dcn-as logo
Story image

ExtraHop integrates with Google Cloud's new packet mirroring feature

26 Nov 2019

 Google Cloud has announced a new packet mirroring feature that integrates with ExtraHop’s ExtraHopReveal(x) to enable stronger threat detection, investigation, and response.

The packet mirroring feature enables Reveal(x) to analyse network traffic in a passive, agentless manner, in order to provide deeper visibility into security threats against workloads in Google Cloud.

Reveal(x) for Google Cloud Platform is able to automatically discover, classify, and map dependencies between workloads. It is also able to apply advanced machine learning to surface the most critical threats. Equipped with this information, GCP customers can rapidly identify, investigate, and respond to threats, fulfilling their obligations under the shared responsibility model.

ExtraHop CTO and cofounder Jesse Rothstein says that traditional security tools are falling short, which means new thinking is needed.

“Reveal(x) for GCP Packet Mirroring provides security teams with unparalleled network visibility and cloud-scale machine learning for detection and automated response across your business's complex attack surface.”

Through the integration with GCP packet mirroring, ExtraHop Reveal(x) provides full threat visibility, detection, and response across cloud and hybrid workloads.

Full Packet analysis: Reveal(x) leverages GCP Packet Mirroring to capture payloads and headers, enabling in-depth analysis and threat hunting. Machine learning at the application layer provides immediate detection of difficult-to-spot activity, including exfiltration.

Encrypted payload visibility: Reveal(x) decrypts SSL/TLS-encrypted traffic at line rate, including cipher suites supporting perfect forward secrecy, providing complete visibility into all communications, including encrypted malicious traffic.

Augmented investigation: Reveal(x) for GCP automates several early investigation steps to provide analysts with workflows that can be completed in clicks, enabling quick and confident response.

Google Cloud product manager Mahesh Narayanan says traffic visibility is an essential part of preventing security breaches and attacks, particularly as networks become more complex.

“With Packet Mirroring, our customers now have a way to proactively detect network intrusions, analyze, and diagnose application performance issues for both Compute Engine and Google Kubernetes Engine, across all regions and machine types."

Ulta Beauty is one organisation that sees benefits from the Google Cloud and Reveal(x) integration.

Ulta Beauty’s senior director of IT risk management and CISO Diane Brown explains, "Ulta Beauty is a company built on seeing possibilities. It's informed everything from our in-store shopping experience to how we build our business – including the technology that supports it.”

"In cloud computing, we see the ability to grow faster and deliver more 'wow' experiences to our customers. The new integration between ExtraHop Reveal(x) and Google Cloud's new packet mirroring accelerates our cloud adoption by giving us the visibility we need to secure our applications and protect our most precious asset, our customers."

ExtraHop Reveal(x) for GCP is now available in alpha.

Story image
From 1G to 5G: How innovations in cellular have shaped our lives
As we look to the present decade from 2020 onwards, 5G will be at the forefront. The race for 5G is not about merely deploying new infrastructure, but getting the first-mover advantage in who can build and take the leadership role in the host of new applications and services that 5G will enable.More
Link image
How to leverage backup best practices to repel ransomware
Here's how a ransomware kit with a whitepaper, webinar and 30 day free trial can help your business effectively prevent, detect and restore from a ransomware attack.More
Story image
Alibaba Cloud launches new cloud database solutions following market growth
"We want our customers to ride on the future trend, and we will continue to innovate and provide our customers with the best database technology so that together, we can build a solid foundation in their digital transformation process."More
Story image
Pure Storage acquires Portworx for $370m, extends Kubernetes services and support
Pure Storage has signed an agreement to acquire Portworx for approximately $370 million in cash, with the aim of extending Kubernetes and containers solutions and support. This deal represents Pure Storage’s largest acquisition to date. More
Download image
Equinix study: Firms turn to NFV to support distributed networks
Decision-makers looking for a solution that virtualises a wide range of network functions should evaluate NFV, study finds.More
Story image
Trend Micro receives AWS Outposts Ready designation
rend Micro solutions are now fully and demonstrably capable of integrating with Outposts deployments.More