Internal threat activities (privilege escalation, lateral movement, etc.) are difficult if not impossible to detect using endpoint and perimeter protection alone. ExtraHop Reveal(x) provides network traffic analysis that helps security analysts efficiently detect and investigate these late-stage threats, as well as proactively improve security hygiene.
SANS Institute put the product through its paces to evaluate the following:
- Intuitiveness of the user interface
- Breach detection and response capabilities
- Proactive hunting of internal threats
- Ability to support hygiene and compliance initiatives
Read the report to learn why SANS Instructor Dave Shackleford says Reveal(x) "does [detecting and investigating threats in east-west traffic] well, and so much more."