ExtraHop IDS Security: What is IDS?

Comprehensive Detection Coverage with
High-Fidelity Network Signatures

Read the eBook Watch Demo

Why you need
Next-Gen IDS

Why you need
Next-Gen IDS


ExtraHop is a leader in Network Traffic Analysis (NTA) on G2 ExtraHop is a leader in Network Detection and Response (NDR) on G2

THE NEXT EVOLUTION
OF IDS

Intrusion detection systems (IDS) were popularized in the 1990s and continue to be a major part of PCI DSS and other compliance programs. Unfortunately, legacy IDS tools lack the visibility needed to keep up with today’s modern threats.

ExtraHop IDS is the next evolution of intrusion detection technology. Harnessing network data and tens of thousands of high-fidelity network signatures, ExtraHop IDS provides high-risk CVE exploit identification, contextualized alerts, and full-spectrum investigation workflows. ExtraHop IDS analyzes both east-west and north-south traffic with enhanced decryption capabilities, and can better address compliance requirements set by PCI DSS, HIPAA, NIST, and more.

Deeper Detection Coverage

  • Real-time detections of known malware and exploits with tens of thousands of signatures.

  • High-fidelity detections curated by the ExtraHop Threat Research team.

  • Detect known threats in encrypted network traffic that target web servers and email.

STRENGTHENED RESPONSE

  • Enhanced response capabilities with integrated Reveal(x) workflows.

  • Advanced triage with integrated risk scoring, correlation, and investigation.

  • Native and turnkey integrations with CrowdStrike, Splunk, Palo Alto Networks, and other leading security providers.

EXCEED COMPLIANCE REQUIREMENTS

  • Deploy and manage physical and virtual IDS sensors from the same Reveal(x) NDR platform.

  • Automated cloud updates including health and rule updates for sensors with restricted access.

  • Stay ahead of security governance and compliance requirements from PCI DSS, NIST, and more.

Quote Icon

The real value in ExtraHop Reveal(x) is the time we see returned to our engineers so they can focus on the things that matter, like projects, strategic initiatives, and — most importantly — innovation.

DIANNE BROWN

CISO, ULTA BEAUTY

Reveal(x) with
IDS Adds Critical
Capabilities

ExtraHop IDS Legacy IDS
Critical CVE exploit detection
Protocol abuse
Static threshold rules
Application ID
Decryption -
Insider threat detection -
East-west visibility -
Cloud enabled -
Flexible deployment -

Automated Security Workflows

Standalone IDS stops at alerts, leaving time-strapped analysts searching for root cause with other investigation tools. ExtraHop IDS offers full-spectrum attack detection and investigation by blending cloud-scale ML with rule-based insights to expose and contain threats in the network.

Reveal(x) NDR Workflow Powered with IDS

teal arrow with the title security hygiene written in black

Passive Asset Inventory

Discover Weak and Expired Cypher

teal arrow with the title detection written in black

Known Threats

Unknown Threats

teal arrow with the title incident response written in black

90 days of traffic lookback

Correlated attacker timeline

Threat briefings

teal arrow with the title forensics written in black

Continuous PCAP evidence repository

Legacy IDS

teal arrow with the title security hygiene written in black

-

gray arrow with the title detection written in black
Known Threats
gray arrow with the title incident response written in black

-

gray arrow with the title forensics written in black

-

Reveal(x) Workflow
Powered with IDS

Legacy IDS

Security Hygiene

Passive Asset Inventory

Discover Weak and Expired Cypher

-

Detection

Known Threats

Unknown Threats

Known Threats

Incident Response

90 days of traffic lookback

Correlated attacker timeline

Threat briefings

-

Forensics

Continuous PCAP evidence repository

-