"Hybrid" is no longer an imagined future state. It's here, now, showering the enterprise with opportunity—rapid growth! boundless innovation!—while simultaneously expanding application profiles far beyond what legacy security architectures were built to protect.
Even as the cloud provides DevOps and IT Ops with unprecedented flexibility and freedom to scale, security teams are shackled by sprawling attack surfaces, alert fatigue, and a well-documented shortage of skilled analysts. Locked in the impossible position of standing between the business and cloud adoption, their only way out lies beyond old models, outdated tools, and operational workflows that no longer suit their needs.
It's time to build cloud-first network security.
Today I'm proud to announce the release of ExtraHop Reveal(x) Cloud, a SaaS-based network detection and response (NDR) solution for the hybrid enterprise.
I'll unpack what that means in greater detail in a moment, but let me begin with our vision for Reveal(x) Cloud: to finally give security teams the zero-infrastructure, turnkey, managed offering they need to support a culture of rapid technology growth.
Security Operations teams, in particular, often discover that developers and IT teams have deployed hundreds—sometimes thousands—of workloads to their company's newly-minted public cloud environment. With no way to know what's been deployed, much less secure it, SecOps needs to act right now to minimize risk of unmonitored, uncontrolled applications. The only alternative is to call a halt to the migration, costing the business millions in the process.
As Senior 451 Analyst Fernando Montenegro puts it: "ExtraHop's Reveal(x) Cloud allows customers to use traffic mirroring from AWS to achieve better network visibility, detection and response, and to do that as a service. This is likely to assist SecOps teams making the transition to support cloud deployments."
Reveal(x) Cloud provides deep and continuous visibility from the inside out, at the ground truth of virtual ne twork communication. Designed through close collaboration with AWS, Reveal(x) Cloud enables security teams to take full advantage of new Amazon Virtual Private Cloud (Amazon VPC) traffic mirroring and securely send traffic to a fully-managed SaaS product from ExtraHop. Reveal(x) Cloud integrates natively with AWS CloudTrail, Amazon CloudWatch, and Amazon VPC flow logs, to supplement observable network behavior with on-workload events and logs.
While Reveal(x) Cloud fulfills the promise of cloud-first network security with rich insight into all cloud behavior, it also delivers effortless cloud asset discovery and classification, rapid threat detection, and confident response. This is even true for workloads and application components encrypted by SSL/TLS: Reveal(x) Cloud decrypts TLS workloads, including perfect forward secrecy ciphers, with no loss of scalability or fidelity.
(As an aside: when you live and die by analyzing network behavior, the ability to decode SSL/TLS is supremely important to detecting threats. Enlightened application developers encrypt their communications. Threat actors definitely do so. Anyone who claims SSL/TLS isn't important either doesn't know anything about security or is a security vendor spending too much on marketing and not enough on product.)
Rant concluded. At the end of the day, ExtraHop is here to help Security, DevOps, and IT rise above the noise—whether that noise is as literal as false alerts, or as metaphorical as stress passed down from business leaders who want to innovate faster than SecOps can secure.
With Reveal(x) Cloud, we're working with AWS to help security teams rise above the noise created by cloud adoption so they can hold up their side of the Shared Responsibility model, protect cloud workloads by ensuring compliance, and deliver security across the hybrid attack surface.