ExtraHop, the provider of cloud-native network detection and response, announces a suite of new features designed to streamline the secure adoption and implementation of IoT in the enterprise.

ExtraHop® Reveal(x)™ now provides advanced discovery, classification, and behavior profiling for enterprise IoT devices, providing visibility from the device to the service layer. These latest enhancements extend Reveal(x) capabilities to the enterprise IoT device edge, providing complete visibility, detection, and response across the attack surface without the need to implement narrow point solutions.

Consistent growth in enterprise IoT usage

IoT reduces operational friction, making businesses more efficient and employees more productive

IoT reduces operational friction, making businesses more efficient and employees more productive. But this comes at a cost. IoT moves computing power to the edge, vastly expanding the enterprise attack surface, and without visibility into what devices are connecting to the network and what resources they are accessing, it leaves organizations vulnerable to threats.

Our research points to consistent growth in enterprise IoT usage which, along with other enterprise initiatives, has led to a growing attack surface,” said Fernando Montenegro, Principal Analyst, Information Security, 451 Research. “This leads to increased demands from enterprise security teams for visibility into network traffic, analysis for detection of threats, followed by remediation as needed.”

Continuous behavioral monitoring

With the latest release, ExtraHop Reveal(x) now provides the visibility, detection, and investigation capabilities security and IT organizations need to continuously secure and manage expanding IoT deployments.

  • Continuous Device Discovery and Classification discovers, identifies, and profiles all IoT devices and services to deliver complete visibility without friction to IT and Security Operations teams.
  • Device Behavior Profiling extracts rich L2-L7 data from network and cloud traffic, enabling deeper analysis across devices at the service level. When paired with cloud-scale machine learning from ExtraHop, this data is correlated with other network events to rapidly and accurately detect threat patterns for immediate response. This provides organizations with continuous behavioral monitoring and detection for IoT devices such as VoIP phones, printers, IP cameras, wearables, and smartboards.
  • Guided Investigation automatically gathers contextual information, related detections, and packet level details into a single workflow to streamline and accelerate response actions, enabling security analysts and threat hunters to quickly determine the impact and scope of an IoT event and easily drill into forensic level details.
  • IoT Security Hygiene helps security and IT operations teams address issues such as IoT devices and services using unencrypted communications, and when discovered, can automate response actions with other systems like creating a ticket or isolating devices on the network.

Network detection and response solution

We believe that enterprise IoT is a strong fit for ExtraHop's network detection and response solution. Not only do we discover the presence of IoT devices, identifying make and model, but we also automatically segment into peer groups to detect suspicious behaviors and potential threats.” said Jesse Rothstein, CTO and co-founder at ExtraHop.

Reveal(x) enables organizations to truly understand the level of risk a device poses and provides situational awareness of the environment.” Enterprise IoT Security features are now globally available with ExtraHop Reveal(x) platform.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version

In case you missed it

How Does Audio Enhance Security System Performance?
How Does Audio Enhance Security System Performance?

Video is widely embraced as an essential element of physical security systems. However, surveillance footage is often recorded without sound, even though many cameras are capable of capturing audio as well as video. Beyond the capabilities of cameras, there is a range of other audio products on the market that can improve system performance and/or expand capabilities (e.g., gunshot detection.) We asked this week’s Expert Panel Roundtable: How does audio enhance the performance of security and/or video systems? 

What Are The Mainstream Uses For Thermal Cameras?
What Are The Mainstream Uses For Thermal Cameras?

The high cost of thermal imaging cameras historically made their use more likely in specialized law enforcement and military applications. However, lower pricing of thermal imaging technologies has opened up a new and expanding market for thermal cameras in the mainstream. We asked this week’s Expert Panel Roundtable: What are the new opportunities for thermal cameras in mainstream physical security?

Identiv Unveils Cloud Access Control and Frictionless Mobile Solution
Identiv Unveils Cloud Access Control and Frictionless Mobile Solution

Even though ISC West 2020 was canceled, many of the product introductions planned for the trade show still happened. For example, physical security and secure identification company Identiv introduced the Hirsch Velocity Cirrus and MobilisID. Hirsch Velocity Cirrus is a cloud-based Access Control as a Service (ACaaS) solution. It is an optimal solution for both end-users and integrators, with lower upfront costs, reduced maintenance, enhanced portability, and the future-proof assurance of automatic security updates and feature sets. Smart mobile physical access control solution Identiv’s MobilisID is a smart mobile physical access control solution that uses Bluetooth and capacitive technologies to allow frictionless access to a controlled environment without the need to present a credential. We caught up with Jason Spielfogel, Identiv’s Director of Product Management, to discuss the new products and other topics. Q: How is Identiv positioned in the market as a whole? What philosophy drives your product offerings? What vertical markets do you target? Every customer needs every one of these components Spielfogel: Identiv provides a total solution. Our platforms provide access control hardware and software, video surveillance and analytics, door access readers, and ID credentials, both cards and mobile, for a variety of vertical markets: Federal government, state, local and education government agencies (SLED), healthcare, schools, banks/financial services, retail, airports and transportation, and infrastructure. Every customer needs every one of these components in every physical security deployment, and we ensure that all parts are working together at all times, even as technology continues to evolve. With that said, our philosophy is very customer-centric, and we position ourselves as a trusted partner. Our products and technology platform always strive to reflect and anticipate the environment our customers are facing, both in terms of technical requirements and functional capabilities. Q: How does the MobilisID system eliminate "friction?" Spielfogel: Identiv’s MobilisID eliminates the “friction” of access control by forgiving the user from presenting a physical credential to the reader. A simple wave of their hand over the MobilisID reader establishes a connection, and the reader reads their mobile device’s credential from the MobilisID app.  No badge or access card to read, and no contact with the reader, makes this a frictionless access control experience. Administrative friction is also eliminated because there is no physical credential to issue or withdraw; it’s all done via the MobilisID Manager. Q: Discuss the advantages of Bluetooth over competing technologies. Bluetooth offers a blend of reliability and specificity Spielfogel: There are two primary competing technologies: WiFi and Near Field Communication (NFC). The problem with WiFi is that it’s not location-specific. In other words, the WiFi router can’t tell which door the user is near. NFC has the opposite problem in that it’s impossible to get credential reads unless the phone is presented within an inch or two of the reader. Bluetooth offers a blend of reliability and specificity to create frictionless access. Q: "Touchless" has always been a big selling point. Doesn't the coronavirus improve the outlook for these systems even more? Spielfogel: The coronavirus certainly highlights the value of frictionless access. But the vast majority of access systems today use proximity which was already touchless. But for systems using touchpads or contact-based credentialing, certainly frictionless is offering some alternatives that would help keep employees and visitors safer in the current climate. Q: How else might the current pandemic change the security market forever (i.e., more teleworking?) Spielfogel: Permanent changes are not likely, but it does force security directors to rethink how their employees interact physically with systems for both physical and logical access. As a result, we might see accelerated adoption of some emerging technologies, such as greater use of mobile logical access solutions, as well as frictionless physical access control. We’ve already seen an uptick in our smart card reader and token line and our Thursby enterprise and personal mobility offering during the coronavirus pandemic. Q: There are a lot of cloud systems in the access control space. How is your Cirrus cloud product different? Velocity already has all those features Spielfogel: Cirrus is different from many others in that it’s built on one of the most mature, feature-rich, secure physical access solutions available today – Hirsch hardware and Velocity Software. While many competitors are scrambling to add features to their relatively new ACaaS platforms, Velocity already has all those features. While they are building up their encryption capabilities and cybersecurity testing, we’ve already been doing that for two decades. We certainly have some more development ahead of us for Cirrus, but most of it is just surfacing features we already have into the Cirrus interface. Q: How do you guide customers as their needs change? Spielfogel: Whether users want solutions that are on-prem, in the cloud, or anything in between, Identiv’s full architecture ensures that customers can adopt and migrate to new solutions as they see fit. No two customers are alike, so providing the flexibility to gradually update or change systems is a real differentiator. Our competitors either want customers to jump all at once to the cloud or push to keep everything on-prem/legacy. CSOs and CISOs live in a different world: They've got it all to deal with.  We're there with them across all of it, because that's the true reality.