The incredible proliferation of IoT devices has vastly expanded the enterprise attack surface, but discovering, managing, and protecting those devices by traditional means is a labor-intensive nightmare. At the same time, as applications become more distributed and the number and variety of devices on the network explodes, security teams are tasked with the near-impossible: stop attackers from using these devices as an entry point and attack vector for lateral movement, and do it at scale.
ExtraHop Reveal(x) delivers a passive, scalable enterprise IoT solution you can implement right out of the box for device identification and profiling, service-layer discovery, and detection for IoT devices. With advanced machine learning that automatically profiles all devices, infers which services they belong to, and detects violations and threats for quick remediation, Reveal(x) makes it easy for security and IT teams to support and secure the technologies that help their business grow.
ExtraHop Reveal(x) automatically identifies and profiles all assets on the network, including enterprise IoT devices such as printers, VoIP phones, smart TVs, and more, and groups them based on observed behavior. Along with providing a comprehensive and dynamic view of all IoT devices and services without agents or operational impact, Reveal(x) applies machine learning techniques like peer group clustering to infer service layers and privilege levels with no manual configuration needed.
Monitoring and detection with Reveal(x) is passive and hands-free. When Reveal(x) spots threats and anomalous behavior such as attackers' attempts to gain access to IoT devices or move laterally, it alerts your team with full context of which device may have been compromised and why, any other assets involved, and what the potential risk is. Advanced machine learning keeps detections high-fidelity and accurate, and because Reveal(x) extracts rich L2-L7 data from network traffic, it enables deeper analysis and continuous behavioral monitoring and detection for IoT devices such as VoIP phones, printers, IP cameras, wearables, and smartboards.
Along with automatically correlating detections across the attack chain so you can quickly and easily understand the scope of an attack in progress as well as providing recommended next steps for your investigation, Reveal(x) enables automated policy enforcement based on inferred device groups. By integrating enforcement with your existing firewalls and NAC solutions, for example, Reveal(x) allows you to immediately and automatically cut off network communication after any segmentation violations.
With ExtraHop we can understand what each of our individual devices is doing on the network, and easily communicate that information across our organization and to our customers. It's like spending your life seeing only black and white. Until you see things in color, you don't know how good it can be.
Director of IT