Cyber Security Engineer II at a healthcare company with 10,001+ employees
Real User
Top 10
2023-09-26T14:30:17Z
Sep 26, 2023
I'm on the cybersecurity team. I do a lot of the blue threat-hunting and incident response. The things I deal with have nothing to do with network performance, but I handle the detections and things that ExtraHop Reveal(x) can pick up.
Information Security Assurance Engineer at School District of Lee County
Real User
2022-09-07T16:15:13Z
Sep 7, 2022
Initially, we deployed Reveal as a standalone solution for network detection and response. It provided us with data and analytics on server-to-server enterprise networking. We used it to gain visibility into the amount of traffic and where it's going. For example, it will say that 28 gigs of data went to Google and break that down based on all the sites that have been visited. It also tells you about the authentication data and helps you visualize how data moves across your network. Based on that, you can adjust the routing tables to make things work a little more evenly. It will also help you identify specific types of malware and how it moves across devices, what protocols and ports it uses, etc. Unlike Crowdstrike, Reveal(x) doesn't require you to deploy sensors. CrowdStrike puts a sensor on the computer, so I know exactly how many devices are going through it. It's roughly 50,000. Those aren't people using it. Those are just devices that exist in the world. ExtraHop just looks at traffic, so each device connected to the network goes through it, and that's around 230,000 devices, and it's monitoring all the traffic to and from the internet.
It's used by application owners and network engineers for troubleshooting application performance issues or network performance issues. It's a hybrid solution. We have on-prem sensors and trace appliances and a cloud control appliance.
ExtraHop is an enterprise cyber analytics company. ExtraHop analyzes all network interactions in real-time and leverage machine learning to identify threats, deliver critical applications.
Currently, most organizations have solutions to instrument their endpoints and monitor the north-south traffic traversing their perimeter.
However, there is much less instrumentation on what is going on within the enterprise … this activity is also known as East-West communications. Many of the tools that we’ve been buying are not designed to turn on the lights in this Darkspace. For example, your DBA doesn’t want you to put an agent on a production database because it adds overhead.
Some of the standard use cases include:- IT MODERNIZATION ( Like Data centre Consolidation, Cloud Migration, Edge Devices & IoT SDN & Virtualization )
NETWORK PERFORMANCE ( Like Remote Site Visibility, Infrastructure Refresh, Triage & Troubleshooting )
Sales Engineer | Technical Sales | Pre-Sales at SUSE
Vendor
2020-08-12T08:50:00Z
Aug 12, 2020
We have implemented the ExtraHop Reveal(x) solution at multiple clients. They range from government, retail to financial. We collect north-south and east-west traffic via a visibility layer (packet brokers, taps, spans) and then feed that traffic to the ExtraHop Reveal (x) solution. The volume ranges from 1 GB solutions up to 40 GB solutions with 100 GB in the pipeline. Initially, we approached them for application performance analysis, but we now use it to assist the security teams as well. The behavioral analytics and ability to go back in history is proving extremely valuable.
ExtraHop Reveal(x) is a highly effective network traffic analysis (NTA) solution that leverages a cloud-native architecture to empower organizations to overcome a world filled with increasingly sophisticated threats. It identifies 25% more threats than its competitors. Additionally, organizations that employ Reveal(x) say they resolve issues 77% percent faster than they would if they were using other similar solutions.
ExtraHop Reveal(x) Benefits
Some of the ways that organizations can...
It can detect new attacks or expired certificates. It's especially effective in identifying Netria attacks or any other online threats that may occur.
I use ExtraHop Reveal(x) since it helps provide notifications related to the network traffic in my company so that the necessary action can be taken.
I'm on the cybersecurity team. I do a lot of the blue threat-hunting and incident response. The things I deal with have nothing to do with network performance, but I handle the detections and things that ExtraHop Reveal(x) can pick up.
We use the solution for an advanced layer of security. It provides us with network visibility to identify types of attacks.
Our company uses the solution to send sensors to the Reveal 360 cloud for customers. We have about 500 customers using the solution.
Initially, we deployed Reveal as a standalone solution for network detection and response. It provided us with data and analytics on server-to-server enterprise networking. We used it to gain visibility into the amount of traffic and where it's going. For example, it will say that 28 gigs of data went to Google and break that down based on all the sites that have been visited. It also tells you about the authentication data and helps you visualize how data moves across your network. Based on that, you can adjust the routing tables to make things work a little more evenly. It will also help you identify specific types of malware and how it moves across devices, what protocols and ports it uses, etc. Unlike Crowdstrike, Reveal(x) doesn't require you to deploy sensors. CrowdStrike puts a sensor on the computer, so I know exactly how many devices are going through it. It's roughly 50,000. Those aren't people using it. Those are just devices that exist in the world. ExtraHop just looks at traffic, so each device connected to the network goes through it, and that's around 230,000 devices, and it's monitoring all the traffic to and from the internet.
It's used by application owners and network engineers for troubleshooting application performance issues or network performance issues. It's a hybrid solution. We have on-prem sensors and trace appliances and a cloud control appliance.
We are not a user, but a service provider.
ExtraHop is an enterprise cyber analytics company.
ExtraHop analyzes all network interactions in real-time and leverage machine learning to identify threats, deliver critical applications.
Currently, most organizations have solutions to instrument their endpoints and monitor the north-south traffic traversing their perimeter.
However, there is much less instrumentation on what is going on within the enterprise … this activity is also known as East-West communications. Many of the tools that we’ve been buying are not designed to turn on the lights in this Darkspace. For example, your DBA doesn’t want you to put an agent on a production database because it adds overhead.
Some of the standard use cases include:-
IT MODERNIZATION ( Like Data centre Consolidation, Cloud Migration, Edge Devices & IoT SDN & Virtualization )
NETWORK PERFORMANCE ( Like Remote Site Visibility, Infrastructure Refresh, Triage & Troubleshooting )
SECURITY OPERATIONS ( Like Threat Detection & Response, SOC Modernization, Cloud Security, Hygiene & Compliance )
We have implemented the ExtraHop Reveal(x) solution at multiple clients. They range from government, retail to financial. We collect north-south and east-west traffic via a visibility layer (packet brokers, taps, spans) and then feed that traffic to the ExtraHop Reveal (x) solution. The volume ranges from 1 GB solutions up to 40 GB solutions with 100 GB in the pipeline. Initially, we approached them for application performance analysis, but we now use it to assist the security teams as well. The behavioral analytics and ability to go back in history is proving extremely valuable.
We primarily use the solution for three main aspects: security, visibility, and application performance.