Sold by: ExtraHop Â
Deployed on AWS
Quickly identify, investigate, and respond to threats with SaaS-based RevealX, an agentless network detection and response (NDR) solution for cloud and hybrid security.
Overview
Stop threats, reduce risk, and build resilience with SaaS-based RevealX network detection and response (NDR). RevealX enhances situational awareness with network intelligence to power faster detection and response of malicious activity like lateral movement, command and control communication, and data exfiltration.
RevealX continuously discovers and monitors assets across multi-cloud and hybrid environments, including rogue or unmanaged endpoints and shadow AI. With access to historical metadata, packet-level forensic detail, and streamlined investigation workflows, you can quickly determine the scope of security incidents.
Available PCAP and access to 30, 90, 180, or 365 days of transaction records enables fast, thorough forensic investigation and threat hunting.
RevealX integrates with Amazon VPC Traffic Mirroring to provide agentless infrastructure-as-a-service (IaaS) runtime security, as well as with VPC Flow Logs and Amazon Security Lake.
RevealX also integrates with EDR, NG-SIEM, SASE, and other security tools from industry-leading vendors like CrowdStrike, Splunk, Netskope, and more.
In addition to NDR and PCAP, RevealX offers intrusion detection (IDS) and network performance (NPM) capabilities in a single platform to reduce tool sprawl and consolidate vendors.
Please contact us for custom pricing.
Highlights
- AI-optimized Workflows: Accurately prioritizes detections for rapid triage and enables plain language queries.
- Out-of-band Decryption: Decrypts SSL/TLS 1.3 PFS-encrypted traffic and decodes 90+ protocols to remove blind spots and enhance security coverage.
- Tool Consolidation: Combine NDR, IDS, PCAP, and performance monitoring in a single, cloud-hosted platform.
Details
Sold by
Delivery method
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata. Review certifications and security standards before purchase.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Flow Log Subscription | Real-time analytics of VPC Flow Logs to identify advanced attacks. | $15,000.00 |
RevealX 360 | Real-time analytics of network packets to identify advanced attacks. | $100,000.00 |
Vendor refund policy
All payment obligations are non-cancelable and all amounts paid are non-refundable.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
RevealX Network Detection and Response We designed support services to meet you at every stage of your hybrid security journey.
Contact ExtraHop Support: https://www.extrahop.com/support/Â or call us at 877-333-9872 (US)
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Quickly identify, investigate, and respond confidently to cyber risk with SaaS-based RevealX, an agentless network detection and response (NDR) solution for AWS, hybrid, and multicloud environments.
Reveal(x) 1100v (BYOL)
By ExtraHop
The ExtraHop Cloud Platform delivers real-time visibility into all cloud traffic, backed by advanced machine learning which provides a simplified workflow for incident investigation and immediate response within small VPC deployments.
Reveal(x) 6100v (BYOL)
By ExtraHop
The ExtraHop Cloud Platform delivers real-time visibility into all cloud traffic, backed by advanced machine learning which provides a simplified workflow for incident investigation and immediate response within small VPC deployments.
ExtraHop Packet Basics (Free)
By ExtraHop
ExtraHop Packet Basics is a free PCAP offering for forensic investigations, incident response, and threat hunting.
Reveal(x) 8200v (BYOL)
By ExtraHop
The ExtraHop Cloud Platform delivers real-time visibility into all cloud traffic, backed by advanced machine learning which provides a simplified workflow for incident investigation and immediate response within small VPC deployments.
Reveal(x) Ultra Cloud Sensor 1 Gbps (BYOL)
By ExtraHop
ExtraHop Ultra AWS cloud sensors provide continuous PCAP, decrypt and process network traffic, and extract metadata for behavioral analysis, real-time threat detection, and investigation
Customer reviews
0 ratings
0 AWS reviews
|
68 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Insurance
Complete visibility on network activity
Reviewed on Jul 31, 2025
Review provided by G2
What do you like best about the product?
What I like most about ExtraHop is the ability to monitor and analyze all traffic passing through the network. Generally, companies have strong endpoint controls through tools like EDR; however, network is often limited to firewalls with intrusion detection and intrusion prevention rules. Where I find ExtraHop excels is through complete network visibility by mapping assets, learning network traffic and spotting anomalies, and giving Security Operations teams visibility into what is occurring on their network.
ExtraHop is easy to deploy through either and appliance on physical networks our through a virtual appliance in the cloud. The Customer Success teams are deeply knowledgable and provide great support to customers.
ExtraHop is easy to deploy through either and appliance on physical networks our through a virtual appliance in the cloud. The Customer Success teams are deeply knowledgable and provide great support to customers.
What do you dislike about the product?
Not a dislike but a feature I would like to see is ExtraHop move towards prevention. Currently, the product is good at identifying and detecting suspicious or malicious activity. Prevention can be achieved through integration with tools but it would be nice to have these native to ExtraHop.
What problems is the product solving and how is that benefiting you?
Whenever we perform penetration tests, ExtraHop is always the first tool to detect the activity. Often times, the penetration testers will start their campaigns performing reconnaissance and trying to remain stealthy. Because they are not attempting to exploit vulnerabilities at this stage and may be using legitimate system tools, these actions would usually go unnoticed. By inspecting all network traffic, ExtraHop is quick to determine unusual activity on the network host even if it is not a managed device. The network traffic can be inspected by SOC teams and actions can be taken to contain the suspicious device.
Telecommunications
RevealX from a daily user perspective
Reviewed on Feb 28, 2024
Review provided by G2
What do you like best about the product?
Overall, RevealX is easy to use and provides great visibility into the network. ExtraHop has very thorough documentation and if you can't find what you're looking for the support and training teams are always willing to help. I've experienced a quick turnaround for questions around the product. The training team is excellent at maintain user engagement in a virtual setting. The product is also super customizable which is great for unique use and abuse cases.
I use RevealX almost daily, my top three pros from a technical perspective are the increased visibility of the network, customizing doesn't mean learning a new language, and low barrier to entry for analysts who are new to networking and security.
I use RevealX almost daily, my top three pros from a technical perspective are the increased visibility of the network, customizing doesn't mean learning a new language, and low barrier to entry for analysts who are new to networking and security.
What do you dislike about the product?
My top three cons for the product are that when adjusting baseline metrics, the baseline completely resets and there is a 3-4 week period before the baseline is calculated. Going off the above, it does not perform "lookback" searches for detections, meaning I can't craft a detection today and then see if the logic matches any stored data in the tool. Some of the customization areas need a bit of work so that they tie into the other features of the product.
What problems is the product solving and how is that benefiting you?
ExtraHop enables us to have better visibility. This has resulted in us making configuration changes on hardware and network devices to decrease our attack surface.
Higher Education
ExtraHOP provides visibility to quickly resolve performance and security issues
Reviewed on Feb 21, 2024
Review provided by G2
What do you like best about the product?
ExtraHOP provides great visibility for performance and security issues in our environment. Many of the detections, dashboards, and device groups provide easy starting points for learning to use extraHOP. Then, building custom dashboards and detections is very simple. We use extraHOP every day to assist us resolving problemes. The customer support and partnership we have with extraHOP has been key to our success.
What do you dislike about the product?
You need to really understand your environment from the network layer to the application layers. extraHOP provides many options, but you need to determine what works best for your environment. It does take some time for planning the implementation properly but the planning and design time is worth it.
What problems is the product solving and how is that benefiting you?
extraHOP has helped us solve authentication issues, storage issues, server issues, network performance issues, security problems and other application problems. We had many blind spots and extraHOP has helped us gain visibility to many of our services.
Internet
you get what you pay for
Reviewed on Feb 14, 2024
Review provided by G2
What do you like best about the product?
We've tested the product using reputable 3rd party pentesters manual and automated. And we've compared it with other products. The difference between seeing that you are being compromised and not seeing it is huge. How do you choose a competitive product that is cheaper if it doesn't see that you are being compromised? Or how do you rest at night knowing that you've done everything you can to safeguard your network? Extrahop's visibility is far above the rest.
What do you dislike about the product?
It is pricey. So if you are Misinformed and think that backups, firewalls, and anti-virus solutions are going to save you then you aren't going to understand the price of this product.
What problems is the product solving and how is that benefiting you?
Mainly keeping our company from experiencing a ransomware event. We have staff dedicated to keeping their eye on the product and chasing down alerts 24/7/365.
Jeff H.
One stop shop for network detections and notifications Easy to use and easy to understand.
Reviewed on Feb 05, 2024
Review provided by G2
What do you like best about the product?
I like that ExtraHop identifies the alert in a mannert that is easy to follow. It gives the risk level of the alert, shows the metrics, breaks down the records for the incident, shows the packets involved, and even includes a pcap of the packets that can be used in WireShark to analyze further. It also gives the Mitre techniques as well as mitigation options to mitigate the attack.
What do you dislike about the product?
I haven't found to many things I dislike about ExtraHop. It is not an automated system that will block an attack as it is happening, but it does e-mail out alerts so that I have the ability to begin investigating the incident as soon as possible leading to a faster mitigation scenario.
What problems is the product solving and how is that benefiting you?
As an ISP our network security is very important. ExtraHop is a tool to help ensure we are seeing any attack in realtime, giving us the ability to troubleshoot and mitigate the issue in a speedy manner. We have the abilty to isolate traffic quickly when an issue arises.