ExtraHop extended its cloud-native network detection and response platform to IoT devices. It’s a capability that becomes increasingly important as operators roll out 5G networks and enterprises connect billions of new devices to these corporate networks.
With today’s announcement, the network-performance-monitoring-turned-security company “makes the case that hey, you can apply NDR [network detection and response] full scale for IoT,” said Sri Sundaralingam, ExtraHop’s VP of product strategy. He points to the Gartner Security Operations Center (SOC) Visibility Triad, which includes endpoint detection and response (EDR) and security information and event management (SIEM) tools for incident management and response. But the third piece — NDR — “has been the missing piece,” especially when it comes to IoT devices that enterprises may not be able to secure using agents, and often times these devices don’t even generate log and event data, Sundaralingam said.
“Going back to this cyber triad: you want reliable data, and the network is a key part of it,” he added. “IoT is a strong use case, and NDR vendors can help in terms of brining visibility into those devices, assessing risk, and helping security advisors deal with those risks.”
How It Works
To this end, Reveal(x), ExtraHop’s security platform, now provides discovery, classification, and behavior profiling for enterprise IoT devices, which the vendor says provides Layer 2-Layer 7 visibility — from the device to the service layer — across all manner of devices including VoIP phones, printers, IP cameras, wearables, and smartboards. Device behavior profiling, when combined with ExtraHop’s machine learning capabilities, allows the platform to more rapidly analyze data and detect threat patterns, Sundaralingam said. This helps security teams better determine the impact and scope of an IoT security event and remediate the problem.
“It’s not just about IoT visibility, it’s about integrating that with detection, and that can be integrated with investigations and remediation workflows,” he said, adding that Reveal(x) already integrations with Splunk, Palo Alto Networks, and other SIEM and security orchestration, automation, and response (SOAR) tools for better investigation and remediation when it does detect suspicious behavior.
ExtraHop CEO Arif Kareem teased his company’s expansion into IoT security during an interview last month with SDxCentral. “I’m intrigued with 5G’s influence on the edge of the network,” Kareem said, and he specifically mentioned IoT. “As we look into the proliferation of unmanaged devices, that would be an interesting vector for us.”
"network" - Google News
February 19, 2020 at 01:41AM
https://ift.tt/38FjRNc
ExtraHop Extends Network Detection and Response to IoT - SDxCentral
"network" - Google News
https://ift.tt/2v9ojEM
Shoes Man Tutorial
Pos News Update
Meme Update
Korean Entertainment News
Japan News Update
No comments:
Post a Comment