Network telemetry from ExtraHop RevealX™ helps SOC analysts reveal and stop threats faster

LAS VEGAS: ExtraHop®, a leader in cloud-native network detection and response (NDR), today announced customers can now automate detection, investigation and mitigation workflows leveraging network telemetry from the ExtraHop RevealX™ platform in the CrowdStrike Falcon® cybersecurity platform.

Today’s SOCs struggle to keep up with adversaries, burdened by an industry talent shortage, siloed tools, and alert overload. To improve operational efficiency, speed up response times, and build resilience, SOC analysts are increasingly looking for ways to automate tedious tasks and quickly respond to risks across the network, endpoints, and other third-party tools.

Joint customers ingesting network telemetry from the ExtraHop RevealX platform in CrowdStrike Falcon® Next-Gen SIEM can now orchestrate that data in Falcon Foundry, CrowdStrike’s low-code application development platform, to build custom detection and response workflows. When ExtraHop RevealX detects abnormal network behaviors, Falcon Next-Gen SIEM ingests the alert, correlates it with EDR and other data, and can use that intelligence within Foundry apps and Fusion workflows.

With streamlined and customized workflows, customers can benefit from:

• Rapid detection and investigation: Anomalous network detections are investigated through automated workflows, instantaneously.
• Reduced manual intervention: Automated responses for low-priority detections empower analysts to allocate more time to mission-critical tasks.
• Scalability: Customized workflows designed to scale with an organization ensures security processes remain effective with growth.

“The ExtraHop RevealX NDR platform gives enterprises unique visibility into security threats as they propagate through the network and reveals risks that may not be visible through other security tools,” said Kanaiya Vasani, Chief Product Officer, ExtraHop. “The breadth and depth of telemetry ExtraHop gathers from the network when combined with other data sources such as EDR, and the ability to build custom workflows to investigate a range of detections, helps customers accelerate response to security threats.”

“With access to CrowdStrike’s robust data and threat intelligence, Falcon Foundry enables users to establish creative solutions and workflows tailored to their organization’s unique needs,” said Daniel Bernard, Chief Business Officer at CrowdStrike. “By adding network data from ExtraHop RevealX, a critical accelerant in understanding and closing security gaps, our partnership with ExtraHop elevates the speed in which joint customers respond to both endpoint and network threats.”

Fal.Con attendees can learn how to start building automated workflows by joining ExtraHop and CrowdStrike on Wednesday, September 18 at 3 p.m. PDT for “Integrating NDR, EDR, and SIEM for Advanced Threat Detection (DEV42).”

For more about the ExtraHop and CrowdStrike partnership:

• Visit ExtraHop Booth #2901 at Fal.Con September 16-20.
• Learn more about the ExtraHop and Crowdstrike partnership.
• Watch the ExtraHop webinar, “Harness the Power of the Network and Endpoint Data to Stop Material Breaches.”

About ExtraHop®

ExtraHop is the cybersecurity partner enterprises trust to reveal cyber risk and build business resilience. The ExtraHop RevealXTM network detection and response (NDR) platform uniquely delivers the unparalleled visibility and decryption capabilities that organizations need to investigate smarter, stop threats faster, and move at the speed of risk. Learn more at www.extrahop.com.

© 2024 ExtraHop Networks, Inc., RevealX, RevealX 360, RevealX Enterprise, and ExtraHop are registered trademarks or trademarks of ExtraHop Networks, Inc.

Fonte: Business Wire