How It Works
Why Decryption Matters
Integrations and Automations
Complimentary Shields Up Assessment
AWS Cloud Security
What is Network Detection & Response (NDR)?
Reveal(x) Enterprise: Self-Managed NDR
With the power of machine learning, gain the insight you need to solve pressing challenges.
Stand up to threats with real-time detection and fast response.
Learn More >
Gain complete visibility for cloud, multi-cloud, or hybrid environments.
Share information, boost collaboration without sacrificing security.
Align with and implement CISA's cybersecurity guidance
Get Additional Shields Up Guidance >
Our customers stop cybercriminals in their tracks while streamlining workflows. Learn how or get support.
Featured Customer Story
Wizards of the Coast Delivers Frictionless Security for Agile Game Development with ExtraHop
See All Customer Stories >
Our partners help extend the upper hand to more teams, across more platforms.
Featured Integration Partner
Detect network attacks. Correlate threat intelligence and forensics. Auto-contain impacted endpoints. Inventory unmanaged devices and IoT.
See All Integration Partners >
Get hands-on with ExtraHop's cloud-native NDR platform in a capture the flag style event.
Cloud-native visibility, detection, and response for the hybrid enterprise.
Customer resources, training,case studies, and more.
Partner resources and information about our channel and technology partners.
See what sets ExtraHop apart, from our innovative approach to our corporate culture.
Get the latest news and information.
We believe in what we're doing. Are you ready to join us?
Find white papers, reports, datasheets, and more by exploring our full resource archive.
ActiveMQ is an open source protocol for sending messages between different applications and more.
BGP is a protocol that directs internet routing and is necessary for the internet to work.
Citrix Independent Computing Architecture (Citrix ICA) is a proprietary protocol for an application server system.
CIFS was used to share files remotely via IP, which worked in conjunction with FTP and HTTP.
Db2 is primarily a relational database management system; it stores, retrieves, and manages data.
Diameter is a protocol for Authentication, Authorization and Accounting. It is frequently used in IMS architecture.
A Domain Name System is a hierarchical decentralized naming system for computers and other resources connected to the internet or private networks.
Dynamic Host Configuration Protocol (DHCP) is a standardized network protocol used on Internet Protocol (IP) networks.
The FIX protocol was originally developed in 1992 as a way for large equity trading companies to exchange information between broker-dealers and clients.
HL7 is a set of international standards used by healthcare providers transferring clinical and administrative data between software applications.
The Hypertext Transfer Protocol is an application protocol for distributed, collaborative, hypermedia information systems that allows users to communicate data on the World Wide Web.
ICMP is a transport level protocol within TCP/IP which communicates information about network connectivity issues back to the source of the compromised transmission.
Kerberos is an authentication protocol that uses mutual authentication, requiring both the user and server to prove their identities.
The Lightweight Directory Access Protocol (LDAP) is a vendor-neutral application protocol used to access and update open, distributed directory information services.
Memcache is a key-value store used by websites to store and retrieve information rapidly, without reloading the information.
A Microsoft Remote Procedure Call is a protocol that one program uses to request service from a program located in another computer in a network, without having to understand the details of that particular network.
MongoDB is a free, open-source cross platform document-oriented program first developed in 2007 by MongoDB Inc.
MySQL is an open-source database management system.
NFS, or Network File System, allows a user on a client computer to access files over a network in the same way they would access a local storage file.
Oracle Net foundation layer is a software layer responsible for establishing and maintaining the connection and exchanging messages between the client application and database server.
RTCP XR is a transport protocol that includes extended reports (XR), a type of RTCP packet which includes information on whether the RTP packet was received and provides receipt data to the sender.
The Real-time Transport Protocol is a network protocol used to deliver streaming audio and video media over the internet, thereby enabling the Voice Over Internet Protocol (VoIP).
RADIUS is the underlying authentication and access protocol used by the majority of network and computing systems, commonly used to facilitate roaming between ISPs.
SAP Adaptive Server Enterprise (SAP ASE), formerly Sybase ASE, is a relational database management system often used for online transaction management on location and in the cloud.
The Session Initiation Protocol is a signaling protocol that enables the Voice Over Internet Protocol (VoIP) by defining the messages sent between endpoints and managing the actual elements of a call.
SMTP is an asymmetrical protocol that is used to send and receive email by sending messages to a server for forwarding.
Telnet, developed in 1969, is a protocol that provides a command line interface for communication with a remote device or server, sometimes employed for remote management but also for initial device setup like network hardware.
Even if you haven't heard of TCP, you've heard of what runs on it, including the world wide web, e-mail, and peer-to-peer file sharing.
NTLM is a common authentication protocol used on networks running Windows.