SecurityBrief Australia logo
Australia's leading source of cybersecurity and cyber-attack news
Story image

Interview: Why 'the ExtraHop moment' is creating revelations in network visibility

By Sara Barker
Fri 1 Dec 2017
FYI, this story is more than a year old

Carl Gough is the general manager of ExtraHop for New Zealand, New South Wales and Queensland. He joined 6 months ago to spearhead expansion across the territory — find partners, gain visibility and bring detection solutions to A-NZ.  

“We are a real-time analytics company. As an appliance, our product sits passively on a network and analyse traffic. We analyse every single digital transaction that occurs and turn that into actionable data — solving problems, finding root causes, detecting security issues or simply providing insights to help business growth. We provide businesses the capability to stay on their front-foot and detect problems before their customers are affected.”

Headquartered in Seattle, WA, ExtraHop has grown quickly since 2007 — gaining customers such as Sony, Microsoft, Google, Adobe and Lockheed Martin. Their product has been increasingly integrated into cybersecurity protocols and they are now poised for truly global expansion.

Robin Block sat down with Carl to learn how ExtraHop’s technology has enabled their growth and understand what they offer the cybersecurity landscape.    

What does ExtraHop do and why is it important — how does it relate to cybersecurity?

Carl: The potential security implications of our product were realised several years ago. The visibility afforded by our appliance — our ability to reconstruct TCP and UDP flows — aids security processes and is itself a useful tool for threat detection. The capacity of machine learning protocols, for example, to effectively operate is directly dependent on the breadth of data. We collect upwards of 4,600 metrics per packet, and index that information in real time. That capacity is pretty much an order of magnitude higher than our competitors.

Our analytics, however, don’t have to be about security — they are applicable to almost anything. We consider ourselves the ultimate source of truth for an enterprise. We provide complete visibility across a network. We see all the dependencies and interconnections — from applications right through the infrastructure. It is second layer to seventh layer visibility, the likes of which you have never seen before.

The auto-discovery capabilities we offer are nearly unprecedented. Most other companies have to deploy an agent to achieve similar scanning capabilities. However, that actually can’t solve the problem because that requires knowing where to put that agent. If you don't know what you have, then you don’t know where to start.

We have been told by customers in New South Wales that we did things in a week what had taken them 2 years to complete. The number of conversations I have had with companies and government agencies around this particular problem gives me a high level of confidence in saying that no one else can come close to our auto-discovery and dependency mapping capabilities.   

How have you approached growth and market penetration in Australia and New Zealand?

Carl: A lot of our success in getting around market noise is simply through referrals. The best sales pitch is being able to prove what you can do. A huge part of that is simply being able to deliver on promises to the first customers that take a chance on you. In the last 5 months, we have developed success stories and that is bringing customers to us. That is particularly true in Australia — it is a small market, people know each other.

We often end up speaking with Heads of Security, Risk and Compliance. Cybersecurity is interesting because it has its own vertical, but it is actually a horizontal business problem. What really matters is the ability to manage risk.

We have been lucky to pick up some key partners here in the cybersecurity space. The fact that we are able to attract those partners, as well as internal talent and analytics customers, tells me that we are solving the right problems. Discovery is a big problem to which people need a simple solution — we are that simple solution.

What do you see in the future?

Carl: Over the next 12 months, we have to build our team and scale. The goal is to become the default choice when it comes to real time visibility and discovery. Initiatives such as The New Payments platform — real-time payments designed to support an ‘always on economy’ — are a substantial opportunity for us as is all of the work around APRA reporting.

Both require visibility that follows suit. Given the OIAC mandatory breach notification requirements coming into play in February 2018, real-time visibility to operate safely and protect customers and your reputation, are going to be crucial.

A big part of our value proposition is that over the last 20 years, everyone has bought specific monitoring tools to do specific siloed based North South things — but, none that bring East-West visibility where often the problems are sitting. As a result, most have only a partial version of the truth and that is where the unproductive war room and finger pointing blame game begins. But, more importantly, that is why things are missed and damage occurs.

One of the most satisfying things about working for ExtraHop is seeing almost revelatory moments on some of our client’s faces when we plug in our appliance and shine a light on what is actually going on. There are stories passed around our sales department about CIOs being nearly brought to tears by our system helping solve a problem that had plagued them for years. We call it “Their ExtraHop moment”.

There are a lot of companies and government agencies that need our help understanding what assets they have in order to manage it, but more importantly, secure it. This is a big opportunity for us both, but in saying that, we only want to work with companies that have the willingness and desire to adapt the way they bring visibility to solve problems.

Article by Robin Block.

Related stories
Top stories
Story image
SaaS
Ping Identity appoints Deloitte Australia as a partner
Ping Identity has appointed Deloitte Australia as a Consulting Technology Partner, uniting its offerings with the company's consulting services.
Story image
Training
Barracuda customises training to fit ACSC Essential Eight
Barracuda has announced that its Security Awareness Training now provides a customised training curriculum in line with the Australian Cyber Security Centre’s (ACSC) Essential Eight.
Story image
Ransomware
Examining the future of ransomware threats with Vectra’s CTO
As customers' valuable data move to the cloud, so will ransomware. What is the current landscape and what do we need to know?
Story image
Apple
Your tools, your choice: why allow employees to choose their own devices?
Jamf Australia says giving your team the freedom to work with their digital device of choice could help to attract and retain top talent in a tight labour market.
Story image
Digital Transformation
What CISOs think about cyber security, visibility and cloud
Seeking to uncover the minds of CISOs and CIOs across Asia Pacific, my company recently asked Frost & Sullivan to take a snapshot of cloud adoption behaviour in the region.
Story image
Artificial Intelligence
Juniper study reveals top AI trends in APAC region
Juniper's research shows an increase in enterprise artificial intelligence adoption over the last 12 months is yielding tangible benefits to organisations.
Story image
State Library of Victoria
State Library of Victoria entrusts Oracle support and security to Rimini Street
“Our finance team are very happy with the support and security that Rimini Street provides, which keeps our assets and our customers secure."
Story image
Cybersecurity
Delinea’s Joseph Carson recognised with OnCon Icon Award
Delinea chief security scientist and advisory CISO Joseph Carson has been recognised as a Top 50 Information Security Professional in the 2022 OnCon Icon Awards.
Story image
Artificial Intelligence
Vectra AI named as AWS security competency partner
Threat detection and response company Vectra AI has announced that it has become an Amazon Web Services Security Competency Partner.
Story image
Internet of Things
ManageEngine wins big in IDC MarketScape assessment
ManageEngine's Endpoint Central service has been recognised as a leader by IDC MarketScape in several categories including Internet of Things device deployments and UEM software for SMEs.
Story image
Ransomware
Businesses unprepared to defend against ransomware attacks
Ransomware attacks continue to impact organisations worldwide with high costs, but businesses are still largely unprepared.
Story image
Compliance
SentinelOne integrates with Torq to empower security teams
"With Torq, security teams can extend the power of SentinelOne to systems across the organisation to benefit from a proactive security posture.”
Story image
Cybersecurity
How organisations can mitigate IoT and IIoT security risks
IoT and IIoT come with inherent risks because they are often deployed faster than they can be secured, putting organisations in danger of cyber threats. Here are tips on how to mitigate those risks.
Story image
Compliance
Stock security features inadequate in face of rising risk
"Organisations must proactively find ways of identifying unseen vulnerabilities and should take a diligent, holistic approach to cybersecurity."
PwC
PwC's Consulting Business and PwC's Indigenous Consulting are proud to play an important role in helping Australian Indigenous Mentoring Experience build IMAGI-NATION, a free online university for marginalised communities around the world.
Link image
Story image
Ransomware
Secureworks reveals new information on BRONZE STARLIGHT threat group
New research from Secureworks has uncovered new information on the Chinese threat group BRONZE STARLIGHT and how they are using targeted ransomware to initiate complicated attacks.
Story image
Gartner
Gartner's top recommendations for security leaders
"Leaders now recognise that major disruption is only one crisis away. We can’t control it, but we can evolve our thinking, philosophy, program and architecture.”
Story image
MSP
Video: 10 Minute IT Jams - An update from CyberArk
Olly Stimpson joins us today to discuss the importance of MSP programmes and how MSP partners are experiencing success with CyberArk.
Story image
API
Industry-first comprehensive risk-based API security enhances protection
Application Programming Interfaces (APIs) have become a crucial part of operating web and mobile application businesses and are causing significant economic growth in the digital sector.
Story image
Cybersecurity
Security driving customer identity & access management adoption
"CIAM allows businesses to embed a secure identity layer into their consumer and SaaS applications, facilitating secure, seamless end user experiences."
Story image
Cybersecurity
Zero trust security adoption rises 27% in just two years
A survey of WAN managers has revealed that multi-factor authentication and single sign-on are the top zero trust features implemented.
Story image
Cloudera
Overcoming hybrid and multi-cloud challenges to drive innovation
Driven by improvements in technology, financial services companies have advanced both internal and external systems and processes, with the likes of digitisation, personalisation and risk management redefining the industry.
Story image
Cybersecurity
Vulnerable APIs costing businesses billions every year
Large companies are particularly vulnerable to the security risks associated with exposed or unprotected APIs as they accelerate digital transformation.  
Story image
Cybersecurity
Video: 10 Minute IT Jams - An update from CrowdStrike
Scott Jarkoff joins us today to discuss current trends in the cyber threat landscape, and the reporting work CrowdStrike is doing to prevent further cyber harm.
Story image
Tech job moves
Tech job moves - ActiveCampaign, Arcserve, LogRhythm & Qlik
We round up all job appointments from June 17-22, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Apple
Jamf introduces new content filtering solution for education providers
Jamf has announced the launch of Jamf Safe Internet, a new offering that looks to deliver a safe online experience to students while offering better management options for admins.
Story image
Cloud Security
Palo Alto Networks bolsters cloud native security offerings
Latest Prisma Cloud platform updates help organisations continuously monitor and secure web applications with maximum flexibility.
Story image
WatchGuard Technologies
Ransomware volume doubled 2021 total by end of Q1 2022
Ransomware detections in the first quarter of this year doubled the total volume reported for 2021, according to a new report. 
Story image
Malware
Colt launches new SASE Gateway solution with Versa
Colt Technology Services’ customers now have access to an integrated full SASE solution that brings together SD WAN and SSE features.
Story image
Documentation
Adobe study finds lack of digital trust and utilisation in Australian Government agencies
New research commissioned by Adobe has revealed a significant lack of digital trust within Australian Government departments, along with the continued underutilisation of key digital processes.
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why it's time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Story image
Tech job moves
Tech job moves - Bitdefender, Cohesity, Fortinet & MODIFI
We round up all job appointments from June 27-30, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Cybersecurity
Without trust, your security team is dead in the water
The rise of cyberattacks has increased the need for sound security that works across any type of business, but with any change, buy-in is essential. Airwallex explains why.
PwC
WSLHD and PwC’s Consulting Business came together to solve through the challenges of COVID-19. A model of care was developed to the NSW Health Agency for Clinical Innovation guidelines with new technology platforms and an entirely new workforce.
Link image
Story image
Cybersecurity
Palo Alto Networks' cloud security platform receives IRAP assessment
"We provide help protect all forms of compute, cloud native services and access to data within public and private sectors."
Story image
Cybersecurity
Tech and data’s role in the changing face of compliance
Accenture's study found that 93% of respondents agree or strongly agree new technologies such as AI and cloud make compliance easier.
Story image
Artificial Intelligence
Eight top DevSecOps trends to support IT innovation in 2022
The use of DevSecOps practices is growing, as it is increasingly seen as the best way to produce high-quality and secure code. So what are the current trends?
Story image
Trend Micro
5G network projects driven by improving security and privacy
Trend Micro's new study reveals the prospect of improved security and privacy capabilities are the main motivations behind private 5G wireless network projects.
Story image
Solutions
Progress launches latest version of network visibility solution
In Flowmon 12 network solution, Progress has expanded its support for public cloud provider flow log monitoring and launched new features.
Story image
Payroll
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
Story image
Internet of Things
Domino's Pizza: A blueprint for secure enterprise IoT deployment
Increasingly, organisations are embracing smart technologies to underpin innovations that can enhance safety and productivity in every part of our lives, from industrial systems, utilities, and building management to various forms of business enablement.
Story image
Cybersecurity
Zscaler launches co-located data centres in Canberra and Auckland
The investment will offer public and private sector enterprises greater resilience in support of their zero trust cybersecurity posture.
Story image
Remote Working
RDP attacks on the rise, Kaspersky experts offer advice
"Given that remote work is here to stay, we urge companies to seriously look into securing their remote and hybrid workforce to protect their data."
Story image
Research
New study reveals 51% of employees using unauthorised apps
The research shows that 92% of employees and managers in large enterprises want full control over applications, but they don't have it.