SANS Review: Investigate East-West Attacks on Critical Assets with Network Traffic Analysis
Internal threat activities (privilege escalation, lateral movement, etc.) are difficult if not impossible to detect using endpoint and perimeter protection alone. ExtraHop Reveal(x) provides network traffic analysis that helps security analysts efficiently detect and investigate these late-stage threats, as well as proactively improve security hygiene.
SANS Institute put the product through its paces to evaluate the following:
- Intuitiveness of the user interface
- Breach detection and response capabilities
- Proactive hunting of internal threats
- Ability to support hygiene and compliance initiatives
Read the report to learn why SANS Instructor Dave Shackleford says Reveal(x) “does detecting and investigating threats in east-west traffic well” and so much more.