Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.



ExtraHop is the leader in real-time IT analytics. Our platform makes data-driven IT a reality, applying advanced analytics and cloud-based machine learning to all digital interactions to deliver timely and accurate insight. IT leaders turn to ExtraHop first to help them make faster, better-informed decisions that improve performance, security, and digital experience. Just ask the hundreds of global ExtraHop customers, including Sony, Lockheed Martin, Microsoft, Adobe, and Google. To experience the power of ExtraHop, explore our interactive online demo:

Our Website:

Latest Content From ExtraHop

Whitepaper: SANS Review: Investigate Attacks on Critical Assets with Network Detection and Response

by ExtraHopOct 03, 2019

"By emphasizing ease of use, deep analytics capabilities, built-in intelligence and search tools and rapid event triage, many SOC teams could hit the ground running quickly with Reveal(x)."
- Dave Shackleford, SANS Institute Instructor

Learn how Reveal(x), cloud-native network detection and response for the hybrid enterprise, addresses the following core security areas as identified by the SANS Institute in this 12-page product review:

• Deployment model and flexibility
• Broad visibility and context
• Machine learning
• Depth and breadth of Layer 7 protocol analysis
• Decryption

The SANS team was provided with a review environment configured with a number of compromised systems exhibiting mock attack activity. The review details their experience with several security use cases, including Detection/Response, Proactive Threat Hunting, and Hygiene and Compliance.

Whitepaper: Network Detection and Response: Cloud Security's Missing Link

by ExtraHopNov 11, 2019

Digital transformation to the cloud is driving innovation, but it's also leaving cloud adopters open to new attack vectors.

Download "Network Detection and Response: Cloud Security's Missing Link" to see how this emerging cybersecurity category helps enterprises protect business-critical data and applications in the cloud.

This new eBook discusses how NDR solutions leverage cloud virtual taps to complete Gartner's SOC Visibility Triad (SIEM, EDR, and NDR) and fill analytics gaps in monitoring, threat hunting, investigation, and response.

Whitepaper: Executive's Guide to Integrating NetOps and SecOps

by ExtraHopJan 08, 2020

"Integrated NetOps and SecOps delivers tangible results: 38% OPEX reduction, 37% risk reduction, and much more."

Security operations (SecOps) and network teams (NetOps) have traditionally acted separately but increasing IT complexity and scale means that aligning these two groups is a critical step towards delivering a fast and secure user experience.

A recent global SANS Institute survey found that only 30 percent of SecOps teams already work closely with NetOps, so how can you convince your organization to combine forces in order to reduce waste, speed up threat detection and response, and improve your business agility?

Read this whitepaper for the five key value drivers of an integrated SOC and NOC, as well as clear strategies to help you move forward.

Whitepaper: EMA Report: Network Detection and Response in the Cloud Comes of Age

by ExtraHopJan 08, 2020

Until recently, many IT security practitioners turned to legacy tools as a means of securing the growing amount of east-west network traffic in cloud environments. With the introduction of traffic mirroring and virtual network taps, cloud-native network detection and response (NDR) solutions such as ExtraHop Reveal(x) Cloud can help security teams overcome the challenges of visibility at a cloud scale:

"ExtraHop's new Reveal(x) Clous SaaS offering for AWS takes the deployment burden away from AWS customers, enabling fast service provisioning and instant asset discovery, and providing threat detection, investigation, and response."

Download your copy of the full report from Enterprise Management Associates to learn more about:

• The key benefits of virtual network taps provided by Microsoft Azure and Amazon Web Services
• ExtraHop's new Reveal(x) Cloud SaaS-based network detection and response solution

Whitepaper: SANS Institute Report: Cloud Security Survey Results

by ExtraHopJan 08, 2020

Complex configurations don't mix well with rapidly spun-up components, and when your company uses multiple cloud providers to host your critical assets, the odds of a major security event get that much higher.

So how do you close visibility gaps and integrate conflicting datasets from different providers, and how do you adjust your current incident response strategies to respond to cloud-specific threats?

Read the report from SANS Instructor Dave Shackleford to learn how your peers across tech, finance, cybersecurity, and other industries address the following questions and more:

• What's the most dangerous cloud security vulnerability that you might think is only hype?
• What are the biggest challenges in adapting IR and forensics analysis to the cloud?
• What are the most effective security controls for the cloud, and how can you avoid common implementation roadblocks?

Whitepaper: Security Advisory: Is Your Enterprise Data Being "Phoned Home"?

by ExtraHopJan 08, 2020

Is your enterprise data being 'phoned home' by third-party vendors?

Enterprises rely on third-party vendors for everything from infrastructure and applications to security, but then they often don't know how those vendors are using their data. In this ExtraHop Security Advisor, we discuss four real-world examples of data being *phoned home* and share best practices for ensuring data security, privacy, and compliance.

Download your copy now to learn how you can recognize these instances and prevent vendors from misusing data.

Whitepaper: WhatWorks in SOC/NOC Integration: Improving Time to Detect, Respond and Contain with ExtraHop Reveal(x)

by ExtraHopApr 28, 2020

The 2019 SANS Security Operations Center survey showed that SOC managers list lack of integration between security and IT and network operations as one of the major obstacles to both their effectiveness in dealing with evolving threats and their ability to efficiently protect the business in constrained budget environments. Less than 40% of SOC managers say that the SOC and the NOC are effectively integrated, and those who report higher levels of integration show improvement in reducing time to detect, respond and contain.

SANS director John Pescatore interviewed Mitch Roberson, Director for Enterprise Systems at Curo Financial, in a SANS WhatWorks case study about Curo Financial's selection, deployment and experience using ExtraHop's Reveal(x). Roberson provided details of the selection and deployment of Reveal(x) to increase visibility into network traffic, gaining detailed and timely insight into performance and security issues and crossing organizational siloes by using a common tool and dashboard for application owners, network administrators and security analysts.

In this case study, you will learn:
• How Curo Financial uses Reveal(x) to drive collaboration between security and IT Operations teams
• How their security, network, and application teams use network detection and response
• Best practices for considering ExtraHop Reveal(x)

Whitepaper: 2020 SANS Network Visibility and Threat Detection Survey

by ExtraHopMay 01, 2020

As organizations move to the cloud, encrypt communications, adopt IoT and manage third-party vendors, the complexity of the network increases--impeding visibility and impacting security. In this SANS survey, 59% believe that lack of network visibility poses a high or very high risk to their operations, and 64% of respondents experienced at least one compromise over the past 12 months.

Network data flowing between clients and applications is a rich source of information, which can be looked at as the ground source of truth. Organizations that monitor their network data can develop more in-depth visibility to detect and respond to threats, despite skyrocketing complexity.

Read this report to learn how to do more with the network data you already have and what to look for in a network visibility tool.

Whitepaper: SANS Report: Factoring Enterprise IoT into Detection and Response

by ExtraHopJul 16, 2020

Download this report from SANS Institute on how to secure IoT devices and:

• Learn about the growth of IoT devices inside corporate networks
• Understand how the IoT boom is reshaping enterprise security
• Explore the benefits of network detection and response for IoT, cloud, and multicloud security

Whitepaper: 2020 SANS Remote Workers Poll

by ExtraHopJul 16, 2020

Download this SANS report to learn how the tech workforce has adapted to work-from-home and how organizations have navigated the new challenges posted:

• Learn what resources are the priority for remote workers
• Find out the biggest barriers to efficiency
• Get insights on data accessibility and security