• apps
  • ExtraHop Reveal(x) 360

ExtraHop Reveal(x) 360

by ExtraHop

Correlated network intelligence for enhanced extended detection and response (XDR)

Full-Coverage Security Built for When Seconds Matter

Reveal(x) 360 performs full-stream analysis on network traffic from multi-cloud, on-premises and hybrid environments, and then uses cloud-scale machine learning to detect stealthy advanced attack behaviors across the entire network. Reveal(x) 360 pulls endpoint security event data from Threat Graph and correlates that data with observed network behavior and network threat detections in the Reveal(x) 360 console. Data can also be pushed from Reveal(x) 360 to the CrowdStrike Falcon® platform to trigger automated containment against active network-based threats.

  • Respond in real time to auto-contain network-based threats, including ransomware, command & control behavior, unauthorized data movement and remote access patterns, data exfiltration, credential abuse, and many others.

  • Correlate Reveal(x) 360 detections with CrowdStrike Falcon Intelligence threat intelligence for fast, seamless IOC investigation.

  • Correlate network and endpoint attack details and forensics for full-coverage detection, investigation, and response.

  • Discover and identify all devices on the network, and identify those that are not yet instrumented with the CrowdStrike Falcon Agent.

Integrations:

  • Reveal(x) 360 + CrowdStrike Falcon Intelligence Free Trial App

    The Reveal(x) 360 integration with Falcon Intelligence is a free trial app that correlates IPs and domains listed as IOCs in Falcon Intelligence with network behavior data about those IPs and domains, providing rapid investigation of potential attacks in progress.

  • Reveal(x) 360 + CrowdStrike Falcon Real Time Response

    Reveal(x) 360 detects network-based threats that may soon impact specific endpoints but have not yet conducted malicious behavior on the endpoint itself. Reveal(x) 360 also detects threats that are actively conducting lateral movement, reconnaissance, command and control, and data exfiltration that generate network traffic from a compromised endpoint. Reveal(x) 360 can notify the Falcon agent about affected endpoints to contain the endpoint, preventing further spread of the threat.

  • Reveal(x) 360 + CrowdStrike Threat Graph

    Reveal(x) 360 gathers network transaction metrics, transaction records and full packets and decrypts them in real time, providing complete network intelligence at cloud speed and scale.

  • Reveal(x) 360 for Unmanaged IoT, BYOD and Remote Connections

    Reveal(x) 360 can discover and identify any device that communicates on the network and identify whether the CrowdStrike Falcon agent is installed on the device by observing network traffic, helping customers assure complete coverage and security detection and response capabilities — even for unmanaged or unmanageable devices.

Related Categories
  • Network and Infrastructure Security
  • IoT Security
  • Cloud Security
  • Extended Detection and Response
  • Threat Intelligence
  • Endpoint Security