ExtraHop has launched a new offering to simplify detection
ExtraHop has launched ExtraHop IDS, which integrates with its Reveal(x) platform to provide a new, more straightforward approach to intrusion detection.
ExtraHop notes that the new solution will offer deeper coverage and full spectrum investigation.
The company has also announced a range of product enhancements as part of this release, including Automated Retrospective Detection and a native integration with Palo Alto Cortex XSOAR.
ExtraHop acknowledges that while intrusion detection is a regulatory requirement for most critical industries, such as financial services, healthcare, and retail, legacy intrusion detection systems (IDS) have traditionally been unable to carry this out effectively.
ExtraHop IDS is a next-gen approach to intrusion detection that combines with Reveal(x) 's NDR capabilities with high-fidelity, curation detections for more in-depth CVE coverage, visibility into encrypted traffic, advanced triage, and simplified cloud management.
The company says using this new offering, security teams will now be able to deploy and manage IDS sensors from the same platform as their NDR sensors for streamlined detection and full-spectrum investigations.
"So many organisations rely on IDS, yet legacy products don't offer the detection, investigation, and forensic capabilities that they need to appropriately contextualise and respond to threats," says Chris Kissel, Research Vice President of Security Products, IDC.
"As compliance regulations evolve and attack surfaces rapidly expand, organisations require a solution that can keep up and offer deeper detection coverage.
"ExtraHop is doing just that with ExtraHop IDS. Real-time visibility into encrypted traffic and enhanced response capabilities with integration into Reveal(x) workflows offer security teams a defence-in-depth approach that addresses threats today, tomorrow, and in the future."
ExtraHop also now provides Automated Retrospective Detection, a capability that automatically searches through historical network data to find evidence of previously unknown threats in past activity the moment new indicators of compromise (IOCs) are introduced.
When a previously-unseen malware or zero-day exploit makes itself known, customers will be alerted to detections of past attacks straightaway, reducing dwell time and overall impact, while simultaneously saving users time in manually researching.
ExtraHop also natively integrates with Palo Alto Networks Cortex XSOAR, remediating issues in a simple and secure fashion.
Joint customers can create a Cortex incident the moment ExtraHop spots malicious or non-compliant behaviour on the network, minimising complexity and streamlining investigations.
"While bad actors are constantly adjusting their tactics and techniques to bypass traditional security solutions, the network has been proven to be the only single source of cybertruth - offering unparalleled visibility and insights across hybrid environments," says Jesse Rothstein, co-founder and CTO, ExtraHop.
"Our goal in 2023 is to remove any complexities associated with NDR and make deployments as seamless and effective as possible.
"With these new offerings, we're confident customers will reap the benefits of a robust NDR solution and gain the power to see more, know more, and stop more cyberattacks."