Network detection and response, or NDR solutions, use behavioral analytics, machine learning and anomaly detection to give security teams deep visibility into east-west traffic. This strategy empowers organizations to deter advanced threats, including lateral movement, data exfiltration and insider attacks.
ExtraHop Networks Inc. and CrowdStrike Holdings Inc. are partnering to strengthen NDR solutions and shift organizations away from reactive, signature-based security. The goal is to deliver proactive, intelligent defenses that detect threats earlier, limit damage and provide actionable insights, according to Kanaiya Vasani (pictured), chief product officer of ExtraHop.
ExtraHop’s Kanaiya Vasani talks with theCUBE about the power and effectiveness of NDR solutions.
“ExtraHop is a market leader in what we would call network detection and response solutions,” Vasani said. “We think of network detection and response as a platform that enables all kinds of use cases that depend on network telemetry, use cases ranging from observability to threat detection, to application performance assurance, to gathering forensic evidence in your infrastructure, doing identity investigations [and] cloud investigations. We are to the network what CrowdStrike is to the endpoint. We have a great partnership.”
Vasani spoke with theCUBE’s Dave Vellante and Rebecca Knight at Fal.Con, during an exclusive broadcast on theCUBE, News Media’s livestreaming studio. They discussed how NDR solutions are changing enterprise security, with ExtraHop emphasizing proactive detection and telemetry-based threat insights. (* Disclosure below.)
Strengthening cybersecurity with NDR solutions
NDR solutions integrate with security information and event management systems, endpoint protection and threat intelligence feeds to establish baselines across all layers of the network — from packet flows to application transactions. ExtraHop detects anomalies and feeds insights into next-generation SIEMs, such as CrowdStrike, to deliver context-rich alerts and coordinated responses that improve security posture, according to Vasani.
“They have an endpoint agent that collects telemetry from the endpoint, feeds any anomalous behavior they see from an endpoint standpoint into a SIEM, and now they have a next-gen SIEM product as well,” he said. “We do the same. We have sensors that are deployed across your hybrid multi-cloud footprint, physical sensors, virtual sensors [and] cloud-hosted sensors. We collect telemetry from the network, so we see everything that goes through your network.”
Integrating ExtraHop’s NDR with CrowdStrike’s endpoint detection and response gives organizations an extended detection and response framework that strengthens enterprise security, according to Vasani. The integration enhances threat detection, investigation and response by providing faster, context-rich insights from network telemetry, which streamlines workflows and boosts operational efficiency.
“Two or three pain points come up,” Vasani said. “One is this gap they have in detection. They have deployed all the different security tools out there, and they are still getting hacked. We are looking to fill that gap, at least by providing them yet another window into what is happening in their infrastructure through network detection and response. The second big pain point is [that] it’s the traditional alert fatigue in the [security operations center]. That’s what we are doing with CrowdStrike. Everything we know about a device is packaged up, available to CrowdStrike, in their Falcon store, or their next-gen SIEM, through an [application programming interface].”
Here’s the complete video interview, part of News’s and theCUBE’s coverage of Fal.Con:
(* Disclosure: TheCUBE is a paid media partner for Fal.Con. Neither ExtraHop Networks Inc., the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or News.)
Photo: News
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About News Media
Founded by tech visionaries John Furrier and Dave Vellante, News Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
