Singapore – ExtraHop, a cloud-native network detection and response firm, has introduced a new feature allowing customers to automate detection, investigation, and mitigation tasks.
This strategic solution will utilise network telemetry from the ExtraHop RevealX™ platform through the CrowdStrike Falcon® cybersecurity platform.
Through the collaboration, customers can reap the benefits of streamlined and customised workflows, particularly in key areas including rapid detection and investigation, reduced manual intervention, and scalability. It also helps SOC analysts reveal and stop threats faster.
In addition, customers can now orchestrate that data in Falcon Foundry, CrowdStrike’s low-code application development platform, to build custom detection and response workflows.
Upon RevealX’s detection of abnormal network behaviours, Falcon Next-Gen SIEM ingests the alert, correlates it with EDR and other data, and applies this intelligence within Foundry apps and Fusion workflows.
Recently, CrowdStrike has also inaugurated an alliance with Cohesity, which aims to advance the detection and response capabilities of the platform against sophisticated threats.
Kanaiya Vasani, chief product officer at ExtraHop, said, “The ExtraHop RevealX NDR platform gives enterprises unique visibility into security threats as they propagate through the network and reveals risks that may not be visible through other security tools.”
“The breadth and depth of telemetry ExtraHop gathers from the network when combined with other data sources such as EDR, and the ability to build custom workflows to investigate a range of detections, helps customers accelerate response to security threats,” explained Vasani.
Daniel Bernard, chief business officer at CrowdStrike, also remarked, “With access to CrowdStrike’s robust data and threat intelligence, Falcon Foundry enables users to establish creative solutions and workflows tailored to their organisation’s unique needs.”
He further shared, “By adding network data from ExtraHop RevealX, a critical accelerant in understanding and closing security gaps, our partnership with ExtraHop elevates the speed in which joint customers respond to both endpoint and network threats.”
