Press Releases
ExtraHop® Announces Integration with CrowdStrike Falcon® Next-Gen SIEM
May 7, 2024
Builds upon long-time partnership to unify network, endpoint, and log data
SEATTLE – May 7, 2024 – ExtraHop®, a leader in cloud-native network detection and response (NDR), today announced an integration with CrowdStrike Falcon® Next-Gen SIEM, empowering joint customers to stop threats faster by utilizing network telemetry directly in the AI-native CrowdStrike Falcon platform.
Attackers are increasingly evolving their tactics to evade traditional security controls, hiding in encrypted east-west network traffic, using living off the land techniques, and exploiting devices that organizations can’t put an endpoint agent on. To better identify these threats, security teams rely on multiple sources of data for complete visibility across their entire environment.
RevealX™, the NDR platform from ExtraHop, ingests, monitors, and automatically analyzes network data, giving enterprises immediate visibility into all of their east-west and north-south network traffic — even encrypted communications. Integrating RevealX with Falcon Next-Gen SIEM unifies that deep network telemetry with rich security data, threat intelligence, AI and workflow automation from the CrowdStrike Falcon platform to give joint customers more reliable, relevant, and contextual security alerts.
With the latest CrowdStrike and ExtraHop integration, customers benefit from:
- Expanded attack surface coverage: Gain complete visibility into managed and unmanaged assets, and expanded coverage against the MITRE ATT&CK framework.
- Fast, comprehensive investigations: Investigate smarter with correlated Falcon data and network-based detections to accelerate incident investigations and time to respond.
- Streamlined workflows: Ensure rapid, consistent response to every threat with integrated SOAR playbooks that provide bidirectional automated workflows and intelligently coordinated response actions.
“The needs of the modern SOC have outgrown the capabilities of the legacy SIEM. The explosion of data sources and arduous data ingestion processes combined with the inability to correlate disparate sources and automate orchestrated responses, leaves security teams behind adversaries,” said Daniel Bernard, Chief Business Officer, CrowdStrike. “Today’s security teams need a reimagined SIEM that combines an AI-powered platform approach with critical network data sources, such as ExtraHop, to stop breaches with speed and accuracy.”
“NDR is essential to a successful next gen SIEM deployment and ExtraHop is best suited to help organizations reap the benefits of network data in security operations through expanded attack surface visibility, superior threat detection, and faster incident investigation and response," said Kanaiya Vasani, Chief Product Officer, ExtraHop. “As a market leader, we recognize the power of integrating our award-winning technology into the CrowdStrike Falcon Next Gen SIEM, and, together, our ability to give customers faster access to the information they need to manage and mitigate their cyber risk.”
Visit booth #N-6245 at RSA Conference to demo the integration today.
Additional Resources
- Learn how ExtraHop partners with CrowdStrike
- Check out ExtraHop in the CrowdStrike Marketplace
- Read how EDR and NDR can stop ransomware
About ExtraHop
ExtraHop is the cybersecurity partner enterprises trust to reveal cyber risk and build business resilience. The ExtraHop RevealX network detection and response (NDR) platform uniquely delivers the unparalleled visibility and decryption capabilities that organizations need to investigate smarter, stop threats faster, and move at the speed of risk. Learn more at www.extrahop.com.
© 2024 ExtraHop Networks, Inc., RevealX, RevealX 360, RevealX Enterprise, and ExtraHop are registered trademarks or trademarks of ExtraHop Networks, Inc.