SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

ExtraHop unveils new file analysis features for RevealX

Thu, 17th Oct 2024

ExtraHop has announced new network-based file analysis capabilities in its RevealX platform aimed at enhancing the detection of malware, combating ransomware, and preventing data loss.

According to the 2024 Global Ransomware Trends Report, organisations experience an average of eight ransomware incidents annually. These attacks often exploit the fragmented tools and uncoordinated workflows found in Security Operations Centres (SOCs), allowing malicious files to evade detection.

To address the rising threat of ransomware and evolving cyberattacks, ExtraHop's new RevealX capabilities offer a comprehensive approach to file analysis, enabling deeper insights and quicker response times. The platform's built-in features such as file hashing, file-based detections, and file carving help SOC analysts utilise network power to mitigate cyber risk, maintaining vigilance against threats and ensuring operational continuity.

Kanaiya Vasani, Chief Product Officer at ExtraHop, commented on the growing challenges faced by SOC analysts: "When burdened with a high volume of alerts across a number of sprawling, outdated security tools, it is becoming nearly impossible for SOC analysts to keep up with attackers. ExtraHop is committed to arming the SOC with a comprehensive solution that consolidates threat detection, investigation, and response in one single platform, elevating enterprises' security posture, while also eliminating legacy tools and overhead. Our file analysis capabilities are the latest stop on this journey to optimising the SOC, improving efficiency and driving even stronger outcomes for customers around the globe."

The new file analysis capabilities promise several benefits. They offer faster threat detection, allowing organisations to quickly identify malicious files on the network with improved accuracy. Furthermore, by using CrowdStrike Falcon Adversary Intelligence integrated within the ExtraHop RevealX Platform, the system generates identifiers to instantly detect unauthorised changes or malicious files.

Optimisation of investigation and response processes is another advantage of the updated platform. Enhanced search and filter functionalities enable analysts to swiftly pinpoint root causes and respond effectively to potential threats. This facilitates a more efficient investigation workflow and reduces response time.

Finally, the new capabilities aim to boost SOC efficiency by incorporating file hashing, carving, and analysis directly within ExtraHop RevealX. This integration is expected to streamline manual workflows and cut down on the costs associated with managing multiple tools.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X