ExtraHop secures IoT in enterprise deployments – Technologist
Cloud-native network detection and response provider ExtraHop has introduced new features that enables secure adoption and implementation of IoT in the enterprise.
IoT reduces operational friction, making businesses more efficient and employees more productive. But this comes at a cost. IoT moves computing power to the edge, vastly expanding the enterprise attack surface, and without visibility into what devices are connecting to the network and what resources they are accessing, it leaves organisations vulnerable to threats.
With newest IoT security capabilities to its flagship product ExtraHop Reveal, the company now provides advanced discovery, classification and behaviour profiling for enterprise IoT devices, providing visibility across device and service layers.
ExtraHop said its new features provides complete visibility, detection, and response across the attack surface without the need to implement narrow point solutions.
Fernando Montenegro, principal analyst for information security at 451 Research, said IoT security is an imperative in the light of expanding IoT deployments in enterprise environments.
“Our research points to consistent growth in enterprise IoT usage which, along with other enterprise initiatives, has led to a growing attack surface,” he said. “This leads to increased demands from enterprise security teams for visibility into network traffic, analysis for detection of threats, followed by remediation as needed.”
Putting security ahead of IoT deployments
ExtraHop specialises in cloud-native network detection and response to secure the hybrid enterprise, using an approach that applies advanced machine learning to cloud and network traffic. Among its well-known customers include The Home Depot, Credit Suisse, Liberty Global, and Caesars Entertainment.
Its new enterprise IoT security features are now globally available with ExtraHop Reveal(x) platform.
“We believe that enterprise IoT is a strong fit for ExtraHop’s network detection and response solution. Not only do we discover the presence of IoT devices, identifying make and model, but we also automatically segment into peer groups to detect suspicious behaviours and potential threats.” said Jesse Rothstein, CTO and co-founder at ExtraHop. “Reveal(x) enables organisations to truly understand the level of risk a device poses and provides situational awareness of the environment.”
Some of the new IoT security features in ExtraHop Reveal include:
- Continuous Device Discovery and Classification discovers, identifies, and profiles all IoT devices and services to deliver complete visibility without friction to IT and Security Operations teams.
- Device Behaviour Profiling extracts rich L2-L7 data from network and cloud traffic, enabling deeper analysis across devices at the service level. When paired with cloud-scale machine learning from ExtraHop, this data is correlated with other network events to rapidly and accurately detect threat patterns for immediate response. This provides organisations with continuous behavioural monitoring and detection for IoT devices such as VoIP phones, printers, IP cameras, wearables, and smartboards.
- Guided Investigation automatically gathers contextual information, related detections, and packet level details into a single workflow to streamline and accelerate response actions, enabling security analysts and threat hunters to quickly determine the impact and scope of an IoT event and easily drill into forensic level details.
- IoT Security Hygiene helps security and IT operations teams address issues such as IoT devices and services using unencrypted communications, and when discovered, can automate response actions with other systems like creating a ticket or isolating devices on the network.