Story image

ExtraHop launches threat monitoring service 'Addy' in Australia

22 Aug 17

Data analytics company ExtraHop has announced the Australian launch of what calls an ‘industry-first’ SaaS offering that uses machine learning to analyse all digital interactions.

The machine learning service, called ‘Addy’, is able to observe and analyse all digital interactions. It uses machine learning to detect anomalies as they happen, which enables a data-driven approach to securing the digital experience.

“The real-time network analytics ExtraHop provides already helps Australian companies better understand their environment and detect threats,” comments ExtraHop’s senior VP, Bryce Hein.

The company says that often traffic patterns change, devices on the network come and go, and most people don’t have the time to configure manual thresholds. Machine learning automatically sifts through metrics, a task that would be impossible to do manually.

The company cites statistics from Accenture’s High Performance Security Report 2016, which found that 65% of breaches are discovered by internal security teams. In Australia, half of respondents said it takes ‘months’ to detect breaches.

“Current and future demands of infrastructure and operations (I&O) require a specific, strategic investment in a platform that is designed to collect and analyse data from any source with the assistance of increasingly intelligent machines,” adds Gartner analyst Colin Fletcher.

As a result, ExtraHop designed the machine learning service to build baselines for each device, network and application. It also uses in-house and crowdsourced domain expertise to complement the core service and eliminate false positives over time.

Network traffic and application performance is extremely cyclical; past behaviour is a strong predictor of future behaviour,” the company says in its blog.

“As part of our research, we isolated a set of features in wire data that have the highest probability of correlation with relevant IT operation and security anomalies. Addy extracts metrics to tune a model with a custom machine-learning algorithm. The service continuously checks device and network behaviours through metrics collected by the ExtraHop systems and applies that data against the model it built. It then generates an alert when there are anomalous behaviours that might affect IT operations or security.”

According to ExtraHop, Addy can be paired with the company’s analytics-first workflow which alerts teams to performance and security issues.

“With Addy, we’re bringing machine learning to bear, helping surface performance and security anomalies faster than ever, and cutting through the noise to keep IT and security teams focused on the most important issues. Not only will this help them stay secure and compliant, but it will also help ensure a better digital experience for customers,” Hein concludes.

McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
Using blockchain to ensure regulatory compliance
“Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it."
A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill.