cheap nfl jerseys china cheap nfl jerseys free shipping wholesale nfl jerseys china wholesale jerseys from china cheap nfl jerseys free shipping cheap nfl jerseys for sale cheap jerseys free shipping wholesale nfl jerseys from china cheap nfl jerseys sale cheap nike nfl jerseys china wholesale jerseys free shipping cheap nfl jerseys wholesale wholesale nfl jerseys online cheap nfl jerseys wholesale china jerseys wholesale cheap coach handbags outlet authentic designer handbags cheap coach handbags outlet cheap coach purses outlet discount coach bags coach bags sale coach purse outlet cheap real coach purses coach handbags sale online coach purse outlet michael kors outlet online store cheap michael kors bags cheap michael kors purse michael kors factory outlet online cheap michael kors handbags cheap michael kors purses michael kors bags outlet online cheap michael kors purse michael kors handbags discount

New Solution Analyses East-West Traffic to Surface Anomalous Behavior, Helping IT Proactively Identify and Remediate Threats

SEATTLE – July 12, 2017 – ExtraHop, the leader in real-time IT analytics, today announced the release of its new Threat ID bundle, an extensible plug-in to the ExtraHop platform. ExtraHop Threat ID analyses east-west traffic within the datacenter, looking at common threat vectors including certificates, ciphers, DNS, and scans. The bundle then maps them against known configurations to help improve the security posture of IT organisations by proactively identifying and managing potential threats within the environment.

Download the ExtraHop Threat ID bundle today.

Technology and organisational gaps between IT and security teams often mean that neither team has the visibility or resources they need to quickly identify and remediate threats before they turn into a major breach. ExtraHop bridges this gap with network traffic analytics and the new Threat ID bundle delivering real-time visibility into suspicious port scans, data exfiltration activity, or indicators of an active attack that make it past perimeter defenses. Examples of new capabilities include:

  • Instantly Detect Suspicious DNS Behavior and Scans: Threat ID surfaces suspicious DNS and port scanning behavior patterns, allowing users to rapidly identify potential threats quickly and initiate a targeted investigation.
  • Proactively Manage Certificates and Ciphers: Threat ID delivers a complete map of encryption certificate strength and usage for accurate risk profiling. The bundle automatically identifies weak ciphers and determines how they are being used to better assess risk. The bundle also tracks expiring, expired, and wildcard certificates that could put data at risk or impact service delivery, and audits usage of non-compliant and outdated transport layer security protocols such as SSLv3 or TLSv1.0.

Through the ExtraHop integration with ServiceNow, these types of anomalies automatically trigger alerts, kicking off a workflow in ServiceNow so security and IT operations teams can easily quarantine an infected client.

“Organisations recognise that perimeter and signature-based security are no longer effective on their own,” said Jesse Rothstein, CTO and co-founder, ExtraHop. “With Threat ID, ExtraHop is delivering real-time network-level visibility and threat identification that can help all security stakeholders—from security to IT ops—stay ahead of potential threats.”

The Threat ID bundle joins a constellation of extensible plug-ins from ExtraHop aimed at helping global enterprises improve their security posture with real-time insight and rapid remediation. The ExtraHop Ransomware bundle analyses traffic from the SMB/CIFS network protocol to detect known ransomware file extensions and behavior patterns associated with the malware. The ExtraHop Active Directory bundle tracks user accounts, computer accounts, DNS, LDAP, global catalog, and group policy loads to help ensure security and compliance. Together, the Threat ID, Ransomware, and Active Directory bundles address critical blind spots in today’s IT environments and enable organisations to quickly enhance their security posture. 

About ExtraHop

ExtraHop makes data-driven IT a reality. By applying real-time analytics and machine learning to all digital interactions on the network, ExtraHop delivers instant and definitive insights that help IT improve security, performance, and digital experience. Just ask the hundreds of global ExtraHop customers, including Sony, Lockheed Martin, Microsoft, Adobe, and Google. To experience the power of ExtraHop, explore our interactive online demo. Connect with us on Twitter, LinkedIn, and Facebook.

 

Press Contacts

Rachel Pepple
ExtraHop Networks
206-462-2240

Anne Harding
The Message Machine (PR for ExtraHop in EMEA)
+44 7887 682943
anne@themessagemachine.com

Comments are closed.