With ExtraHop's Open Data Stream technology pushing wire data into the FireEye Threat Analytics Platform (TAP), security teams have the real-time visibility they need to more effectively detect and defend against advanced persistent threats.
Detect advanced persistent threats more effectively
Rapid, actionable threat intelligence
A centralized dashboard of all suspicious events
Real-time correlation between logs, flow records, and wire data
FireEye TAP significantly improves an organization's capabilities to detect advanced attacks, and when combined with wire data from ExtraHop, TAP gives incident responders and security teams near real-time, actionable intelligence in a central dashboard where they can quickly identify and respond to the most critical events.
Steve Pataky VP of Worldwide Channels and Alliances, FireEye
- DNS activity including domain lookups and possible command-and-control communications
- Inbound and outbound HTTP payload data, including MD5 sums and threat signatures
- Session tracking, such as unexpected SSH connections from external or internal clients
- Reconnaissance activity as attackers probe internal networks from compromised systems
- Real-time data consumption to instantly recognize and alert on abnormal data rates indicating exfiltration