An Interface that Works the Way You Do
The ExtraHop platform equips you with live activity maps so you can start with a dynamic, interactive, and global view of every communication across your enterprise. Drill down to devices, individual transactions, and even the exact packets in just a few clicks.
Want to begin with an outlier—a transaction with unusual response size, for example—and investigate from there? Start at the bottom and work your way up. Whatever your approach, ExtraHop allows you to ask questions of your wire data and get answers in real time.
Easily perform multidimensional analysis on your transaction records.
Quickly drill down into the packets that comprise flows and transactions.
Machine Learning for the Wire
Humans might be better at making decisions, but machines can make sense of massive amounts of data at a much faster rate. When you apply machine learning to your richest data source, you cut through the noise and give yourself an unbeatable edge in both IT and security.
ExtraHop Addy applies machine learning to your wire data, automatically learning the normal behavior for every device, network, and application, and then alerting you to anomalies. This anomaly detection is much more accurate than traditional alerting and also detects issues that you never thought to build an alert for.
Addy gives you the context you need to take action. With a global search, visual query capabilities, and customizable dashboards, you can find the data that is most important to you, and then see and explore that data on the fly.
The ExtraHop platform offers a simple, intuitive user interface that makes it easy to create new visualizations of your wire data and includes automatically populated role-based dashboards for teams across your organization. You can create a new widget in three steps: 1) Select your data source and metrics, 2) Select the visualization type, and 3) Save it to your dashboard.
When you're ready to share your analysis, you can quickly export charts and the background data points to PDF, Excel, or CSV.
No Scripting? No Problem.
The visual query capabilities in the ExtraHop platform allow for much more than easy searches. Refine or change your query by clicking UI elements that control grouping, pivoting, filtering, and time-range selection; explore hundreds of built-in record attributes or define your own; and quickly answer IT and security questions without needing to learn a query language!
For example: Sort SQL messages by query string to identify attempted SQL injection attacks; with the malicious IP address identified, you can then pivot to see all the activity of that client on the network over the last month. Export that information to Excel, CSV, or visualization tool such as Tableau or Qlik, and you have a step-by-step map of what the attacker did!