New capabilities build on existing detection, investigation, and response integrations between ExtraHop Reveal(x) and CrowdStrike Falcon platform, adding highly-targeted, intelligence-backed response to CrowdXDR alliance
The new native push-button response feature within ExtraHop Reveal(x) gives defenders the tools they need to dramatically accelerate containment while minimizing disruption to the organization. Unlike automated response offerings, push-button response gives security analysts the ability to control how and when assets are quarantined based on high-fidelity detections and enriched intelligence that extends from the network to the endpoint.
"Over the past five years, the security pendulum has started to swing more meaningfully towards a detect-and-respond model that assumes even the best perimeter defenses will eventually be breached," said
"This new capability enables faster remediation and faster time to respond, letting teams focus on critical assets and resources," said
The push-button response integration builds upon ExtraHop's existing partnership with
- Unified Threat Intelligence: Reveal(x) 360 correlates indicators of compromise (IOCs) from CrowdStrike Falcon X and security telemetry from the CrowdStrike Falcon platform with network details and behavioral insights to deliver complete coverage. The data is correlated and contextualized in the Reveal(x) console.
- Real-time Detection: With the integration of Reveal(x) 360 and the CrowdStrike Falcon platform, security teams can rapidly detect threats observed on the network such as network privilege escalation, lateral movement, suspicious remote access connections, and data exfiltration. They also can thwart attack techniques occurring on the endpoint, including ransomware, local file enumeration, process spawning, and code execution. This provides complete coverage across the entire attack surface.
- Instant Response: With the new push-button response offering, security analysts can use the network containment capability of the CrowdStrike Falcon platform to instantly quarantine a device with a single click within the Reveal(x) platform. This approach cuts off attacker access to network resources and endpoints, stopping an attack in progress without disrupting business or slowing an analyst's investigation workflow.
- Continuous Endpoint Visibility: With automatic device discovery and classification, Reveal(x) continuously updates and maintains a list of devices impacted by threats, even on devices where the CrowdStrike Falcon agent is not yet present. This alerts
Learn more about the power of ExtraHop +
"With new advanced and evolving threats challenging organizations daily, security teams must act with impeccable speed and accuracy to safeguard the business from a breach," said
ExtraHop is also a launch partner of the CrowdXDR alliance, joining forces to establish common XDR language for data sharing between security tools and processes to enrich detections and threat hunting capabilities. A recent joint webinar explains how to make XDR a reality.
Additional Resources
- Get ExtraHop Reveal(x) 360 in the
- Experience ExtraHop Reveal(x) in our live online demo
- Learn more about the
- Watch the Webinar, How XDR Gets Real: Stop Advanced Threats with
About ExtraHop
Cyberattackers have the advantage. ExtraHop is on a mission to help you take it back with security that can't be undermined, outsmarted, or compromised. Our dynamic cyber defense platform, Reveal(x) 360, helps organizations detect and respond to advanced threats-before they compromise your business. We apply cloud-scale AI to petabytes of traffic per day, performing line-rate decryption and behavioral analysis across all infrastructure, workloads, and data-in-flight. With complete visibility from ExtraHop, enterprises can detect malicious behavior, hunt advanced threats, and forensically investigate any incident with confidence. ExtraHop has been recognized as a market leader in network detection and response by IDC, Gartner, Forbes, SC Media, and numerous others. Learn more at www.extrahop.com.
© 2022
Press Contact
ExtraHop
pr@extrahop.com
Account Manager, Positive
jgalland@positivemarketing.com
07780866874
.
(C) 2022 M2 COMMUNICATIONS, source