Saddled with increasingly complicated Federal Government networks to support mission objectives, as well as stricter compliance with the Risk Management Framework (RMF), Cyber Protection Teams (CPT) will find it harder and harder to answer operational awareness questions like, "Which hardware and software assets are using weak ciphersuites?" or "Is that new device on our network doing something malicious and if so, what?" Perimeter and endpoint monitoring and asset management can only answer so much. Neither will help you continually monitor and maintain compliance with FISMA or DISA STIG requirements.
ExtraHop Reveal(x) provides the complete visibility, automated auditing, and guided forensic investigation capabilities that help cyber teams achieve unmatched operational awareness of all the tools and systems at work in their complex agency networks at scale. The industry leader in Network Detection and Response (NDR), Reveal(x) agentless network traffic analysis gives you immediate answers to complex questions with zero negative impacts to performance and with far higher fidelity than logs or humans combined.
Reveal(x) passively monitors and transforms raw network traffic (including SSL/TLS encrypted traffic) into wire data analytics at up to 100 Gbps of sustained throughput, automatically discovering, classifying, and mapping every asset, device, and user in your environment in real time: no more operational awareness gaps.
With advanced analytics trained on 5,000+ wire data metrics, there's no faster or more accurate source of information about what's really going on inside your agency network—and because Reveal(x) performs network traffic analysis out-of-band, there's no risk of causing network latency as Reveal(x) detects issues and cyber threats.
Because Reveal(x) does the heavy lifting of situational awareness and compliance audits for you, it's easy to answer questions about cyber controls including encryption strength, data security, and potential vulnerabilities as quickly as you can ask them. When a cyber threat makes it through your security, not only will you have the real-time insight you need to stop it quickly, you'll have one-click investigation workflows that simplify and speed up compliance reporting.
Both the Center for Internet Security (CIS) and the Continous Diagnostics and Mitigation (CDM) program call out several standards or controls for cyber teams to keep their agency networks and systems secure. Numbers one and two? Inventory and control of hardware and software assets. Reveal(x) does the first part for you by automatically detecting and classifying every device communicating across the network—including IoT devices like connected printers, IP cameras, and VoIP phones—parsing over 70 network protocols at up to 100Gbps.
On the control side, Reveal(x) steps up to parse application-layer (L7) transactions, automatically detecting any weak ciphersuites in use across your agency. Reveal(x) will also warn you when certificates are about to expire (or have already expired) and can automate audits for all manner of compliance reporting requirements. You'll know what's on your network, what each device is saying, when new devices connect, and exactly where you need to lend some human expertise.
Not only does Reveal(x) offer unmatched insight into your network and systems, it's also the only NDR solution to offer role-based, need-to-know decryption for SSL/TLS 1.3 encrypted traffic: decrypt only the precise packets you need to investigate a cyber threat while respecting security classification requirements.