Assistant VP, Idm Compliance at a financial services firm with 1,001-5,000 employees
Real User
Top 10
2025-05-29T12:36:18Z
May 29, 2025
ExtraHop Reveal(x) is a new solution for me, from an NDR SIM perspective, that's a monitoring solution we have just implemented. We are not sure how efficient an NDR is to detect network-level threats; it needs to be explored. At the moment, we don't use the machine learning driven behavioral analysis feature; we're not sure where the data will be hosted and where it will be sent, so we don't want to do any kind of AI-based and machine learning-based decision making. We don't want to decrypt any of the information; it's supposed to be captured based on the network flow of the packets without opening or reading them, considering the sensitive information stored under the packets. I have not put any statistics or metrics to evaluate the effectiveness of ExtraHop Reveal(x) at the moment; it's still on the roadmap. This is an experience from SIM, and many stakeholders also need to be given feedback on the effectiveness, especially to validate with the business if it's blocking any genuine operations which cause an impact or not. So far, I am using only EDR, the Microsoft EDR, for containment and related activities; there is no automation at the NDR level at the moment, but it is in the roadmap for future use. If you have proper network segmentation, then I would recommend going for this kind of NDR monitoring with ExtraHop Reveal(x) as it provides more insights about what is happening in the networks. If you don't have network segmentation and only small subnets of IPs, I suggest not to go for NDR solutions because they won't add any value, even if you have many solutions on your network. I would rate ExtraHop Reveal(x) eight to nine out of ten.
Cyber security specialist officer at a financial services firm with 5,001-10,000 employees
Real User
Top 20
2024-02-15T15:49:00Z
Feb 15, 2024
As for advice or recommendations for someone considering implementing ExtraHop Reveal(x), I'd say it's a good investment, especially considering its price point. It's a great product, particularly for enhancing security measures. Before installing this solution, it's important to consider its compatibility with your existing security infrastructure. While Managed Detection and Response (MDR) solutions are commonly used for comprehensive security, Reveal(x) stands out for its specific strengths in network security. I would rate it 8 out of 10.
If you want to implement the SOC, then you must use the ExtraHop for the SOC operating system. I recommend the solution and rate it a seven out of ten.
Information Security Assurance Engineer at School District of Lee County
Real User
2022-09-07T16:15:13Z
Sep 7, 2022
I rate ExtraHop Reveal(x) 10 out of 10. This is more of a nice-to-have rather than a must-have solution. Something like a CrowdStrike or a next-gen AV is an essential product, whereas NDR is more of a nice-to-have thing. If you only have a little bit of traffic, you're probably not going to get anything out of it. It's better for a medium-to-large enterprise. It's more appropriate for companies wh a massfootprints or industrial applications using use nonstandard devices. It's helpful for things that use SCADA, the Internet of Things, somethingings that don't fit neatly into other management categories. Itty common for industrial, construction, or maintenance devices to be a little lackluster in their security. Major breaches like the Colonial Pipeline hack and attempted hacks on nuclear power plants all went through Internet of Things vulnerabilities and other devices where security wasn't part of their plan. This helps you cover yourself by monitoring the traffic. With something like CrowdStrike, you need to put the CrowdStrike sensor on it, but Reveal(x) looks at everything on the network.
I would say absolutely go for it. It's a well-rounded product. The company is nimble enough to be able to implement change. I would rate it a nine out of ten because there is always room for improvement.
Sales Engineer | Technical Sales | Pre-Sales at SUSE
Vendor
2020-08-12T08:50:00Z
Aug 12, 2020
Generally, I enjoy working with this solution and the teams from ExtraHop. Just be sure that you always attache a service or a dedicated resource to any such solution to get the most value out of it.
We have a relationship with the vendor, and we're also a customer. For those considering implementing the solution, I would advise organizations to engage early with their sales managers and sales engineers, in order to understand these cases. I'd rate the solution nine out of ten.
ExtraHop Reveal(x) is a highly effective network traffic analysis (NTA) solution that leverages a cloud-native architecture to empower organizations to overcome a world filled with increasingly sophisticated threats. It identifies 25% more threats than its competitors. Additionally, organizations that employ Reveal(x) say they resolve issues 77% percent faster than they would if they were using other similar solutions.
ExtraHop Reveal(x) Benefits
Some of the ways that organizations can...
ExtraHop Reveal(x) is a new solution for me, from an NDR SIM perspective, that's a monitoring solution we have just implemented. We are not sure how efficient an NDR is to detect network-level threats; it needs to be explored. At the moment, we don't use the machine learning driven behavioral analysis feature; we're not sure where the data will be hosted and where it will be sent, so we don't want to do any kind of AI-based and machine learning-based decision making. We don't want to decrypt any of the information; it's supposed to be captured based on the network flow of the packets without opening or reading them, considering the sensitive information stored under the packets. I have not put any statistics or metrics to evaluate the effectiveness of ExtraHop Reveal(x) at the moment; it's still on the roadmap. This is an experience from SIM, and many stakeholders also need to be given feedback on the effectiveness, especially to validate with the business if it's blocking any genuine operations which cause an impact or not. So far, I am using only EDR, the Microsoft EDR, for containment and related activities; there is no automation at the NDR level at the moment, but it is in the roadmap for future use. If you have proper network segmentation, then I would recommend going for this kind of NDR monitoring with ExtraHop Reveal(x) as it provides more insights about what is happening in the networks. If you don't have network segmentation and only small subnets of IPs, I suggest not to go for NDR solutions because they won't add any value, even if you have many solutions on your network. I would rate ExtraHop Reveal(x) eight to nine out of ten.
ExtraHop Reveal(x) is highly recommended and very good. It is operationally easy to use. I'd rate the solution nine out of ten.
As for advice or recommendations for someone considering implementing ExtraHop Reveal(x), I'd say it's a good investment, especially considering its price point. It's a great product, particularly for enhancing security measures. Before installing this solution, it's important to consider its compatibility with your existing security infrastructure. While Managed Detection and Response (MDR) solutions are commonly used for comprehensive security, Reveal(x) stands out for its specific strengths in network security. I would rate it 8 out of 10.
In the category of NDR solution, I believe that ExtraHop Reveal(x) comes in the first place. I rate the overall product a ten out of ten.
Overall, I rate ExtraHop Reveal(x) ten out of ten.
I advise others to ensure the solution covers all the use cases. I rate it as a seven.
If you want to implement the SOC, then you must use the ExtraHop for the SOC operating system. I recommend the solution and rate it a seven out of ten.
I rate ExtraHop Reveal(x) 10 out of 10. This is more of a nice-to-have rather than a must-have solution. Something like a CrowdStrike or a next-gen AV is an essential product, whereas NDR is more of a nice-to-have thing. If you only have a little bit of traffic, you're probably not going to get anything out of it. It's better for a medium-to-large enterprise. It's more appropriate for companies wh a massfootprints or industrial applications using use nonstandard devices. It's helpful for things that use SCADA, the Internet of Things, somethingings that don't fit neatly into other management categories. Itty common for industrial, construction, or maintenance devices to be a little lackluster in their security. Major breaches like the Colonial Pipeline hack and attempted hacks on nuclear power plants all went through Internet of Things vulnerabilities and other devices where security wasn't part of their plan. This helps you cover yourself by monitoring the traffic. With something like CrowdStrike, you need to put the CrowdStrike sensor on it, but Reveal(x) looks at everything on the network.
We are partners with ExtraHop. I would rate ExtraHop Reveal(x) a nine out of ten.
I would say absolutely go for it. It's a well-rounded product. The company is nimble enough to be able to implement change. I would rate it a nine out of ten because there is always room for improvement.
Generally, I enjoy working with this solution and the teams from ExtraHop. Just be sure that you always attache a service or a dedicated resource to any such solution to get the most value out of it.
We have a relationship with the vendor, and we're also a customer. For those considering implementing the solution, I would advise organizations to engage early with their sales managers and sales engineers, in order to understand these cases. I'd rate the solution nine out of ten.