ExtraHop^® Launches New AI Tools for SOC Analysts

SEATTLE--(BUSINESS WIRE)--ExtraHop^®, a leader in cloud-native network detection and response (NDR), today announced a powerful set of AI tools in the RevealX™ platform designed to automate SOC workflows and relieve analyst fatigue.

Against the backdrop of a rapidly expanding threat landscape and alert overload, SOC analysts are increasingly overworked and under-resourced. To overcome these challenges, many are looking to AI; according to the 2024 Global Cyber Confidence Index, 38% of security decision-makers said using AI and machine learning to help manage and mitigate cyber risk is a top priority for their organization this year.

Building upon Smart Triage, which helps SOC analysts prioritize detections, these new AI capabilities extend the power of AI throughout the threat detection, investigation, and response (TDIR) lifecycle.

Accelerate Threat Hunting with AI Search Assistant

The new generative AI-powered search assistant from ExtraHop serves as SOC analysts’ threat hunting companion, enabling teams to search for indicators of attack through an AI-powered natural language search interface so they can detect threats faster. With AI Search Assistant, analysts can quickly gain a better understanding of their attack surface with queries like, “Which workstations are not running an endpoint agent” or “Which devices have attributes associated with a known security threat.” The search assistant also suggests relevant queries based on the analyst’s environment and what it deems potentially risky.

“As SOC analysts find themselves more resource-strapped than ever before, the generative AI search assistant from ExtraHop offers immediate value via simple, conversational searches that help quickly locate potential threats,” said Chris Kissel, Research Vice President, Security and Trust, IDC. “ExtraHop continues to build upon its proprietary AI and machine learning capabilities, and is driving an innovative approach to threat detection that helps organizations identify security issues before it’s too late.”

Reduce Time to Respond with Smart Investigations

Smart Investigations utilizes ExtraHop’s industry-leading machine learning architecture to automatically generate investigations by correlating detections that map to high-risk attack patterns. Informed by real-time network insights, Smart Investigations prioritizes the most critical threats, accelerating investigation and response times so organizations can keep operations running.

“AI is inherent to ExtraHop’s DNA, having been baked into our product since day one,” said Kanaiya Vasani, Chief Product Officer, ExtraHop. “SOC analysts can now apply AI to automate the more mundane and time-consuming functions often bogging them down, like threat hunting, alert correlation, and triage. Recouping the time and resources often spent on these tasks, enterprises can focus on tackling critical threats to more effectively manage their cyber risk.”

To learn more, visit our blog.

About ExtraHop^®

ExtraHop is the cybersecurity partner enterprises trust to reveal cyber risk and build business resilience. The ExtraHop RevealX™ network detection and response (NDR) platform uniquely delivers the unparalleled visibility and decryption capabilities that organizations need to investigate smarter, stop threats faster, and move at the speed of risk. Learn more at www.extrahop.com.

© 2024 ExtraHop Networks, Inc., RevealX, RevealX 360, RevealX Enterprise, and ExtraHop are registered trademarks or trademarks of ExtraHop Networks, Inc.