Blog
See How Network Intelligence Tools Find Adversaries & Advanced Threats
What Makes Attackers Think They Can Hide?
Dale Norris
July 12, 2021
At ExtraHop, we've always understood the value of network data for visibility, threat detection and response in cloud and hybrid environments. While we're biased toward our technology, we're not the only organization that recognizes network detection and response (NDR) as essential for defending critical workloads and data, regardless of the environment. IDC has been particularly keen on NDR, or network intelligence as they describe it, for cloud and hybrid security.
The IDC Market Share Report named ExtraHop a "Vendor Who Shaped the Year" in the rapidly growing NITA market. In their most recent report, What Makes You Think You Can Hide? How Network Intelligence Tools Find the Adversary and Defend Against Advanced Threats, IDC dives deeper into the benefits of taking a network-based approach to cloud and hybrid security. IDC also reviews Reveal(x) 360, our SaaS-based NDR product. We'll briefly dig into what IDC says about network intelligence as a whole and Reveal(x) 360 specifically.
Why Network Intelligence Matters for Cloud and Hybrid Security
IDC created a fairly substantial list of the reasons why security-minded organizations should consider adding NDR solutions to their existing toolsets. Among the most attention grabbing was cybercriminals taking a multi-dimensional approach to their attacks, making L2-L7 visibility essential to stopping them. Encrypted traffic can also present visibility problems for security teams. Unfortunately, IDC notes, the point products and legacy solutions many organizations use can't deliver that level of visibility, leaving attackers plenty of cover. Rather than simply pointing out the problem, IDC offers a solution.
"Real-time network visibility from anywhere in the world can help bridge the IT, operations, and security gap with shared data from the public cloud, multicloud, and on-premises equipment," IDC stated.
Additionally, IDC noted the difficulties agent-based tools have in meeting the scale and elasticity that cloud security demands. To expand security coverage, IDC recommends taking an agentless approach and choosing tools that can monitor both hybrid and multicloud environments to investigate and respond to threats.
"New network intelligence tools are bringing detection, investigation, and response together into one tool compared to legacy tools which only offered alerts," IDC said.
How Reveal(x) 360 Delivers Network Intelligence for Cloud and Hybrid Security
Network intelligence, more commonly referred to as NDR, relies on visibility across deployments to monitor traffic and conduct analysis for threat detection, investigation, and response. Without the need to deploy separate tools for each environment, Reveal(x) 360 enables security teams to detect, investigate, and respond to threats anywhere, from the datacenter to the cloud to the user and device edge in a single management pane. Securely cloud-hosted services such as machine learning and a record store with 90-day lookback help organizations detect advanced threats in real time and conduct deep investigation for always-on incident response.
In their product review near the end of the report, IDC noted that Reveal(x) 360 has:
- The ability to be a standalone solution or a complementary one in the SOC
- Sensitive data handling that adheres to regulatory and compliance standards
- An AI/ML-based foundational approach along with full-spectrum detection and response capabilities, including forensics
- Enhanced dashboards to make analysts more efficient and productive, including via one-click investigation
- Wide integrations with leading EDR/SIEM/SOAR platforms
To form your own opinions about Reveal(x) 360, start the live online demo. You can choose a scenario to stop a SUNBURST attack, find threats in a real cloud environment, or investigate a simulated attack unfolding in real time. You can also choose to explore the demo on your own.
Discover more