Machine Learning

Surface vital threats and insights within your enterprise.

Machine Learning for the Wire

Machine learning might be table stakes for modern IT monitoring solutions, but it's not enough to promise magic—your ML has to deliver. Meet ExtraHop Addy, the world's first cloud-based machine learning service for wire data.

Always on and always learning, Addy trains on the most comprehensive and objective source of data in your environment in order to surface real security and performance anomalies with the full context, precise transaction details, and automated investigation capabilities you need to reduce staff time-to-resolve by more than 50%.

Giving IT Superpowers

Spidey-Sense for IT

Providing real-time situational insight so you can take a proactive, data-driven approach, Addy guarantees you'll never get blindsided. ExtraHop may not give you actual superpowers but with Addy as your eyes and ears, no one will be able to tell the difference!

Take Addy for a Spin

ExtraHop Addy brings our environment into focus. With this service, we're alerted to issues we didn't know we had, and it makes us much more proactive in resolving them before the effects are widespread. We now have the data we need to be smarter about how we operate.

David Johnson
Enterprise Systems Support Specialist
State of Washington

Built on Wire Data icon

Built on the Wire

Powerful, focused machine learning isn't a result of better math, it's a result of better data. By training ML on wire data metrics, ExtraHop achieves an unmatched level of precision and fidelity.

Easy to get started icon

Easy to Start

Addy will start learning what's "normal" for your enterprise right out of the box, and only gets smarter with time. You don't have to worry about configuring or managing Addy at all.

Cut out Noise icon

Cuts Through the Noise

By only surfacing real anomalies, Addy helps you spend your time effectively instead of sifting through false-positives: the perfect early warning complement to cross-tier visibility.

How Does ExtraHop Addy Work?

Addy takes lightweight wire data metrics and shoots them up into the cloud where a suite of machine-learning algorithms detect anomalies in time-series data for every device, network, and application. Addy learns what is normal—and more importantly, what's not—and continuously benefits from crowd-sourced feedback to get better at understanding what's routine and what requires human attention.

With Addy, your team can rest assured it will always be the first to know when there's a problem—so you can solve it quickly and proactively, before hearing from frustrated users.

Read the Technical Deep Dive

Within three days of deploying ExtraHop's anomaly detection solution, it alerted on an anomaly that, an hour later, turned into a Sev-1 incident ... The fact that ExtraHop caught these things before they turned into major incidents tells us just how accurate the machine learning is. Knowing we can trust these alerts is going to make us much more proactive in averting these issues in the future.

IT Operations Manager
Large Canadian Financial Institution

How Customers Are Using Addy

Scan Detection

A large cable provider averted a potential breach when Addy detected a compromised server that was unexpectedly probing systems in another major datacenter, enabling the team to shut down the server and investigate the incident.

Malicious DNS Activity Alerts

A national medical institution averted two potential security breaches when Addy detected international servers probing their DNS, as well as reverse DNS look-ups.

Real-Time Analytics

Data Exploration