Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.



ExtraHop is the leader in real-time IT analytics. Our platform makes data-driven IT a reality, applying advanced analytics and cloud-based machine learning to all digital interactions to deliver timely and accurate insight. IT leaders turn to ExtraHop first to help them make faster, better-informed decisions that improve performance, security, and digital experience. Just ask the hundreds of global ExtraHop customers, including Sony, Lockheed Martin, Microsoft, Adobe, and Google. To experience the power of ExtraHop, explore our interactive online demo:

Our Website:

Latest Content From ExtraHop

Whitepaper: ExtraHop Reveal(x) Technical Architecture

by ExtraHopJan 04, 2019

Take a look under the hood of ExtraHop Reveal(x) Network Traffic Analysis for the Enterprise

Whitepaper: Reveal(x) Reviewer's Guide

by ExtraHopFeb 20, 2019

As you go through the guide, you will learn how Reveal(x) can help your organization increase efficiency and confidence through unprecedented visibility, definitive insights, and immediate answers.

Whitepaper: SANS Review: Investigate Attacks on Critical Assets with Network Traffic Analysis

by ExtraHopApr 10, 2019

Internal threat activities (priilege escalation, lateral movement, etc.) are difficult if not impossible to detect using endpoint and perimeter protection alone. ExtraHop Reveal(x) provides network traffic analysis that helps security analysts efficiently detect and investigate these late-stage threats, as well as proactively improve security hygiene.

SANS Institute put the product through its paces to evaluate the following:

• Intuitiveness of the user interface
• Breach detection and response capabilities
• Proactive hunting of internal threats
• Ability to support hygiene and compliance initiatives

Read the report to learn why SANS Instructor Dave Shackleford says Reveal(x) "does [detecting and investigating threats in east-west traffic] well, and so much more."

Research Report: EMA Report: TLS 1.3 Adoption in the Enterprise

by ExtraHopApr 10, 2019

Read the new research from EMA on how encryption is impacting enterprises, and how they're preparing for even further transformation due to TLS 1.3 and perfect forward secrecy.

Research Report: Gartner Report: Market Guide for Network Traffic Analysis

by ExtraHopApr 10, 2019

Gartner's Neil Macdonald identified Network Traffic Analysis as one of the Top Technologies for Security in 2017. Now, in their inaugural Market Guide for Network Traffic Analysis, Gartner states that:

"To improve the detection of suspicious network traffic, security and risk management leaders should:
• Implement behavioral-based network traffic analysis tools to complement signature-based detection solutions
• Include NTA-as-a-feature solutions in their evaluations, if they are available from security information and event, firewall, or other security products.
• Focus on scalability (can the solution analyze the volume of traffic in the network?); efficacy of detection (perform a proof-of-concept trial in the environment); and price (at this early stage, market pricing varies widely)."

We're pleased to say ExtraHop Reveal(x) is included as a Representative Vendor of this crucial new category. Read the guide to understand which gap we believe NTA fills in the crowded cyber security market, as well as which vendors can support key security objectives such as faster incident response and stronger security hygiene through network detection and response.

Whitepaper: How Network Traffic Analysis Makes the CIS Controls Easier

by ExtraHopApr 23, 2019

When you have limited resources and a large attack surface to protect, smart prioritization is crucial. The Center for Internet Security (CIS) Top 20 Controls are a great place to start when it comes to making tough decisions, and ExtraHop Reveal(x) provides enterprise-class network traffic analysis to help you support many of the 20 Controls with ease.

Read this whitepaper to learn how Reveal(x) makes it far simpler for security teams to tackle the ambitious CIS Controls such as Inventory and Control of Hardware Assets, but also more technical recommendations like Account Monitoring and Control.

Whitepaper: EMA: Top 3 Report and Decision Guide for Security Analytics in 2019

by ExtraHopApr 23, 2019

For help navigating the security analytics market, download EMA Research's new "Security Analytics for Threat Detection and Breach Resolution in 2019" report and decision guide. EMA evaluated 32 vendors across a range of security analytics use cases and listed Reveal(x) as a Top 3 Winner in six different categories:

• Asset Classification and Inventory
• Early Breach Detection
• Encrypted Traffic Analysis
• Forensic Analysis Leveraging Packet Streams
• Identifying Network Protocol Misuse/abuse
• Ransomware Detection

Whitepaper: Embracing the Looming Challenge of 100% Encryption

by ExtraHopMay 13, 2019

Encryption is skyrocketing both inside corporate networks and on the public internet--and studies show that more and more attackers are utilizing numerous trends to hide their activities from your SOC. Luckily, there are methods you can use to embrace encryption in the enterprise without sacrificing your ability to see, hunt, and stop attackers.

Read the report for a deep dive into:

• Why decryption capabilities are crucial for the modern SOC
• The two primary methods for accessing and decrypting data for security analytics
• How ExtraHop Reveal(x), Network Traffic Analytics for the enterprise, gives you access to critical data with need-to-know decryption and no performance impacts

Whitepaper: Gartner Magic Quadrant for Network Performance Monitoring and Diagnostics

by ExtraHopMay 13, 2019

"[ExtraHop] is a phenomenal product, it drives transparency between teams and enables agility and efficiencies between teams getting rid of natural silos that exist between IT teams."

IT and Network Operations team must juggle increasing complexity, data silos, and sophisticated security threats. ExtraHop believes that by realizing the full potential of the network, your team can rise above these challenges and ensure a secure, world-class experience for customers.

ExtraHop is the first vendor to move to into the Leader quadrant of Gartner's Magic Quadrant for Network Performance Monitoring and Diagnostics since its inception. We believe this reflects our innovation in the NPMD space as well as our commitment to uniting IT and Security professionals with complete visibility, real-time detection, and guided investigations that deliver performance and security from the inside out.

Fill out the form to access your complimentary copy of the magic quadrant and the companion capabilities report!

Whitepaper: Network Traffic Analysis for MITRE ATT&CK

by ExtraHopJun 12, 2019

The MITRE ATT&CK Framework has rapidly become popular among security teams looking to take a structured and proactive approach to improving threat detection.

For many security professionals, using the ATT&CK Framework means taking a close look at each of the hundreds of tactics, techniques, and procedures (TTPs) and trying to figure out which tool in their patchwork of solutions is most likely to detect or block any given threat. MITRE provides an evaluation framework for Endpoint Detection and Response (EDR) platforms to test their standard deployments against a subset (56) of the TTPs listed. However, no such evaluation yet exists for network traffic analysis (NTA) products.

Read the white paper for a high-level view of how enterprise NTA with ExtraHop Reveal(x) detects and enables investigation of a broad range of the TTPs catalogued by MITRE ATT&CK!