ExtraHop Adds AI To Bolster Threat Detection For AWS

Cloud Security

ExtraHop’s Reveal(x) 360 product now utilises AI for network telemetry analysis, to better defend and secure Amazon Web Services (AWS)

Network detection and response provider ExtraHop has extended the power of its Reveal(x) 360 product to provide threat visibility for Amazon Web Services (AWS).

The Seattle, Washington-based firm said that Reveal(x) 360 for AWS “now applies advanced AI to all network telemetry sources,” so as to provide “continuous visibility of malicious activity without requiring dev resources.”

Detecting threats is increasingly important in light of the warning this week from US President Joe Biden, that Russia is exploring cyberattack options, but the US would use “every tool” to prevent and respond to such a move.

ExtraHop Cloud Threat Defence Overview

AI capabilities

ExtraHop says the fact that Reveal(x) 360 now applies advanced AI to layers of network telemetry allows it to create a “threat heatmap” purpose-built to detect and stop advanced attacks like double-extortion ransomware and software supply chain attacks.

Advanced threat detection helps security teams to tackle hotspots of malicious activity without requiring developer time or resources, said ExtraHop.

ExtraHop Cloud Threat Defence Threat Heat Map

The firm also pointed out that cloud security teams are outnumbered and the traditional approach of prevent-and-protect can’t keep pace with modern advanced attack techniques.

It cited the IBM-Ponemon Institute 2021 Cost of a Data Breach report, which showed that the cost of public cloud breaches far exceeds that of breaches in hybrid environments, costing, on average, $1.19 million more per incident.

Organisations with high levels of cloud migration in general experienced costlier breaches, with the average cost of a breach for cloud-mature organisations hovering at just over $5 million, compared to $3.46 million for organisations with low levels of cloud adoption.

“We live in an era of large attack surfaces and frequent business compromise,” said Jesse Rothstein, co-founder and CTO at ExtraHop. “Organisations need to assume that attackers are actively operating inside their cloud environment, moving laterally and evading traditional security controls.”

“ExtraHop Reveal(x) 360 was purpose-built to covertly and reliably detect malicious behaviour,” Rothstein added. “With the introduction of a new subscription tier for AWS, we’re expanding our high-fidelity detection, threat hunting, and investigation capabilities in cloud environments without adding friction for dev teams or the organisations that need to innovate with speed and agility.”

Hybrid working

Safeguarding cloud installations is especially important considering many organisations are nowadays opting for a hybrid working practices.

And in a post Covid world, many firms now allow their staff to split their work week with three days or less in the office, and the rest working remotely (usually at home).

This has increased demand for cloud services and last week Amazon Web Services (AWS) announced a significant investment in the UK over the next two years.

It said it would spend more than £1.8 billion in the next two years building and operating data centres in the UK in order to meet the growing needs of its customers.