ExtraHop, a cloud-native network detection and response (NDR) provider, has released the ExtraHop IDS (intrusion detection system) along with several product enhancements.
The IDS platform integrates with the Reveal(x) framework to offer a new, simplified approach to intrusion detection for deeper coverage and full-spectrum investigation, ExtraHop said. Reveal(x) is the company’s flagship NDR platform.
In addition, ExtraHop introduced Automated Retrospective Detection and a native integration with Palo Alto Cortex XSOAR product enhancements.
Commenting on the advancements, Jesse Rothstein, ExtraHop co-founder and chief technology officer, said:
“Our goal in 2023 is to remove any complexities associated with NDR and make deployments as seamless and effective as possible. With these new offerings, we’re confident customers will reap the benefits of a robust NDR solution and gain the power to see more, know more, and stop more cyberattacks.”
Advancing Intrusion Detection
ExtraHop is positioning IDS as a next-gen approach to intrusion detection, in that it couples Reveal(x)’s NDR capabilities with high-fidelity, curated detections for deeper CVE coverage, visibility into encrypted traffic, advanced triage, and simplified cloud management.
With IDS and Reveal(x), security teams can now deploy and manage IDS sensors from the same platform as their NDR sensors for streamlined detection and full-spectrum investigations.
ExtraHop is also offering Automated Retrospective Detection, which automatically searches through historical network data to find evidence of previously unknown threats in past activity as soon as new indicators of compromise are introduced.
ExtraHop notes that it natively integrates with Palo Alto Networks Cortex XSOAR for simple and secure remediation. To reduce complexity and streamline investigations, joint customers can create a Cortex incident as soon as ExtraHop identifies malicious or non-compliant behavior on the network.