ARTICLE AD
Skip to content Skip to footer
The ExtraHop Reveal(x) Platform Offers Critical Monitoring
Instead of working with agents that would need to be installed on devices, ExtraHop Reveal(x) pulls in raw network traffic from a variety of potential sources, including network taps or port monitors. For Amazon Web Services or Microsoft Azure clouds, it can read all the data coming from a virtual traffic mirroring feed. It then analyzes that traffic — and can do so very quickly at up to 100 gigabytes per second.
The platform then begins to classify every device operating on the network using its highly trained machine learning engine. In testing, it properly discovered everything from a Domain Name System server to a heart monitor. Reveal(x) comes pretrained so that it can quickly identify thousands of medical and Internet of Things devices. It can also learn about new or unique devices that may be operating within a healthcare network.
Once identified, devices are put into logical groups so that Reveal(x) can monitor traffic to determine what normal patterns flow within the network to compare against future outliers. It can also immediately identify malicious traffic associated with cryptomining or attack patterns.
The network discovery process is not a one-time event: Reveal(x) is always monitoring traffic, so every time a new device comes online, it will be identified the instant it starts to communicate. In this way, the platform can quickly identify and protect newly installed equipment; it can also reveal shadow IT or unauthorized devices before they can touch any other network assets.
Get More Support for Security Alerts with ExtraHop Reveal(x)
Once a potential threat is identified, Reveal(x) generates an alert and presents an explanation for its findings. This includes the devices and hosts involved, the IP addresses, the type of threat that is being launched and the severity of the alert. It explains why the threat is dangerous and what should be done to counteract it.
Reveal(x) will also offer to help with remediation, making it a great tool for less experienced security personnel.
Healthcare networks are necessarily complex behemoths so that providers can deliver high-quality patient care. A platform such as ExtraHop Reveal(x) can help to simplify some of that complexity, spotting threats and suspicious activities by their network traffic while exposing hidden behaviors that could be sheltering potential attackers.
SPECIFICATIONS
PRODUCT TYPE: Cloud-native network detection and response
DEPLOYMENT: Software as a Service
TRAFFIC ANALYSIS SPEED: Up to 100GBs per second
ENTERPRISE PROTOCOLS KNOWN: Over 70
TRAFFIC DECRYPTION ABILITY: Can passively decrypt SSL and TLS 1.3
MACHINE LEARNING ENGINE: Knows over 5,000 attack methods and patterns