Latest news with #RobGreer
Business Wire
6 days ago
- Business
- Business Wire
Magic Quadrant™ for Network Detection and Response
SEATTLE--(BUSINESS WIRE)-- ExtraHop, a leader in modern network detection and response (NDR), today announced that it has been named a Leader in the inaugural Gartner Magic Quadrant for Network Detection and Response. In addition, ExtraHop has also been recognized as a Leader in both The Forrester Wave™: Network Analysis And Visibility, Q2 2023 and the IDC MarketScape: Worldwide Network Detection and Response 2024 Vendor Assessment. ExtraHop is revolutionizing enterprise security with its modern NDR platform, a consolidated solution that uniquely combines the power of NDR, network performance management (NPM), intrusion detection (IDS), and forensics. This dynamic integration offers organizations the most comprehensive NDR offering in the market, delivering complete visibility across hybrid cloud and on-premises networks with rich, contextual insights that help SOC teams quickly detect and respond to threats. As a Leader in the Gartner Magic Quadrant for NDR, ExtraHop was evaluated for its Completeness of Vision and Ability to Execute. ExtraHop also has the second highest revenue in NDR for the 2024 fiscal year, according to the Gartner Market Share: Overall Enterprise Network Equipment Market, Worldwide, 4Q24 and 2024. This is the third year in a row that ExtraHop has the second highest revenue in NDR. 'We are energized by the momentum in the NDR market, a space where ExtraHop has been recognized as a Leader by Gartner, Forrester, and IDC,' said Rob Greer, CEO, ExtraHop. 'For nearly two decades, ExtraHop has been synonymous with unparalleled visibility, real-time insights, and the most in-depth network telemetry that drives real results. That kind of legacy provides a strong foundation for us to continue to evolve and develop modern NDR solutions that are tackling SOC teams' biggest pain points.' The ExtraHop NDR platform enables customers to: Consolidate security tools with an enterprise-grade solution: Unify network traffic analysis across complex, hybrid enterprise networks with the industry's first all-in-one sensor. Streamline operations with centralized network visibility and analysis: Go beyond threat detection - manage the attack surface, determine blast radius, conduct thorough forensics, monitor performance, and so much more - with an integrated platform approach. Stop more threats with in-depth network insights: Spot suspicious activity faster than other solutions with the ability to decrypt encrypted traffic, decode 90+ protocols, and analyze full network packets in real time, at cloud-scale. Enhance existing investments with a robust integration ecosystem: Correlate rich network insights with partners like CrowdStrike, Netskope, and Palo Alto Networks to streamline workflows and automate response. Boost SOC productivity with industry-leading AI features: Prioritize alerts, threat hunt, and automate investigations and response with a comprehensive suite of intelligent AI capabilities. To read a complimentary copy of the 2025 Gartner Magic Quadrant for Network Detection and Response, click here. Additional Resources See why ExtraHop was named a Leader by IDC and received the highest strategy rating in the IDC MarketScape: Worldwide Network Detection and Response 2024 Vendor Assessment. Read why ExtraHop was named a Leader by Forrester - earning the highest possible scores in 20 out of 29 criteria - in The Forrester Wave™: Network Analysis And Visibility, Q2 2023. IDC MarketScape: Worldwide Network Detection and Response 2024 Vendor Assessment (doc #US51752324, November 2024) The Forrester Wave™: Network Analysis And Visibility, Q2 2023, Forrester Research, Inc, June 27, 2023 Gartner, Magic Quadrant for Network Detection and Response 2025, By Thomas Lintemuth, Esraa ElTahawy, John Collins, Charanpal Bhogal, 29 May 2025 Gartner, Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 4Q24 and 2024, By Christian Canales and Gurjyot Uppal, 30 April 2025 Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, MAGIC QUADRANT is a registered trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. About ExtraHop ® ExtraHop empowers enterprises to stay ahead of evolving threats with the most comprehensive approach to network detection and response (NDR). Since 2007, the company has helped organizations across the globe extract real-time insights from their hybrid networks with the most in-depth network telemetry. ExtraHop uniquely combines NDR, network performance management (NPM), intrusion detection (IDS), and forensics in a single, integrated console for complete network visibility and unparalleled context that supports data-driven security decisions. With a powerful all-in-one sensor and cloud-scale machine learning, the ExtraHop RevealX TM platform enhances SOC productivity, reduces overhead, and elevates security postures. Unlock the full power of network detection and response with ExtraHop. To learn more, visit or follow us on LinkedIn. © 2025 ExtraHop Networks, Inc., RevealX, RevealX 360, RevealX Enterprise, and ExtraHop are registered trademarks or trademarks of ExtraHop Networks, Inc.
Forbes
17-04-2025
- Business
- Forbes
19 Tech Experts Detail Emerging APT Tactics (And How To Prepare)
getty The thought of a successful cyberattack is a sobering one for any business, but even more alarming are advanced persistent threats. Through these sophisticated attacks, a bad actor infiltrates a network and is able to linger for an extended period of time, undetected, accessing sensitive data, disrupting operations or even conducting ongoing surveillance. Carefully planned and often tailored to specific industries and technologies, APTs are evolving and growing in number, with cloud migration, remote workplaces and increased reliance on third-party vendors expanding the attack surface. Below, members of Forbes Technology Council detail emerging APT tactics digital organizations must be ready for and how to prepare. Browsers have emerged as a significant threat vector. The significant majority of our work time is spent within browsers. As the use of SaaS applications continues to grow, the number of locations where sensitive data is stored expands, making it more challenging to secure data and leaving IT and security teams struggling to keep up. Our inability to mitigate browser-based threats poses critical risk for our organizations. - John Carse, SquareX Threat actors are weaponizing EDR bypass tools (or 'EDR killers') to launch their attacks, as seen in recent attempts by RansomHub. Threats that evade perimeter controls, however, must still cross the network—which can't be tampered with. Have a layered defense that includes network visibility to identify unusual patterns that could indicate malicious behaviors so attackers have nowhere to hide. - Rob Greer, ExtraHop Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify? AI supports every phase of an attack, including command-and-control (C2) beaconing. If your security mostly relies on machine learning systems based on rules and known indicators, you're exposed. Most enterprises should expect their counterparties to be repeatedly hacked—until we all embrace adaptive deep learning as a defense. - Evan Powell, Deep Tempo APT groups will weaponize deepfake-driven phishing even further. AI-generated voices and videos will impersonate executives, bypassing traditional identity verification and social engineering defenses. Organizations must implement multifactor biometric authentication, behavioral analytics and AI-driven anomaly detection that can flag even the most subtle inconsistencies. - Aditya Patel, Amazon Web Services (AWS) Cloud collaboration tools are increasingly being weaponized. Attackers 'live off the land' using trusted platforms like Microsoft 365 to evade detection. To combat this, organizations should implement strong multifactor authentication and behavioral analytics for cloud environments and train employees to recognize suspicious activity in the tools they rely on for daily collaboration. - Gergo Vari, Lensa, Inc. Advances in generative AI have become sophisticated, making social engineering attacks more convincing and challenging to detect. Identity-driven security, such as phishing-resistant authentication and verification, plays a crucial role in mitigating social engineering attacks by focusing on verifying and validating the identities of users and entities involved in digital interactions. - Venkat Viswanathan, Okta APTs are increasingly targeting backup and disaster recovery systems to sabotage recovery efforts. Organizations must implement immutable backups, enforce zero-trust access, regularly test recovery plans and use AI-driven threat detection to ensure cyber resilience. - Aliasgar Dohadwala, Visiontech Systems International LLC APT groups are increasingly leveraging infostealer malware to harvest credentials and session cookies, allowing them to bypass multifactor authentication and maintain stealthy access. To defend against this, organizations must monitor for stolen credentials, detect and invalidate compromised sessions, and enforce adaptive authentication to prevent attackers from exploiting legitimate user identities. - Damon Fleury, SpyCloud A rising APT tactic is supply chain attacks, where hackers exploit third-party vendors and software dependencies to breach networks. To counter this, organizations must conduct strict vendor assessments, enforce zero-trust security, implement continuous monitoring and strengthen incident response to safeguard critical systems and data. - Sanjoy Sarkar, First Citizens Bank While open-source AI models are a goldmine for software developers, they are equally attractive to cybercriminals for embedding malware. Organizations need to be able to discover which models are being used within their applications, and how they're being used, to screen them for security risks and enforce policies over which models can and cannot be used. - Varun Badhwar, Endor Labs Prepare for AI-driven APTs that autonomously adapt to security defenses. These attacks learn from detection attempts and modify their techniques to remain hidden. Prepare by implementing AI-based defense systems, conducting adversarial simulations, developing response playbooks, embracing zero-trust architecture and investing in threat intelligence for early warnings of new attack methods. - Priya Mohan, KPMG An emerging APT tactic is adversarial AI attacks, where threat actors manipulate machine learning models to evade detection or generate false insights. Organizations should prepare by securing AI training data, implementing robust anomaly detection and continuously stress-testing models against adversarial inputs. Strengthening AI governance and investing in explainable AI will enhance resilience. - Sai Vishnu Vardhan Machapatri, Vernus Technologies Attackers are deploying zero-click exploits—which require no user interaction—to infiltrate mobile devices, Internet of Things systems and critical infrastructure. Enterprises need continuous endpoint monitoring, hardware-level security enforcement and AI-driven anomaly detection for connected devices. - Vamsi Krishna Dhakshinadhi, GrabAgile Inc. An emerging APT tactic involves targeting unmanaged digital assets (that is, shadow IT) and poisoning AI training data to manipulate outcomes. Organizations should conduct regular audits to identify and secure shadow IT, enforce strict governance over digital tools, validate AI data pipelines and implement anomaly detection to ensure data integrity before model training. - Mark Mahle, NetActuate, Inc. A new APT tactic to watch for is adversary-in-the-middle (AiTM) attacks, where threat actors intercept and manipulate real-time communications to bypass authentication and hijack sessions. To prepare, organizations should implement phishing-resistant multifactor authentication, monitor session integrity and deploy AI-driven anomaly detection to flag unauthorized access attempts before they escalate. - Roman Vinogradov, Improvado APTs will increasingly target data governance gaps rather than technical systems. Organizations should prepare by establishing comprehensive data inventories and clear data lineage. When you know what data you have, who can access it and how it flows through systems, you eliminate the 'dark corners' where threats hide. - Nick Hart, Data Foundation Organizations must prepare for 'AI poisoning,' where attackers manipulate machine learning models by injecting corrupted data into training sets. This can lead to biased and incorrect results, eventually distorting fraud detection and security defenses. Organizations must implement robust data validation pipelines and regularly and proactively audit AI models for anomalies. - Harini Shankar Cloud-native attack chains are a rising advanced persistent threat trend. These use cloud services for stealthy, complex attacks that evade traditional defenses. Organizations must implement cloud workload protection (CWP), continuous API monitoring and SIEM that correlates cloud-native logs. Microsegmentation and least-privilege access are also vital to limit lateral movement. - Pradeep Kumar Muthukamatchi, Microsoft Attackers with long-term footholds in networks performing data exfiltration are a major concern. To combat this, businesses should implement zero-trust architectures to limit lateral movement and use next-generation firewalls that analyze traffic patterns to new or untrusted locations. - Imran Aftab, 10Pearls
