Network Detection & Response
Detection & Response for AWS
Application & Network Performance
Digital Business, Accelerated
White Papers, Data Sheets, and More
Analytics Extended, Workflows Automated
Rise Above the Noise.
Rise to the Opportunity.
Get the Latest.
Secure your hybrid attack surface with complete visibility, real-time detection, and intelligent response.
Manage risk and drive growth in AWS with an agile, cloud-native approach to cybersecurity.
Ensure the availability and performance of your enterprise from the cloud, to the data center, to the customer.
Take control of SDN, the cloud, and more with complete visibility, real-time detection, and intelligent response.
Learn about the innovative ways our customers are succeeding with ExtraHop, plus the latest news from R&D.
Explore the Panorama Partner Program, meet our channel partners, or search for a technology partner.
Compare support packages, check out our Professional Services offerings, or log into the Customer Portal.
Watch free training videos and courses, or schedule a visit from an ExtraHop expert for specialized training.
February 18, 2020
This webinar will cover the 2020 Cybersecurity Insiders Threat Hunting Survey Results: trends, gaps, areas for improvement, and proven best practices in threat hunting.
February 10, 2020
February 7, 2020
February 4, 2020
Barbara Filkins and John Pescatore from SANS will provide analysis of survey results and reveal strategies that organizations can use to justify security spending.
January 6, 2020
December 20, 2019
Learn how IT managers can implement cyber hygiene practices with existing phishing penetration testing and awareness training approaches to instill a culture of cyber safety within the enterprise.
December 12, 2019
Industry analyst Paula Musich from EMA and Ryan Davis from ExtraHop will take a Dickensian journey through cloud security past, present, and future, and offer strategies for how security teams change the future state from one of cloud stall to one of cloud as a strategic security driver.
December 3, 2019
November 14, 2019
Follow along with the cloud security journey that many enterprises have been on during the past years, looking at the realities of the high points and low points. Then, hear about what organizations can expect in 2020.
November 12, 2019
November 12, 2019
Learn details on the selection and deployment of ExtraHops Reveal(x) to increase visibility into network traffic, gain detailed and timely insight into performance and security issues and cross organizational siloes by using a common tool and dashboard for application owners, network administrators and security analysts.
November 7, 2019
November 5, 2019
Learn how NDR solutions leverage cloud virtual taps to complete Gartner's SOC Visibility Triad of SIEM, EDR, and NDR for strong cloud security.
November 4, 2019
SANS 2019 Threat Hunting Survey authors Mathias Fuchs and Joshua Lemon will discuss key themes that emerged during their analysis of survey results, joined by a panel of representatives from DomainTools, ExtraHop, and ThreatConnect.
November 4, 2019
Mathias Fuchs and Joshua Lemon
October 21, 2019
October 16, 2019
October 15, 2019
Jeff Costlow, Deputy CISO at ExtraHop, shares insights about how data-first approaches and cross-collaboration improve security posture and help reduce tool sprawl.
October 11, 2019
Learn about the security category of network detection and response (NDR), including key capabilities to look for in NDR products and questions to ask vendors.
October 10, 2019
Join ExtraHop and (ISC)2 for a discussion on cyber insurance, demystifying the current insurance landscape and what are the right questions to answer.
October 7, 2019
This white paper provides some background information about the NIST Cybersecurity Framework and NIST Special Publication 800-53 Revision 4 and walks through how ExtraHop Reveal(x), cloud-native network detection and response (NDR), provides coverage for many of the guidelines set out in these frameworks.
October 3, 2019
In this SANS webcast, expert Dave Shackleford and Tom Stitt from ExtraHop discuss how Reveal(x) can help an organization evaluate threat activity in multiple scenarios, and how key new features make doing so easier than ever.
October 1, 2019
Read the 12-page review to learn how Reveal(x) addresses five core security issues as well as detailed use cases including detection/response and active threat hunting.
September 30, 2019
ExtraHop and Security Weekly discuss the challenges and opportunities facing security and IT teams when it comes to scaling security talent.
September 24, 2019
As deployment models evolve so does the need for our responses. With technology such as Cloud, containers, and rapid update deployment rolling out, what's going on with security?
September 23, 2019
We'll show you the latest ransomware in action, with videos and screenshots from actual cases, and discuss strategies for monitoring and detecting ransomware, including mistakes to avoid and tactics for thwarting the stealthiest new threats.
September 18, 2019
Learn how Reveal(x), cloud-native network detection and response (NDR), can make your security toolset more effective through automated threat response.
August 28, 2019
Get IDC's take on the limitations, requirements, and best practices for cloud security under the shared responsibility model.
August 26, 2019
August 26, 2019
Learn how you can go beyond the traditional perimeter security provided by a firewall, IPS, etc. to actively search for threats that have infiltrated your network.
August 7, 2019
This webcast takes a deeper dive into the results of the SANS 2019 Incident Response (IR) Survey.
August 2, 2019
Read this technical brief for a deep dive into why decryption capabilities are crucial for the modern SOC, the two primary methods for accessing and decrypting data for security analytics, how ExtraHop Reveal(x), Network Traffic Analytics for the enterprise, gives you access to critical data with need-to-know decryption and no performance impacts.
August 1, 2019
July 29, 2019
In this Security Advisory, we discuss four real-world examples of data being 'phoned home' by third-party vendors and share best practices for ensuring data security, privacy, and compliance.
July 25, 2019
It's the dawn of a new era in network detection and response for the cloud. Read EMA's latest research to understand why.
July 24, 2019
Enterprise-ready strategies for building a collaborative NetSecOps team.
July 11, 2019
This webcast digs more deeply into the results of the SANS 2019 SOC Survey, in a panel moderated by SANS Director of Emerging Technologies John Pescatore.
July 10, 2019
Christopher Crowley and John Pescatore
June 25, 2019
June 24, 2019
June 24, 2019
In this presentation you'll learn how to take your ATT&CK understanding and coverage to the next level with network traffic analysis.
June 10, 2019
June 4, 2019
Step through a rapid, end-to-end investigation and response process, from early breach detection to forensic analysis in just minutes, relying on Network Traffic Analysis for authoritative and detailed data.
June 3, 2019
May 31, 2019
Learn why closing the gap between network and security teams is crucial for delivering a secure, world-class customer experience, and how to integrate these systems smoothly and effectively.
May 15, 2019
Learn the process for building a threat hunting program, and for optimizing the efforts of designated threat hunters in the organization.
May 12, 2019
This webcast digs more deeply into the results of the SANS 2019 Cloud Security Survey, conducted in cooperation with the Cloud Security Alliance.
May 9, 2019
May 8, 2019
May 7, 2019
Read on to learn about the challenges facing cloud security teams today, as well as how industry leaders are adapting IR and forensics strategies and integrating the most effective cloud security controls.
April 23, 2019
April 22, 2019
This Black Hat-hosted presentation will explore typical administration methods and how attackers exploit them, as well as provide the best methods of secure administration to protect privileged credentials.
April 17, 2019
ExtraHop Deputy CISO Jeff Costlow discusses how security operations teams can escape the cycle of reactivity characterized by constantly responding to a flood of alerts, and move toward a more proactive stance by using the right data sources and workflows, driven by network traffic analysis, to focus on developing proactive capabilities like continuous encryption auditing, policy auditing, and more advanced use cases like threat hunting.
April 16, 2019
April 15, 2019
Learn how to go from APM black box to complete app visibility with enterprise application analytics.
April 11, 2019
Learn how Reveal(x) network detection and response enables greater TTP coverage for security teams using the MITRE ATT&CK framework to evaluate threat detection tools.
March 26, 2019
March 19, 2019
Learn about research findings to help you gain support for a proactive plan and avoid retrofitting security. Security pros will learn what to consider and prioritize and how to engage productively with IT. IT and application teams will understand the visibility, performance, and security implications of different approaches to encryption and decryption.
March 13, 2019
The CIS Critical Security Controls are meant to help your SOC rise above the noise. This document explains how cloud-native NDR with Reveal(x) supports CIS Controls version 7, including several of the more important — and ambitious — coverage areas for asset cataloguing, administration privilege usage, and limitation of network ports, protocols, and services.
March 6, 2019
Shamus McGillicuddy, Jon Kies
March 1, 2019
Lawrence Orans, Jeremy D'Hoinne, and Sanjit Ganguli
February 26, 2019
This webinar will discuss the role that network traffic analysis can play in speeding up incident response, quickly investigate incidents and get definitive answers.
February 15, 2019
Learn how Network Traffic Analysis can provide the visibility and data access needed to take investigations from many hours to just a few clicks.
February 15, 2019
February 7, 2019
Sanjit Ganguli, Ted Corbett
February 5, 2019
Enterprise Management Associates
February 1, 2019
January 31, 2019
Learn the ways that machine learning can help in security operations, how it can speed threat analysis, and how to evaluate and choose technologies that will work in your organization.
January 22, 2019
The experts from ExtraHop and Ixia will reveal new insights into best practices for alignment and delivering the right data—even if it's the same data—to each team.
December 18, 2018
Hear war stories and recommendations in SOC operations –including how to analyze and respond to new attacks that have evaded traditional defenses.
November 28, 2018
EMA Managing research Director David Monahan joins ExtraHop CIO John Matthews to explain how you can automatically prioritize your most critical assets, provide context to alerts, and put full transaction details at your fingertips during investigations.
November 19, 2018
This webinar explains why ExtraHop and Splunk make such a great fit, and how you can use the ExtraHop App for Splunk to stream wire data such as details for DNS, database, storage, and more.
October 24, 2018
In this webinar, you will learn about what cloud providers can help you with, what gaps you need to fill, and the role that network traffic analysis can play in securing your cloud environments.
October 24, 2018
October 11, 2018
October 8, 2018
October 4, 2018
This SANS Institute review evaluates the ExtraHop Reveal(x) product and its ability to support detection, investigation and response for these late-stage attack activities.
September 27, 2018
September 25, 2018
September 19, 2018
Join this interactive Q&A to discover the latest trends in cyber crime, your organization's vulnerabilities, and how to go about preventing, detecting and responding to a breach.
September 19, 2018
September 18, 2018
August 30, 2018
August 27, 2018
This whitepaper explores the benefits of leveraging untapped wire data in your network, how the ExtraHop platform correlates this data to provide greater visibility into application performance, and how IT Operations can use ExtraHop to expedite data visualization, analysis, and issue resolution for higher application performance.
August 23, 2018
In this webcast, we'll cover how your peers are using NTA technology to focus on what matters, the impact of forward secrecy and TLS 1.3 encryption on network analysis, how NTA can simplify CIS Critical Security Controls 1 and 2 and more!
August 20, 2018
In this webcast, learn the tools and technologies SOCs are deploying to integrate and manage all their security, operational and response data for better protection, detection and response.
August 20, 2018
Tim Grieser, Harsh Singh
August 14, 2018
In this webcast, learn how respondents to our 2018 SOC survey are staffing their SOCs, the value of cloud-based services to augment staff and technology, and respondents' level of satisfaction with the architectures they've deployed.
August 2, 2018
August 1, 2018
Paula Musich, David Monahan
July 17, 2018
The ExtraHop Reveal(x) Summer 2018 release introduces compelling features such as new ways of visualizing threats, integrations with Splunk, ServiceNow, Anomali, and Palo Alto, and more.
July 16, 2018
Learn three real-world threat detection, investigation, and automation scenarios with Reveal(x) & Phantom.
July 10, 2018
June 27, 2018
In this webinar, you will learn how your peers are using NTA technology based on a new market research from 451 Research, as well as ExtraHop's approach to NTA that goes beyond just detecting threats.
June 20, 2018
In this webinar, we'll be looking at real-life examples of how IT teams can leverage enterprise-scale IT analytics backed by AI to improve application performance, reveal suspicious activity and provide business intelligence.
June 12, 2018
Pop the hood and take a look at the technical underpinnings of ExtraHop Reveal(x), from stream analytics to machine learning, to learn exactly how radically Reveal(x) can improve SOC efficiency and productivity.
June 6, 2018
Join top security experts for this interactive Q&A discussion on trends in ransomware attacks, backups, patches and other ways to protect your data, how to bolster your organization's security culture and other threats on the horizon.
May 22, 2018
May 17, 2018
In this webinar, we'll discuss how to build an action-oriented security architecture, key use cases, and critical success factors.
April 25, 2018
In this webinar, you will learn about TLS 1.3's implications for enterprise performance and security monitoring, and how ExtraHop offers a novel method of decrypting traffic using ephemeral session keys without an inline deployment.
April 18, 2018
April 16, 2018
April 15, 2018
April 4, 2018
April 2, 2018
March 22, 2018
ExtraHop and Cerner provide the ability to see, in real time and down to the transactional level, exactly what's happening across your healthcare IT and clinical systems. This visibility isn't just a nice to have, it is a must-have to keep your IT healthy.
March 20, 2018
March 20, 2018
Learn more about how to overcome the common challenges in your data center migration project, using data pulled from the network to discover assets, map dependencies, measure before-and-after baselines, and validate your project's success.
March 15, 2018
The General Data Protection Regulation brings about a new era of data protection and security requirements. ExtraHop can help your compliance in three critical areas.
March 13, 2018
In this webinar, we'll discuss the parts of the current security paradigm that cause the most time waste, and introduce a new automated 3-in-1 workflow, enabled by ExtraHop Reveal(x), that can reduce wasted time and accelerate investigations for enterprise security teams.
March 6, 2018
Eric Ogden, Patrick Daly, Jasmine Rishi
March 1, 2018
February 20, 2018
Many network operation teams struggle to address data friction issues by failing to leverage their network. Using a network as a real-time data source allows you to confidently maximize the value of IT data. Learn about an analytical approach to healthcare and how to leverage a network as a data source.
February 18, 2018
Cyber Protection Teams (CPTs) on the prowl need fast, accurate information in order to spot and track down threats before they have time to attack. This white paper explains how wire data is a crucial source for granular visibility and rapid investigations.
February 15, 2018
David Monahan, Paula Musich
February 1, 2018
Get an objective look at how ExtraHop Reveal(x) performs, from real-time analytics to early threat detection.
January 30, 2018
Learn how ExtraHop Reveal(x) provides auto-discovery, intelligent classification, and service-centric analytics to help beleaguered SOC analysts concentrate their energies on the most important and targeted assets in their enterprise, on-prem or in the cloud.
January 29, 2018
January 23, 2018
December 14, 2017
In this webinar, IDC Research Director Brad Casemore and ExtraHop's Director of Solutions Architecture, Eric Thomas, discuss how organizations can tap into network communications and maintain visibility for security and performance.
December 12, 2017
This webinar will discuss the pieces of a cybersecurity ecosystem model, and how this type of model requires policies, processes, and technologies that allow your healthcare organization to take a more proactive approach to risk management and security.
December 1, 2017
November 29, 2017
IoT is going to be great, but the security challenges can't be ignored. Watch this webinar to learn how security needs will change as IoT scales, and why stream analytics and wire data are the only way to maintain the visibility you need.
EMA recently bestowed its Innovator's Award on ExtraHop's Addy machine learning offering for its ability to remove much of the burden from human operators. Join this webinar to learn how machine learning can help under-resourced network teams do more with less.
November 8, 2017
ExtraHop, APCON, and Portland Community College (PCC) discuss the challenges PCC faced when trying to expand visibility and aggregate network traffic from multiple remote sites.
November 2, 2017
Join this webinar to discover how you can track five key metrics that characterize the performance of your Citrix environment. We call these metrics "The Five Ls": Launches, Logon Time, Load Times, Latency, ChanneLs.
This webinar will discuss a new discipline for understanding the role each data source fulfills in the cybersecurity toolset, and how to take a strategic approach to extracting the most relevant, valuable insights from each data source for a more complete security posture that requires less manual effort to achieve.
October 30, 2017
October 17, 2017
With the announcement of version 7.0, ExtraHop provides real-time and empirical data all teams can benefit from through complete visibility, faster incident resolution, and stronger security. In this webinar, we will cover the new ways we are helping our customers reveal the shape and context of their digital enterprise.
October 11, 2017
October 1, 2017
September 14, 2017
August 15, 2017
This white paper explains how you can keep SaaS vendors honest about performance with the ExtraHop platform.
August 2, 2017
This webinar will explain the SOAPA approach and how wire data fits, and will include use cases for integration and orchestration of wire data with other security tools such as SIEM platforms.
July 26, 2017
Learn how ExtraHop helps you identify the root cause of your IT problems, avoiding unnecessary friction among your IT teams and ransomware by providing full, real-time visibility into which devices are accessing network share and what type of behavior they are exhibiting, backed by machine learning for immediate anomaly detection.
July 8, 2017
Download the ebook to learn how to evolve your distributed network in order to stay agile and service-focused in a cloud-based world.
June 26, 2017
In this webinar, we'll share a story from an ExtraHop customer who underwent a large datacenter migration after it acquired a new business.
June 15, 2017
Learn how ExtraHop helps you identify ransomware by providing full, real-time visibility into which devices are accessing network share and what type of behavior they are exhibiting, backed by machine learning for immediate anomaly detection.
May 20, 2017
In this white paper, we outline the fundamental business values that come with modern network segmentation, and offer clear, prescriptive guidance on the methodologies needed to make it a reality for your organization.
May 15, 2017
The ExtraHop platform takes the guesswork out of application and data center migration by providing complete visibility and performance metrics that make clear the risks, but also support the success, of projects at any scale. By knowing before going, you can avoid unnecessary downtime and be sure that your user experiences remain consistent. This paper explains how you can use data pulled from the network to map your migration, validate your project's success, and even help to decommission legacy systems safely.
May 8, 2017
March 19, 2017
March 16, 2017
From what's broken to what works, read this white paper for insights into how improving your IT monitoring with real-time visibility and advanced analytics will help you face dramatically increased complexity and traffic volume.
March 10, 2017
In the fast-paced world of Healthcare IT, every decision to purchase new medical technology or change a system has a direct effect on quality of care. Under that kind of pressure, how do you know where to start improving? To find out, ExtraHop conducted an anonymous survey among Healthcare IT professionals in late 2016. We asked about their pain points, exciting areas for improvement, and what currently stands in their way.
March 1, 2017
Jim Duffy, Donnie Berkholz
February 14, 2017
January 1, 2017
December 20, 2016
After reading this paper, you'll have a better understanding of some oft-misunderstood methods for improving TCP performance, which will make it easier to troubleshoot network performance problems in the future, and will give you a leg-up when it comes to fine-tuning your network.
November 28, 2016
November 16, 2016
Learn the six steps of the NSA's playbook for breaking into sophisticated, highly-secured networks, and how you can use the NSA's mindset to protect your own network from hackers.
November 1, 2016
October 15, 2016
October 1, 2016
September 21, 2016
Enterprise Strategy Group
Dan Conde, Nik Rouda
September 15, 2016
Modern security teams can no longer guarantee their companies won't experience a breach, but they can still stay ahead of increasingly sophisticated attackers—if, that is, they change the way they prioritize threats and assets.
September 1, 2016
Digital Journal/TMR Research
Digital Journal/TMR Research
August 29, 2016
August 3, 2016
Enterprise security organizations have made significant investments in SIEM platforms but struggle to optimize their accuracy. SIEM platforms depend on data from your environment to identify threats and enable investigation. Getting the right data is a tremendous task that is at the crux of every SIEM deployment's success. To improve the quality of their data sources, many enterprises have turned to the ExtraHop platform, which offers the ability to freely stream any network event or metric to third-party systems, including SIEM platforms.
July 20, 2016
Healthcare organizations must monitor DICOM performance and without ExtraHop it is nearly impossible. Watch this webinar to see first-hand how ExtraHop can provide visibility and insight into your healthcare infrastructure.
July 2, 2016
July 1, 2016
June 2, 2016
June 1, 2016
May 3, 2016
The ExtraHop platform is a simple turnkey solution that enables you to make sense of all data in motion on the wire, and now you can get full visibility in hybrid datacenters, remote locations, virtualized environments, and the cloud.
April 1, 2016
ExtraHop equips healthcare organizations with unprecedented visibility through wire data analytics so that they can adapt to new market demands. This white paper explains how organizations can use ExtraHop to support healthcare systems that are more aware, more mobile, and more collaborative than ever.
March 24, 2016
Drex DeFord shares his own experience on applying Lean principles to healthcare IT, as well as the experiences of many CIOs and IT leaders from around the United States. Drex was formerly the CIO at Scripps Health, Seattle Children's, Steward Healthcare, and the U.S. Air Force.
March 6, 2016
March 5, 2016
March 4, 2016
March 3, 2016
March 1, 2016
This webinar covers four methods for detecting ransomware attacks in progress on your network, along with standard behavioral and technical methods for preventing ransomware in the first place, and recovering from attacks if they do get through.
March 1, 2016
March 1, 2016
With knowledge handpicked from real-world observations and testing, this paper offers practical and prescriptive guidance on how in-flight data analysis from ExtraHop gives you the power to detect and mitigate ransomware within minutes.
January 3, 2016
November 3, 2015
September 11, 2015
August 6, 2015
April 28, 2015
April 1, 2015
January 1, 2015
November 19, 2014
November 11, 2014
November 4, 2014
September 25, 2014
September 10, 2014
August 22, 2013