English
Start Demo

The Platform

Solutions

Customers

Partners

Blog

More

Start the Democaret-right

Contact Uscaret-right
caret-left Back

ExtraHop
Reveal(x) 360

Cloud-native visibility, detection, and response
for the hybrid enterprise.

Learn More

How It Works

Competitive Comparison

Why Decryption Matters

Integrations and Automations

Cybersecurity Services

Complimentary Shields Up Assessment

AWS Cloud Security

What is Network Detection & Response (NDR)?

Reveal(x) Enterprise: Self-Managed NDR
caret-left Back

Solutions

Learn More

Security

Cloud

IT Ops

Use Cases

Explore By Industry Vertical
caret-left Back

Customers

Customer resources, training,
case studies, and more.

Learn More

Customer Portal Login

Cybersecurity Services

Training

ExtraHop Support
caret-left Back

Partners

Partner resources and information about our channel and technology partners.

Learn More

Channel Partners

Integrations and Automations

Partners
caret-left Back

Blog

Learn More
caret-left Back

About Us

News & Events

Careers

Resources

caret-left Back

About Us

See what sets ExtraHop apart, from our innovative approach to our corporate culture.

Learn More

The ExtraHop Advantage

What Is Cloud-Native?

Contact Us

caret-left Back

News & Events

Get the latest news and information.

Learn More

Sign Up for a Live Attack Simulation

Upcoming Webinars and Events

caret-left Back

Careers

We believe in what we're doing. Are you ready to join us?

Learn More

Careers at ExtraHop

Search Openings

Connect on LinkedIn

caret-left Back

Resources

Find white papers, reports, datasheets, and more by exploring our full resource archive.

All Resources

Customer Stories

Shields Up Resources

Ransomware Attacks in 2021: A Retrospective

Cyberattack Glossary

Network Protocols Glossary

Documentation

Firmware

Training Videos

Competitive
Analysis

ExtraHop vs. Vectra

Always-on, always-watching, ExtraHop Reveal(x) goes far beyond its competitors to detect and respond to advanced threats that other tools will miss. Complete visibility augmented by decryption, forensic level workflows, and historical data capture for threat hunting and retrospective investigations, are just a few of the Reveal(x) differences. See more below.

Start Demo
  • Investigation
    & Response
  • Enterprise
    Scale & Speed
  • Visibility
    & Decryption
  • Hybrid, Cloud
    & SaaS

Investigation & Response

It's not enough to fire a detection, what's important is to consider the context and correlation of what else is happening on your network. Do you have the depth of data you need to investigate any activity on your network with the ability to look back for threat hunting?

Detections

ExtraHop Logo

Detections on every asset bolstered by full analysis of 70+ protocols, decryption, and cloud-based machine learning.

Vectra Logo

Provides detection on all assets but is limited to on-box machine learning and lacks full protocol analysis and decryption capabilities.

Why It Matters

Full analysis of every asset across all protocols, augmented by decryption, is crucial for the detection of advanced attacks like SUNBURST and Kerberos GoldenTicket attacks. Cloud based machine learning means you can process larger, more complex datasets to ensure seamless detection of even the newest attacks.

circled caret WHITE PAPER: How Reveal(x) Detects Threats

Investigation & Threat Hunting

ExtraHop Logo

Real-time and historical data for all observed communications

Vectra Logo

Data is limited to detection-driven investigations

Why It Matters

To answer the question "Are we impacted by the latest threat?" you need all observed data to determine context and perform proactive investigations and retrospective threat-hunting with detailed historical data.

circled caret USE CASE: Simple, Streamlined Threat Hunting

Unified Console: NetOps + SecOps + CloudOps

ExtraHop Logo

Single console for network, security and cloud teams

Vectra Logo

Security only use cases

Why It Matters

A single source of truth provides faster resolution for security, performance, cloud and hygiene use cases increasing efficiency, decreasing response time, and providing the opportunity to simplify tool portfolios.

circled caret CUSTOMER STORY: Ulta Beauty

Full Continuous Packet Capture (PCAP)

ExtraHop Logo

Always-on continuous PCAP

Vectra Logo

Precision PCAP

Why It Matters

Always-on, continuous PCAP guarantees availability of relevant packets. A reliance on Precision PCAPs means you will miss details critical to determining the severity of an incident.

circled play arrow VIDEO: Packet Capture
with ExtraHop Reveal(x)

Enterprise Scalability & Real-time Analysis

To scale to the needs of the enterprise, your traffic analysis must deliver real-time insights by monitoring every asset communicating across your hybrid environment. Reveal(x) leverages the cloud to constantly adapt to the demands of your network, providing analysts instant access to the data they need to respond to threats.

Scale: Raw Throughput Per-Sensor

ExtraHop Logo

Up to 100Gbps

Vectra Logo

Up to 55Gbps

Why It Matters

Raw throughput is not the only governing factor to determine the scale of monitoring but it is an important one. Higher throughput ensures cost efficiency when scaling to the needs of your organization.

circled caret HOW IT WORKS: ExtraHop Reveal(x) 360

Scale: IP Monitoring

ExtraHop Logo

Up to 1 Million assets

Vectra Logo

Up to 300,000 assets

Why It Matters

Scaling to 1M assets ensures a single investigative console to rapidly correlate asset activity without data fragmentation for all your threat hunting needs.

circled caret HOW IT WORKS: ExtraHop Reveal(x) 360

Scale: Machine Learning

ExtraHop Logo

Cloud-based Machine Learning

Vectra Logo

Appliance-based Machine Learning

Why It Matters

Cloud-based machine learning ensures you immediately have the most up-to-date detection capabilities while simultaneously scaling on-demand to ensure no detection is missed. Appliance based ML is limited to available system resources.

circled caret HOW IT WORKS: ExtraHop Reveal(x) 360

Tunable Data Streaming to SIEM

ExtraHop Logo

Pick the data you want to store.

Vectra Logo

All or nothing approach.

Why It Matters

Sending all data to your SIEM is both expensive and inefficient. Tuning your NDR to stream only the most important data to your SIEM saves time and money.

circled caret HOW IT WORKS: ExtraHop Reveal(x) 360

Visibility & Decryption

Visibility requires a complete picture of every asset connected to the network and its function. This challenge combined with the rapid adoption of encryption has hampered visibility industry wide. Reveal(x) provides complete visibility augmented by decryption into every asset (including IoT), application and user communicating on the hybrid network. Decryption is required to detect the most advanced threats.

Decryption and Encrypted Traffic Analysis (ETA)

ExtraHop Logo

ETA + Out of band line-rate decryption (up to and including TLS 1.3)

Vectra Logo

ETA only. Vectra claims: "Decryption violates privacy laws."

Why It Matters

As TLS 1.3 reaches ubiquity it becomes increasingly necessary to decrypt traffic to catch threats like SQL injection, cross-site scripting, SSRF, and Kerberos Golden Ticket attacks.

circled caret BLOG: Five Reasons You Need to Decrypt Traffic for SecOps Analysis

Asset Classification

ExtraHop Logo

Complete asset inventory with role-based classification including IoT

Vectra Logo

IP address based asset inventory with no asset classification

Why It Matters

You need to classify an assets role to provide needed context to rapidly determine if observed behaviors align with the assets intended function ex. DNS, VOIP, AD, SQL, IoT etc.

circled play arrow VIDEO: Asset Classification
with ExtraHop Reveal(x)

Historical Lookback

ExtraHop Logo

Up to 90 days of customizable historical data included

Vectra Logo

Up to 14 days of Zeek formatted historical data with a fee for additional storage

Why It Matters

When advanced attacks like SUNBURST are disclosed, answering the question "Were we impacted?" requires you have the maximum amount of historical data for investigation.

circled caret SECURITY REPORT: Lessons Learned Investigating the SUNBURST Attack

Hybrid, Multi Cloud & SaaS

Cloud-native security and flexible deployment models are central to the needs of modern enterprises. Reveal(x) leverages its AWS expertise to provide frictionless on-demand deployments to secure your cloud infrastructure.

Flexible Deployment Cloud

ExtraHop Logo

Hybrid, Multi-Cloud, and SaaS deployment models, in one interface. Support for AWS, Azure, GCP

Vectra Logo

No SaaS: Deploy VM's in cloud instances. No Google Cloud support.

Why It Matters

Deployment models must meet with your business requirements for scale and efficiency. ExtraHop Reveal(x) 360 is a true SaaS solution and provides flexibility to adapt to your future security needs.

circled caret SOLUTION: Cloud-Native Security

AWS Competency

ExtraHop Logo

AWS Security Competency

Vectra Logo

None

Why It Matters

Certification by AWS demonstrates that vendors have deep technical expertise and proven customer success securing every stage of cloud

circled caret TECHNOLOGY PARTNER: Amazon Web Services

Cloud Throughput

ExtraHop Logo

Up to 25Gbps

Vectra Logo

Up to 10Gbps

Why It Matters

Raw throughput is not the only governing factor to determine the scale of monitoring but it is an important one. Higher throughput ensures cost efficiency when scaling to the needs of your organization.

Need More Proof?

Investigate a simulated attack unfolding in real time
using the Reveal(x) product.

Start Demo

+

ExtraHop uses cookies to improve your online experience. By using this website, you consent to the use of cookies. Learn More