ExtraHop Takes Network Security and Visibility to the IoT Edge
ExtraHop, a firm that uses cloud-based machine learning to analyze hybrid network behavior discovered at the wire level is now expanding its Reveal(x) platform beyond the network proper to include attached IoT devices. It will now discover, classify, and profile the behavior of IoT devices at the network edge, providing visibility, detection and response across the entire enterprise attack surface.
“As the rollout of 5G networks begins in earnest, the time to prepare for the next wave of IoT is now,” says the company. “IoT moves computing power to the edge, vastly expanding the enterprise attack surface, and without visibility into what devices are connecting to the network and what resources they are accessing, it leaves organizations vulnerable to threats.”
Four new capabilities are brought to protect the expanding IoT edge. Firstly, continuous discovery and classification will locate, identify and profile all IoT devices and services as they are added, providing visibility without friction to the IT and operations teams.
Secondly, device behavior profiling using Layer 2 to Layer 7 data from network and cloud traffic, paired with ExtraHop’s cloud-based machine learning analytics and other network events, rapidly detects threat patterns for immediate response.
Thirdly, automatic segment detection infers which devices are part of the same service, enabling continuous behavioral monitoring and detection of IoT devices such as VoIP phones, printers, IP cameras and smartboards. “This unique feature,” claims the company, “augments traditional network segmentation and enables organizations to more effectively identify and stop lateral movement.”
The fourth new feature is line-rate decryption of SSL / TLS 1.3. This will detect where IoT devices and services are using unencrypted communications, and — if the communications are encrypted — will natively decrypt the communications to perform deep behavioral threat detection without disruption.
Seattle, Washington-based ExtraHop was founded in 2007 by Jesse Rothstein (CTO) and Raja Mukerji (chief customer officer). It delivers machine learning analysis to cloud and network traffic to provide hybrid and multi-cloud visibility with real time threat detection and response. It has raised a total of $61.6 million, with the latest funding being a Series C round of $41 million closed in May 2014.