What is ExtraHop?
ExtraHop is a network detection and response (NDR) platform that helps organizations gain operational intelligence about their IT environments. It provides real-time analytics and visibility into network activity across on-premises, cloud, and hybrid infrastructures.
ExtraHop automatically discovers devices communicating on the network and collects L2-L7 data, including transactions, protocols, security events, and internal system logs. Using machine learning and behavioral analysis, ExtraHop can detect IOCs, anomalies, suspicious behavior, and performance issues that indicate potential threats or other risks.
Key capabilities and benefits of ExtraHop include:
- Real-time monitoring and analysis of east-west network traffic for security threats and performance issues
- Scalable architecture to handle speeds up to 100Gbps
- Detection of suspicious behaviors and automated investigation workflows
- Integration with other security and IT tools via ExtraHop Reveal(x) platform
- Custom metrics and dashboards for monitoring business-critical apps and services
ExtraHop serves enterprises across many industries looking to bolster network visibility, security operations, and digital experience monitoring. It competes with vendors like Cisco Stealthwatch and RSA NetWitness Platform in the NDR market.