In the enterprise, slow time is the new downtime, and performance and security issues are now existential threats. Even as enterprises demand more speed, scale, and functionality, IT has lacked the visibility it needs to ensure consistent performance and security. With ExtraHop 7.0, organisations can accelerate remediation of performance and security issues by visually identifying and investigating anomalous behaviour; answer audit and compliance questions via visual representations of device communications and dependencies; monitor PFS-encrypted traffic at scale so that organisations don’t have to choose between security and visibility; and easily share relevant data and insights across multiple teams.
New features in ExtraHop 7.0 include:
? Live activity maps: With live activity maps, ExtraHop delivers a complete 360 degree visualisation of the entire IT environment, from on-premises to the cloud. Moving beyond static block diagrams or simple network topology maps, live activity maps enables IT operations and security teams to accelerate investigations by exploring a visual map of all device and application communications, including real-time and historical views. Users can zero in on incidents and anomalies by filtering or excluding devices, and drill down into the transaction records with one click. Live activity maps also support business-critical initiatives like cloud migration, datacenter consolidation, and regulatory compliance.
? ExtraHop Decryption Suite: ExtraHop now extends SSL decryption capabilities to support PFS, the emerging standard for privacy and security encryption. With first-to-market PFS decryption capability, security teams can implement best-in-class security and compliance measures without compromising critical visibility for network and IT operations teams.
? Addy security anomalies: ExtraHop Addy now automatically detects and alerts on more types of suspicious behaviour, including network scans, data exfiltration, and unusual file server access.
? Anomaly-initiated workflows: ExtraHop Addy’s machine learning detects and alerts on performance and security anomalies automatically, leveraging ExtraHop Open Data Stream technology to enable rapid incident response and remediation. With anomaly-initiated workflows, users can automate the response to alerts for specific events in ServiceNow, Cisco Tetration, and other third-party systems.
“IT underpins every aspect of operations, from the way employees accomplish work to the way customers interact with the organisation,” said Jesse Rothstein, CTO and co-founder, ExtraHop. “With 7.0, we’re empowering enterprise IT with the analytics, alerting, and automation required to manage performance at scale and address today’s advanced threats. When IT can know everything about the environment, they can be fearless in accelerating and securing business transformation.”