ExtraHop, the provider of cloud-native network detection and response, announces a suite of new features designed to streamline the secure adoption and implementation of IoT in the enterprise.
ExtraHop® Reveal(x)™ now provides advanced discovery, classification, and behaviour profiling for enterprise IoT devices, providing visibility from the device to the service layer. These latest enhancements extend Reveal(x) capabilities to the enterprise IoT device edge, providing complete visibility, detection, and response across the attack surface without the need to implement narrow point solutions.
Consistent growth in enterprise IoT usage
IoT reduces operational friction, making businesses more efficient and employees more productive
IoT reduces operational friction, making businesses more efficient and employees more productive. But this comes at a cost. IoT moves computing power to the edge, vastly expanding the enterprise attack surface, and without visibility into what devices are connecting to the network and what resources they are accessing, it leaves organisations vulnerable to threats.
“Our research points to consistent growth in enterprise IoT usage which, along with other enterprise initiatives, has led to a growing attack surface,” said Fernando Montenegro, Principal Analyst, Information Security, 451 Research. “This leads to increased demands from enterprise security teams for visibility into network traffic, analysis for detection of threats, followed by remediation as needed.”
Continuous behavioural monitoring
With the latest release, ExtraHop Reveal(x) now provides the visibility, detection, and investigation capabilities security and IT organisations need to continuously secure and manage expanding IoT deployments.
- Continuous Device Discovery and Classification discovers, identifies, and profiles all IoT devices and services to deliver complete visibility without friction to IT and Security Operations teams.
- Device Behaviour Profiling extracts rich L2-L7 data from network and cloud traffic, enabling deeper analysis across devices at the service level. When paired with cloud-scale machine learning from ExtraHop, this data is correlated with other network events to rapidly and accurately detect threat patterns for immediate response. This provides organisations with continuous behavioural monitoring and detection for IoT devices such as VoIP phones, printers, IP cameras, wearables, and smartboards.
- Guided Investigation automatically gathers contextual information, related detections, and packet level details into a single workflow to streamline and accelerate response actions, enabling security analysts and threat hunters to quickly determine the impact and scope of an IoT event and easily drill into forensic level details.
- IoT Security Hygiene helps security and IT operations teams address issues such as IoT devices and services using unencrypted communications, and when discovered, can automate response actions with other systems like creating a ticket or isolating devices on the network.
Network detection and response solution
“We believe that enterprise IoT is a strong fit for ExtraHop's network detection and response solution. Not only do we discover the presence of IoT devices, identifying make and model, but we also automatically segment into peer groups to detect suspicious behaviours and potential threats.” said Jesse Rothstein, CTO and co-founder at ExtraHop.
“Reveal(x) enables organisations to truly understand the level of risk a device poses and provides situational awareness of the environment.” Enterprise IoT Security features are now globally available with ExtraHop Reveal(x) platform.