"Fast, amazingly thorough ... Reveal(x) is a product with which many security operations center (SOC) teams could hit the ground running." Dave Shackleford, SANS Institute Instructor
Internal threat activities (privilege escalation, lateral movement, etc.) are difficult if not impossible to detect using endpoint and perimeter protection alone. ExtraHop Reveal(x) provides network traffic analysis that helps security analysts efficiently detect and investigate these late-stage threats, as well as proactively improve security hygiene.
SANS Institute put the product through its paces to evaluate the following:
- Intuitiveness of the user interface
- Breach detection and response capabilities
- Proactive hunting of internal threats
- Ability to support hygiene and compliance initiatives
Read the report to learn why SANS Instructor Dave Shackleford says Reveal(x) "does [detecting and investigating threats in east-west traffic] well, and so much more," or listen to Dave talk through his review in person: Investigate East-West Attack Activities to Defend Critical Assets: A SANS Review.
Other great insights from the SANS Institute:
- Webinar: How Network Traffic Analytics Eliminates Darkspace for the SOC with Chris Crowley (SANS) and Barbara Kay (ExtraHop)
- Report: SANS 2018 SOC Survey Results