As business operations expand and move to the cloud, so does security. ExtraHop’s Reveal(x) platform can be deployed on a variety of cloud infrastructures. It makes sense for ExtraHop, leader in Network Detection and Response, to partner with tech giant Amazon Web Services (AWS).
ExtraHop Reveal(x) Cloud offers a turnkey, zero-infrastructure solution to AWS customers.
Use Reveal(x)’s deep insights and transaction fluency with event data from AWS CloudWatch to deliver complete visibility at cloud scale. Discover anomalies including rogue instances, disabled log systems, and suspicious file execution.
Features
Complete Visibility
Organizations need continuous visibility and situational intelligence across hybrid, multi-cloud, IoT and remote work environments from a single management source. Reveal(x) provides the ability to see into all of these sources as well as SSL/TLS encrypted traffic.
Real-Time Detection
Immediately detect anomalous behaviors and malicious activity, including unauthorized access, misconfigurations, and insecure APIs. Reveal(x) uses machine learning to utilize over 5,000 wire data features.
Intelligent Response
Work smarter, not harder. Raise efficiency of response time and investigative workflows with Reveal(x). Integrations with AWS include EC2, S3, Amazon CloudWatch and CloudTrail, Amazon VPC Flow Logs, and Lambda.
Deployment
Reveal(x) can be deployed in two ways. The first is through Reveal(x) 360 and the second is by Reveal(x) AMI for AWS. Both provide a unified security platform across on-premises and cloud environments with a low management burden.
Reveal(x) AMI for AWS sensors offer the option to conduct machine learning analysis and threat detection from inside an Amazon Virtual Private Cloud (VPC).
Differences
Extrahop lists the following differences between Reveal(x) 360 and Reveal(x) AMI for AWS:
Reveal(x) 360 | Reveal(x) AMI for AWS | |
SaaS-based deployment | X | |
Self-managed sensor | X | |
On-demand sensors billed hourly | X | |
Simplified sensor deployment via Cloud Console | X | |
Cloud-scale ML | X | X |
ExtraHop-managed record warehouse | X | |
Control plane for unified visibility (hybrid and multicloud) | X | |
Amazon VPC Traffic Mirroring integration | X | X |
Pricing
ExtraHop is also a member of the AWS Consulting Partner Private Offer (CPPO) Program. The CPPO program enables ExtraHop to resell AWS enterprise contracts and their products through the marketplace.
Datashield is also able to package ExtraHop, AWS, and managed security services in a single bill. Contact us to receive a quote.
The Datashield Advantage
Datashield has helped our clients implement ExtraHop using our proprietary orchestration tool, SHIELDVision. Our security engineers can architect and deploy Reveal(x) in multiple cloud and hybrid environments.
Take your security to the next level with managed security services, provided by Datashield and backed by security leader ADT. Our US-based SOC has eyes on glass 24x7x365, providing clients with world-class results and white-glove service.
Learn more about our cloud-native managed detection and response (MDR) service here.
If your organization is considering Reveal(x), contact us for a no-cost consultation to see if Datashield is right for you.