ExtraHop brings greater security to cloud environments

ExtraHop has extended the power of Reveal(x) 360 to provide frictionless threat visibility for Amazon Web Services (AWS).

ExtraHop Reveal(x) 360 now applies advanced artificial intelligence to network telemetry layers to create a purpose-built “threat heatmap” to detect and stop advanced attacks such as double extortion ransomware and blockchain attacks. software supply, says the company.

According to ExtraHop, armed with this advanced threat visibility, security teams can focus on, investigate, and remediate hotspots of malicious activity without requiring developer time or resources.

Cloud security teams are outnumbered and the traditional approach to prevention and protection cannot keep pace with modern advanced attack techniques, says ExtraHop.

According to the IBM-Ponemon Institute 2021 Cost of a Data Breach report, the cost of public cloud breaches far exceeds that of breaches in hybrid environments, costing an average of $1.19 million more per incident.

Organizations with high levels of cloud migration generally experienced more costly breaches, with the average cost of a breach for mature cloud organizations coming in at just over $5 million, up from $3.46 million dollars for organizations with low levels of cloud adoption.

As developers deploy assets at a rapid pace and adversaries continue to evolve their attacks against critical applications and workloads, enterprises need a low-friction, high-fidelity approach to defend against advanced post-compromise activities.

ExtraHop co-founder and CTO Jesse Rothstein said, “We live in an age of large attack surfaces and frequent business compromises. Organizations must assume that attackers are actively operating in their cloud environment, moving laterally and bypassing traditional security checks”.

Rothstein says, “ExtraHop Reveal(x) 360 has been specifically designed to discreetly and reliably detect malicious behavior. With the introduction of a new subscription tier for AWS, we extend our capabilities for high-fidelity detection, threat hunting, and investigation into cloud environments without adding friction for development teams or organizations that need to innovate with speed and agility.”

ExtraHop’s new offering expands to include VPC Flow Logs and additional protocol analysis, providing both deep and broad visibility into threats in AWS.

VPC flow logs are popular for cloud security because of the wide coverage they provide, including cloud areas where capturing packets can be difficult.

Although flow logs are a useful data source for monitoring and analyzing network traffic, most organizations don’t leverage them for real-time analysis, which limits their effectiveness, says ExtraHop.

Additionally, accessing multiple data sources has historically required the use of multiple products and user interfaces, which creates friction due to the complexity and proliferation of tools.

ExtraHop Reveal(x) 360 aims to solve these problems by combining real-time analysis of flow logs, packets and protocols in a unified interface providing threat defense for cloud environments. According to the company, it offers the following:

Range and depth of detection: Real-time visualization of threat hotspots on workloads enables security teams to quickly investigate any incident to the root cause. This approach reduces false positives and allows security teams to focus on the highest priority threats, maximizing and scaling scarce analyst resources. Reveal(x) 360 also unifies threat visibility and detection across IaaS, PaaS, container, and serverless environments.

Zero friction for SecOps and DevOps: As an agentless solution, Reveal(x) 360 for AWS deploys frictionlessly and provides broader coverage than agent-based endpoint tools and application logs. Reveal(x) 360 collects and analyzes flow logs and packet metrics to create a real-time view of all cloud workloads, while AI behavioral detection highlights the highest priority threats for investigation and correction in a single management pane.

Lower total cost of ownership: The new Reveal(x) 360 sensor deploys without agents and a single instance provides broad and correlated coverage of attack patterns and activity across multiple workloads in a single user interface while reducing the total cost of possession.

Frank Dickson, IDC program vice president of security and trust, comments, “Cloud application developers have zero tolerance for security measures that affect application performance or slow code development speed. . Couple that with the complexity of microservices-based applications that are easily accessible through APIs and you start to understand the challenges of securing the cloud.

“ExtraHop’s ability to ingest both VPC flow logs and packets into a single user interface for cloud security coverage is a no-brainer. Security teams can illuminate and investigate malicious activity in near time. real without the developers having to adjust the development of the code.”

Comments are closed.