Featured

Technology Partner

Google

Security

Performance

Threat detection and response for Google Cloud Platform and hybrid environments

Download Solution Brief

Overview

Accelerate cloud adoption while securing your customers and your business

Analyze network traffic at scale and expand control across your entire attack surface

Modern businesses leverage the cloud to drive agility and growth. Whether it’s to speed innovation, support a remote workforce, improve application performance or datacenter efficiency, ensure a backup and disaster recovery strategy, or solve the most complex computing challenges – the cloud can drive massive impact.

But as networks grow in complexity, and data is distributed across various environments, security teams need to be able to monitor and analyze all network traffic for indicators of compromise and suspicious behaviors. Getting access to network traffic in public cloud environments, however, can be challenging.

Highlights

Gain greater visibility across all of your cloud services and containers
Improve incident response and forensics with continuous packet capture and 90 days of recorded history
Secure cloud migration with automated real-time asset discovery and inventory
Improve cloud application performance and security
Strengthen regulatory compliance

Security

Performance

Forensics

Challenges

Adversaries 🖤 the cloud

Threat actors are increasingly abusing features unique to the cloud

Google reports that nation state actors are increasingly targeting cloud services and infrastructure as industries across the globe increasingly adopt the cloud. According to the report, threat actors are targeting:

Public cloud storage services that are unprotected or have weak naming conventions
Misconfigured cloud applications and systems
Cloud instances with weak or no passwords on common remote access protocols, Secure Shell (SSH) and Remote Desktop Protocol (RDP)

Once inside the network, adversaries have been known to:

Escalate their privileges by modifying policies or adding identities to privileged groups
Move back and forth between cloud and on-premises environments
Exfiltrate data to adversary-controlled cloud storage to either sell for profit or threaten to make public if ransomware demands are not met
Encrypt cloud-stored file shares and delete cloud-stored backups

In line with shared responsibility, Google states:

“Even though major cloud platforms invest heavily in security and in abuse detection and mitigation, organizations should monitor their own cloud computing resources for suspicious activity to best align billing monitoring and security needs.”

You need maximum visibility to understand and secure assets in Google Cloud environments, including compute instances, containerized workloads, data storage services, and more.

Blog

Defending Containerized Environments

The ephemeral nature of containers makes them difficult to protect. Because they can be deployed and destroyed multiple times in a single day, security teams have trouble gaining continuous visibility and understanding what constitutes the anomalous or malicious behaviors. Securing containers requires continuous monitoring, AI-powered analysis, and the ability to detect and respond to advanced threats as they occur.

Solution

RevealX 360

A SaaS-based network detection and response solution that is purpose-built for Google Cloud, multi-cloud, and hybrid environments

With RevealX 360, security teams gain the complete visibility they need to understand and secure assets in Google Cloud environments, including compute instances, containerized workloads, data storage services, and more.

Google Cloud’s packet mirroring copies network traffic and sends it to RevealX for real-time analysis at scale, detection and response.

Key Benefits

87%

Faster threat detection

Get the necessary visibility to Reduce downtime due to outages “With improved visibility and AI-powered analysis, Reveal(x) 360 decreases time to threat detection by 83% and time to threat resolution by 87%.”

Key Benefits

Comprehensive Visibility

Inspect all network traffic at scale, passively and without agents or friction.

Learn more

Advanced Threat Protection

Detect suspicious behaviors like lateral movement, command and control attacks, and data exfiltration. See threats hiding in encrypted traffic.

Learn more

Application Security and Performance

Ensure your applications and data remain secure. Identify the true root cause of application performance issues.

Learn more

Workload Security

Ensure the security and compliance of workloads running in Compute Engine and Google Kubernetes Engine.

Learn more

Compliance

Monitor all network traffic. Ease compliance audits with automated real-time asset discovery and classification.

Learn more

“The new integration between ExtraHop Reveal(x) and Google Cloud's new packet mirroring accelerates our cloud adoption by giving us the visibility we need to secure our applications and protect our most precious asset, our customers.”

Diane Brown Senior Director of IT Risk Management & CISO, Ulta Beauty

Associated content

Brief

RevealX 360 for Google Cloud

Improve your situational awareness, gain actionable intelligence, and quickly zero in on malicious activity.

View & download

Customer Story

Ulta Beauty Securely Scales High-Growth e-Commerce Operation in the Cloud

To support their fast growth without compromising guest experiences, Ulta migrated their e-commerce platform to Google Cloud.

View customer story

Blog

Gain PCAP and Forensics in Google Cloud

We're eliminating the friction traditionally associated with PCAP in the cloud and speeding forensic investigation.

Blog

The Importance of Network Data in Securing Cloud Workloads

Organizations that are aware of the shared responsibility model of cloud security understand that they must fully own the security of their cloud workloads.

Blog

Container Security: Definition, Best Practices, and Examples

In this type of attack, a threat actor will upload a compromised container image to a Docker image repository.

RevealX platform

Deployment

Integrations

Experience NDR

Capabilities

FAQs

Intrusion Detection System

Forensics

Experience NPM

Capabilities

FAQs

Forensics

Solutions

Ransomware Attacks

Advanced Threat Hunting

Threat Detection and Response

Network Forensics and Investigation

Security Hygiene

Cloud Workload Security

Operational Resilience

Troubleshooting and Resolution

Cloud Migration

Cloud Workload Monitoring

Network Forensics

Zero Trust

Multicloud & Hybrid Cloud Security

XDR Strategy

SOC Modernization

Digital Transformation

Financial Services

Education

Public Sector

Federal Civilian Agencies

Defense and Intelligence

State and Local Government

Why ExtraHop

Customer Stories

News

Careers

Technology Partners

Channel Partners

Managed Service Providers

Service Credits

Resident Experts

Deployments

Customer Community

Technical Support

Education Services

C-Level

Security Threats

Company

Products

How-To

NDR

NPM

Ransomware

Zero Trust

Reports

Demos & Videos

Customer Stories

Webinars

Papers & E-books

Data Sheets

Events

Experience NDR

Capabilities

FAQs

Intrusion Detection System

Forensics

Experience NPM

Capabilities

FAQs

Forensics

Ransomware Attacks

Advanced Threat Hunting

Threat Detection and Response

Network Forensics and Investigation

Security Hygiene

Cloud Workload Security

Operational Resilience