ExtraHop® Announces Integration with CrowdStrike Falcon® Next-Gen SIEM
Builds upon long-time partnership to unify network, endpoint, and log data
Posted: Thursday, May 09
  • KBI.Media
  • $
  • ExtraHop® Announces Integration with CrowdStrike Falcon® Next-Gen SIEM
ExtraHop® Announces Integration with CrowdStrike Falcon® Next-Gen SIEM

SYDNEY – May 8, 2024 – ExtraHop®, a leader in cloud-native network detection and response (NDR), has announced an integration with CrowdStrike Falcon® Next-Gen SIEM, empowering joint customers to stop threats faster by utilising network telemetry directly in the AI-native CrowdStrike Falcon platform.

Attackers are increasingly evolving their tactics to evade traditional security controls, hiding in encrypted east-west network traffic, using living off the land techniques, and exploiting devices that organisations can’t put an endpoint agent on. To better identify these threats, security teams rely on multiple sources of data for complete visibility across their entire environment.

RevealXTM, the NDR platform from ExtraHop, ingests, monitors, and automatically analyses network data, giving enterprises immediate visibility into all of their east-west and north-south network traffic — even encrypted communications. Integrating RevealX with Falcon Next-Gen SIEM unifies that deep network telemetry with rich security data, threat intelligence, AI and workflow automation from the CrowdStrike Falcon platform to give joint customers more reliable, relevant, and contextual security alerts.

With the latest CrowdStrike and ExtraHop integration, customers benefit from:

  • Expanded attack surface coverage: Gain complete visibility into managed and unmanaged assets, and expanded coverage against the MITRE ATT&CK framework.
  • Fast, comprehensive investigations: Investigate smarter with correlated Falcon data and network-based detections to accelerate incident investigations and time to respond.
  • Streamlined workflows: Ensure rapid, consistent response to every threat with integrated SOAR playbooks that provide bidirectional automated workflows and intelligently coordinated response actions.

“The needs of the modern SOC have outgrown the capabilities of the legacy SIEM. The explosion of data sources and arduous data ingestion processes combined with the inability to correlate disparate sources and automate orchestrated responses, leaves security teams behind adversaries,” said Daniel Bernard, Chief Business Officer, CrowdStrike. “Today’s security teams need a reimagined SIEM that combines an AI-powered platform approach with critical network data sources, such as ExtraHop, to stop breaches with speed and accuracy.”

“NDR is essential to a successful next gen SIEM deployment and ExtraHop is best suited to help organisations reap the benefits of network data in security operations through expanded attack surface visibility, superior threat detection, and faster incident investigation and response,” said Kanaiya Vasani, Chief Product Officer, ExtraHop. “As a market leader, we recognise the power of integrating our award-winning technology into the CrowdStrike Falcon Next Gen SIEM, and, together, our ability to give customers faster access to the information they need to manage and mitigate their cyber risk.”

Additional Resources

About ExtraHop®

ExtraHop is the cybersecurity partner enterprises trust to reveal cyber risk and build business resilience. The ExtraHop RevealXTM network detection and response (NDR) platform uniquely delivers the unparalleled visibility and decryption capabilities that organisations need to investigate smarter, stop threats faster, and move at the speed of risk. Learn more at www.extrahop.com.

© 2024 ExtraHop Networks, Inc., RevealX, RevealX 360, RevealX Enterprise, and ExtraHop are registered trademarks or trademarks of ExtraHop Networks, Inc.

Share This