Security Experts:

ExtraHop Expands Enterprise IoT Security Features

ExtraHop Takes Network Security and Visibility to the IoT Edge

The introduction of IoT devices into the enterprise can improve the work experience and productivity of staff, but often comes with increased security risk. IoT devices notoriously bring additional vulnerabilities to the new edge without being adequately protected by the organization's network security.

ExtraHop, a firm that uses cloud-based machine learning to analyze hybrid network behavior discovered at the wire level is now expanding its Reveal(x) platform beyond the network proper to include attached IoT devices. It will now discover, classify, and profile the behavior of IoT devices at the network edge, providing visibility, detection and response across the entire enterprise attack surface.

"As the rollout of 5G networks begins in earnest, the time to prepare for the next wave of IoT is now," says the company. "IoT moves computing power to the edge, vastly expanding the enterprise attack surface, and without visibility into what devices are connecting to the network and what resources they are accessing, it leaves organizations vulnerable to threats."

Four new capabilities are brought to protect the expanding IoT edge. Firstly, continuous discovery and classification will locate, identify and profile all IoT devices and services as they are added, providing visibility without friction to the IT and operations teams.

Secondly, device behavior profiling using Layer 2 to Layer 7 data from network and cloud traffic, paired with ExtraHop's cloud-based machine learning analytics and other network events, rapidly detects threat patterns for immediate response.

Thirdly, automatic segment detection infers which devices are part of the same service, enabling continuous behavioral monitoring and detection of IoT devices such as VoIP phones, printers, IP cameras and smartboards. "This unique feature," claims the company, "augments traditional network segmentation and enables organizations to more effectively identify and stop lateral movement."

The fourth new feature is line-rate decryption of SSL / TLS 1.3. This will detect where IoT devices and services are using unencrypted communications, and -- if the communications are encrypted -- will natively decrypt the communications to perform deep behavioral threat detection without disruption.

Seattle, Washington-based ExtraHop was founded in 2007 by Jesse Rothstein (CTO) and Raja Mukerji (chief customer officer). It delivers machine learning analysis to cloud and network traffic to provide hybrid and multi-cloud visibility with real time threat detection and response. It has raised a total of $61.6 million, with the latest funding being a Series C round of $41 million closed in May 2014.

Related: ExtraHop Introduces Real Time Wire-Level Threat Detection 

Related: Supply Chain Attack Infects IoT Devices at Major Manufacturers

Related: Why it's So Hard to Implement IoT Security 

Related: Insight Partners Acquires IoT Security Firm Armis at $1.1 Billion Valuation

view counter
Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.