|
|
 |
This Presentation date is September 26, 2019 at 14:30 - 16:30.
Presenters: Corey Bodzin, Jeff Deininger, Ryan Davis
Follow on Twitter using the following hashtags or usernames: #CFD6
Introduction to ExtraHop
Watch on YouTube
Watch on Vimeo
In this introductory presentation at Cloud Field Day 6, Ryan Davis, Senior Product Marketing Manager for Cloud at ExtraHop, provided a concise overview of the company and its evolution. He emphasized two primary takeaways: ExtraHop is a cloud-native network detection and response (NDR) company, and it provides a unique approach to security monitoring by leveraging network traffic as the core data source. This allows ExtraHop to deliver real-time threat identification, secure cloud infrastructures, and manage critical applications efficiently. Davis invited the audience to keep these two points in mind as they delved deeper into the presentation.
ExtraHop was founded over a decade ago but gained significant traction in the cloud space starting about six years ago, with the launch of their first cloud performance tool for AWS. Initially designed as a network performance management (NPM) tool using RP-CAP, it required agent deployment to capture network data and feed insights to their on-prem solution. This early cloud experience laid the foundation for broader capabilities. Around 2015, ExtraHop noticed that many customers started using their platform for security purposes instead of just performance monitoring. This organic shift inspired the company to officially pivot toward building tailored security solutions.
In 2018, ExtraHop launched RevealX, a purpose-built security product that marked a turning point for the company. The momentum was notable — in that same year, ExtraHop surpassed $100 million in revenue and saw a tenfold increase in RevealX bookings within just six months. The product’s strong market performance was solidified by 20 major deals, each worth over $1 million. Most recently, at AWS’s security-focused Reinforce conference, ExtraHop introduced RevealX Cloud, extending their capabilities to deliver cloud-native network detection and response at scale. This expansion reflects their commitment to evolving with industry demands and providing effective cloud security solutions.
Personnel: Ryan Davis
ExtraHop Customer Stories
Watch on YouTube
Watch on Vimeo
During this session, ExtraHop dives into real-world customer deployments, including a range of use cases, from the Home Depot, to a Fortune 500 retail company using ExtraHop for cloud visibility, to one of the largest fast dining restaurants in the world.
Ryan Davis, Senior Product Marketing Manager at ExtraHop, shared a series of customer success stories to highlight how ExtraHop’s platform delivers tangible results across different industries. Starting with The Home Depot, Davis described how the company sees itself as a technology-driven organization that has built numerous applications to enhance the customer experience, both online and in-store. By deploying ExtraHop in their large-scale migration to Platform as a Service (PaaS) environments, Home Depot was able to monitor application performance in an agentless way, ultimately realizing a 56% improvement in application performance and a 40% revenue increase for the Buy Online, Pick Up In-Store service — a clear demonstration of how operational visibility can directly impact business outcomes.
Another use case focused on a Fortune 500 video game retailer, especially the company’s need for stability and performance during high-traffic events like Black Friday and Cyber Monday. With traffic surging from 700,000 to nearly 4 million orders daily during these peak times, the company relied on ExtraHop for real-time visibility into PCI data security and accurate capacity planning. Transaction rates and session latency, rather than traditional metrics like CPU or memory, acted as early indicators of performance issues. By gathering and analyzing this telemetry, the retailer could make data-driven decisions on scaling infrastructure and assessing business performance on an hourly basis—even without historical year-over-year comparisons, as they had only been using ExtraHop for under 12 months at the time.
In another story, a global fast food chain leveraged ExtraHop to modernize its digital offerings in alignment with customer demand for food delivery through services like Uber Eats and Postmates. ExtraHop provided end-to-end visibility into the rollout of their new app, helping ensure a seamless digital customer experience. Finally, Ryan discussed Curo, a financial services firm using ExtraHop to bridge the traditional divide between network operations (NetOps) and security operations (SecOps). This integration of network and security teams into a collaborative unit—referred to as a “SNOC” (Security + NOC)—demonstrated how ExtraHop enables converged insights, allowing organizations to unify monitoring and improve coordination across IT domains, elevating both performance and security postures.
Personnel: Ryan Davis
The ExtraHop Architecture
Watch on YouTube
Watch on Vimeo
The ExtraHop platform was built to deliver visibility, detection, and investigation at massive scale. We consume a copy of unstructured network traffic from across your entire environment – from the data center, to the cloud, to the remote site – using a tap or port mirror.
Cloud Computing has rapidly changed the way we do business, but regulations like GDPR have placed a spotlight on the importance of designing security into the cloud from the start.
The ExtraHop stream processor performs line-rate decryption, decoding, and full-stream reassembly for every transaction. The end result is structured wire data that can be analyzed, explored, and fully leveraged for investigation and remediation. It’s our wire data that keeps our machine learning focused, precise, and uniquely reliable.
Personnel: Ryan Davis
ExtraHop Architecture Chalk Talk
Watch on YouTube
Watch on Vimeo
The ExtraHop platform was built to deliver visibility, detection, and investigation at massive scale. We consume a copy of unstructured network traffic from across your entire environment – from the data center, to the cloud, to the remote site – using a tap or port mirror.
Cloud Computing has rapidly changed the way we do business, but regulations like GDPR have placed a spotlight on the importance of designing security into the cloud from the start.
The ExtraHop stream processor performs line-rate decryption, decoding, and full-stream reassembly for every transaction. The end result is structured wire data that can be analyzed, explored, and fully leveraged for investigation and remediation. It’s our wire data that keeps our machine learning focused, precise, and uniquely reliable.
Personnel: Corey Bodzin
ExtraHop Reveal(x) Cloud Product Demo
Watch on YouTube
Watch on Vimeo
This session is a walk through of a live demo of Reveal(x): ExtraHop’s Network Detection and Response (NDR) platform. Organizations relying only on SIEM and EDR to protect their critical assets remain exposed to attackers who can easily disable logging and circumvent endpoint protection agents.
But all attack campaigns unfold over the network as one compromised system communicates with others, which allows NDR to uncover and neutralize attach campaigns in real time.
Jeff’s presentation underscores what is required from an NDR product for sophisticated threat detection, and effective response across a sprawling and dynamic attack surface that included datacenter, cloud, and branch office.
Personnel: Jeff Deininger