ExtraHop breaks down IoT security barriers with device behavior profiling and advanced threat detection
New Reveal(x) capabilities bring the power of network detection and response with cloud-scale machine learning to enterprise IoT without the need for siloed solutions
ExtraHop, the leader in cloud-native network detection and response, today announced a suite of new features designed to streamline the secure adoption and implementation of IoT in the enterprise. ExtraHop® Reveal(x)™ now provides advanced discovery, classification, and behavior profiling for enterprise IoT devices, providing visibility from the device to the service layer. These latest enhancements extend Reveal(x) capabilities to the enterprise IoT device edge, providing complete visibility, detection, and response across the attack surface without the need to implement narrow point solutions.
IoT reduces operational friction, making businesses more efficient and employees more productive. But this comes at a cost. IoT moves computing power to the edge, vastly expanding the enterprise attack surface, and without visibility into what devices are connecting to the network and what resources they are accessing, it leaves organizations vulnerable to threats.
“Our research points to consistent growth in enterprise IoT usage which, along with other enterprise initiatives, has led to a growing attack surface,” said Fernando Montenegro, Principal Analyst, Information Security, 451 Research. “This leads to increased demands from enterprise security teams for visibility into network traffic, analysis for detection of threats, followed by remediation as needed.”
With the latest release, ExtraHop Reveal(x) now provides the visibility, detection, and investigation capabilities security and IT organizations need to continuously secure and manage expanding IoT deployments.
- Continuous Device Discovery and Classification discovers, identifies, and profiles all IoT devices and services to deliver complete visibility without friction to IT and Security Operations teams.
- Device Behavior Profiling extracts rich L2-L7 data from network and cloud traffic, enabling deeper analysis across devices at the service level. When paired with cloud-scale machine learning from ExtraHop, this data is correlated with other network events to rapidly and accurately detect threat patterns for immediate response. This provides organizations with continuous behavioral monitoring and detection for IoT devices such as VoIP phones, printers, IP cameras, wearables, and smartboards.
- Guided Investigation automatically gathers contextual information, related detections, and packet level details into a single workflow to streamline and accelerate response actions, enabling security analysts and threat hunters to quickly determine the impact and scope of an IoT event and easily drill into forensic level details.
- IoT Security Hygiene helps security and IT operations teams address issues such as IoT devices and services using unencrypted communications, and when discovered, can automate response actions with other systems like creating a ticket or isolating devices on the network.
“We believe that enterprise IoT is a strong fit for ExtraHop's network detection and response solution. Not only do we discover the presence of IoT devices, identifying make and model, but we also automatically segment into peer groups to detect suspicious behaviors and potential threats.” said Jesse Rothstein, CTO and co-founder at ExtraHop.
“Reveal(x) enables organizations to truly understand the level of risk a device poses and provides situational awareness of the environment.”