ZPA) logs with network telemetry to identify security threats and performance issues.
Solution
Together, Zscaler and ExtraHop provide end-to-end visibility into communication that traverses the Zscaler cloud and beyond. By correlating ZPA logs with network telemetry from ExtraHop, SOC teams get a complete view of events for faster response.
ExtraHop detections are automatically enriched with user activity logs from Zscaler, offering end-to-end L2-L7 visibility for all user-to-application communication. This helps uncover lateral movement, privilege escalation, C2 communication, and more.
Blog
Kanaiya Vasani
Chief Product Officer, ExtraHop
Platform
RevealX offers network detection and response (NDR) and network performance monitoring (NPM) in a single, cloud-native platform.
