ExtraHop® Accelerates Threat Hunting with New Capabilities to Counter Escalating Ransomware Threat
Empowers Enterprises to Detect, Investigate, and Respond to Malicious Files with More Speed and Precision
ExtraHop®, a leader in cloud-native network detection and response (NDR), unveiled new network-based file analysis capabilities in ExtraHop RevealXTM to detect malware, combat ransomware, and help prevent data loss.
According to the 2024 Global Ransomware Trends Report, organisations experience an average of eight ransomware incidents per year. To carry out these attacks, adversaries often rely on the disparate tools and disjointed workflows deployed in the SOC, ensuring malicious files stay under the radar and go undetected.
ExtraHop RevealX Provides Holistic Approach vs. Ransomware
In response to the rapidly growing threat ransomware and evolving cyberattacks pose to enterprises around the globe, the new capabilities in ExtraHop RevealX offer a holistic approach to file analysis, providing deeper insights and faster response times. With built-in file hashing, file-based detections, and file carving, SOC analysts can leverage the power of the network to reduce their cyber risk within a single platform, ensuring no threat goes unnoticed, and operations keep running.
“When burdened with a high volume of alerts across a number of sprawling, outdated security tools, it is becoming nearly impossible for SOC analysts to keep up with attackers,” said Kanaiya Vasani, Chief Product Officer at ExtraHop. “ExtraHop is committed to arming the SOC with a comprehensive solution that consolidates threat detection, investigation, and response in one single platform, elevating enterprises’ security posture, while also eliminating legacy tools and overhead. Our file analysis capabilities are the latest stop on this journey to optimising the SOC, improving efficiency and driving even stronger outcomes for customers around the globe.”
Benefits of the new capabilities include:
- Faster threat detection. Rapidly detect malicious files on the network with even greater accuracy. Generate identifiers to spot unauthorised changes or malicious files instantly, informed by CrowdStrike Falcon Adversary Intelligence built into the ExtraHop RevealX Platform.
- Optimised investigation and response. Accelerate investigation workflows with search and filter capabilities to quickly pinpoint root cause and respond effectively to potential threats.
- Improved SOC efficiency. Conduct file hashing, carving, and analysis directly within the ExtraHop RevealX platform, reducing manual workflows and the costs associated with managing multiple tools.
To learn more, read the blog.
