• Watch
  • Listen
  • Live Stream
Security Weekly
Security Market Validation
  • Listeners
    • Subscribe
    • Insider List
    • Suggest a Guest
  • Shows
    • Paul’s Security Weekly
    • Enterprise Security Weekly
    • Business Security Weekly
    • Application Security Weekly
    • Security & Compliance Weekly
    • Security Weekly News
    • Tradecraft Security Weekly
    • Secure Digital Life
  • Series
    • CISO Stories
    • Getting the Real Work Done in Cybersecurity
  • Webcasts/Trainings
    • Registration
    • On-demand
  • Articles
  • Partners
    • Become a Partner
    • Landing Pages
    • Bookings
      • Approved Interview Form
      • Approved Interview Form – Returning Guest
      • Conference Collection Form
  • Hosts
  • Company
    • About
    • Contact
    • Careers

Articles/ Cloud Security/ Forensics/ Network Traffic Analysis/ Security Operations

Cloud Native Network Detection and Response

Matt Alderman May 22, 2020

We’ve all heard the phrase “the network never lies”, but as more organizations adopt cloud computing, getting access to the network in the cloud has been challenging.  Initially, cloud services, such as AWS CloudWatch and AWS CloudTrail, allowed you to collect logs, events, and metrics from your cloud environment, but not network packets or flows.  This really limited true network detection and response capabilities that we have become accustomed to in our on-premise networks. 

Cloud computing also accelerated the adoption of hybrid environments where some of your assets are in the cloud and some are on-premise.  Integrating visibility and control of all of your assets is now more challenging than ever, especially with limited visibility in the cloud.

Finally, new capabilities have emerged to help us get network visibility in the cloud.  The first capability was from AWS called VPC Traffic Mirroring, which allows the capture and inspection of network traffic at scale.  In order to support this capability, AWS uses Elastic Network Interfaces (ENIs) as mirror sources.  Just a word of caution, you can only mirror traffic from EC2 instances that are powered by the AWS Nitro system.  Google Cloud has a similar offering called Packet Mirroring and Microsoft Azure has announced support for Azure Virtual Network TAP.

With the cloud providers supporting traffic mirroring, the second capability came from ExtraHop to support cloud native network detection and response.  Reveal(x) 360 (formerly Reveal(x) Cloud) is a SaaS-based network detection and response (NDR) solution for the hybrid enterprise, providing deep and continuous visibility from the inside out.  Designed through close collaboration with all three major Cloud Service Providers, Reveal(x) 360 integrates natively with AWS, Google Cloud, and Microsoft Azure to supplement observable network behavior with on-workload events and logs.

While Reveal(x) 360 fulfills the promise of cloud-first network security with rich insight into all cloud behavior, it also provides the following benefits:

  • effortless cloud asset discovery and classification
  • rapid threat detection, and
  • confident response

To see an overview of ExtraHop Reveal(x) 360, watch the technical segment on Enterprise Security Weekly here.

To see all of ExtraHop’s capabilities live, please watch their on-demand webcast here, or visit securityweekly.com/extrahop for more information.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Facebook (Opens in new window)

Related Posts

linux security

Articles /

How to Defend Linux from Attacks

tea leaves

Cloud Security /

Reading the Application Security Tea Leaves – How to Interpret the Analyst Reports

Wasting Money

Forensics /

Reducing Remediation Costs from a Breach

‹ How Hidden Vulnerabilities Lead to Application Compromise › Protecting Your Application from Abuse

About Security Weekly

Security Weekly is the security podcast network for the security community, distributing free podcasts and media since 2005. We connect the security industry and the security community through our security market validation programs.

More Than Just A Sponsor

We view our relationships with the security industry as partnerships, not sponsorships. Security Weekly works closely with each partner to help you achieve your marketing goals and gain traction in the security market. Interested in becoming a partner? Please visit our partnerships page.

Back to Top

Subscribe To The Blog:

RSS Feed RSS - Posts

Search

Follow Us On Twitter

→ Follow Us
© Security Weekly 2021
Powered by WordPress • Themify WordPress Themes