Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
68 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Hands down the best NDR in the field, period.
What do you like best about the product?
Prompt customer service and continued best practice initives
What do you dislike about the product?
We operate with multiple data centers, we are currently working on a plan to get another data feed into the platform. Id like to see more done in this area to support other companies that are set up like we are.
What problems is the product solving and how is that benefiting you?
We couldn't see traffic across the wire, only in and out from the firewall. With ExtraHop we can see EXACTLY where our data is going, what its doing and help ensure uptime for critical business apps.
Recommendations to others considering the product:
Full stop, this is THE example of what an NDR should be. Look no further.
This is the way
What do you like best about the product?
The insight provided by the appliance and Trigger capabilities
What do you dislike about the product?
The Bundles provided by ExtraHop have not been updated with new content recently.
What problems is the product solving and how is that benefiting you?
Ransomware awareness/prevention, better grasp on IoT and OT devices in our environment, device isolation based on configured triggers, and developers are using the appliance to troubleshoot, too.
Recommendations to others considering the product:
Don't take my word for it, give it a test drive. Or better yet, do a bake-off with a competitor and see the difference for yourself.
Visibility into network activities that we've never had before
What do you like best about the product?
Network mapping and notification of anomolous/potentially harmful traffic
What do you dislike about the product?
Our network is constantly changing, so constant reconfiguration of nTAPs and aggregators to achieve most comprehensive visibility is time consuming.
What problems is the product solving and how is that benefiting you?
ExtraHop allows our Authorizing Official to feel more comfortable accepting some risk when temporarily hosting systems that we do not own/manage.
Great network analysis tool
What do you like best about the product?
The most helpful thing about ExtraHop is the user interface and the comprehensive search bar.
What do you dislike about the product?
The Reveal(x) needs a lot of fine-tuning
What problems is the product solving and how is that benefiting you?
We are looking into network flows and network traffic statistics as our primary use case. The dashboards have been great for giving us this information.
Chief Information Security Officer
What do you like best about the product?
RevealX's ability to clear out the white noise and correlate events to pinpoint threat activities on my networks.
What do you dislike about the product?
The need for multiple taps to help data correlation activities. Unfortunately, I do not see a way around this currently.
What problems is the product solving and how is that benefiting you?
Identification and correlation activities.
Recommendations to others considering the product:
Ensure that you scope your environments appropriately and size your appliance accordingly.
Visibility you didn't know you needed
What do you like best about the product?
It provides a clear indication of what is going on; on the wire, the network, app dev and security teams can see the same unbiased point of view
What do you dislike about the product?
It takes additional infrastructure to get the most value out of the tool.
What problems is the product solving and how is that benefiting you?
Application performance problems to time to resolution decreased by 40%, since everyone can agree on what it is not. Less finger-pointing about where the problem lies.
One of the Best Tools in the Network Visibility Space
What do you like best about the product?
Extrahop does exactly what it says it will do - analyze traffic live on the wire and present that traffic in easily digested formats, broken down by various metrics. The addition of Reveal(X) to capture potentially risky traffic helps our security incident teams correlate and track down quicker.
What do you dislike about the product?
Extrahop has an avenue it needs to deep dive into immediately, and that's inspecting, categorizing, risk scoring, and using external database data for a deep dive into IIoT/IoT devices. Currently, it can see the traffic on the wire, but the behaviors and risks behind IoT devices will overtake the standard known IT hardware in a few years. Given that these devices are already presenting significant risks to enterprises, they could become indispensable by becoming the masters of IoT devices.
Not necessarily Extrahop's fault as it is a problem with any of these solutions, but aggregating traffic in a large enterprise is not only challenging but an expensive endeavor. There are plenty of networks we want to see but cannot afford to increase the number of EDAs. As a work-around, we use packet brokers to decrease the traffic flows to those we care about to ensure we don't massively oversubscribe the devices.
Not necessarily Extrahop's fault as it is a problem with any of these solutions, but aggregating traffic in a large enterprise is not only challenging but an expensive endeavor. There are plenty of networks we want to see but cannot afford to increase the number of EDAs. As a work-around, we use packet brokers to decrease the traffic flows to those we care about to ensure we don't massively oversubscribe the devices.
What problems is the product solving and how is that benefiting you?
We are using ExtraHop for both performance and security purposes. The developers and networking teams use ExtraHop to detect and remediate performance issues. Security teams use ExtraHop as both a correlation/evidence source and for detecting odd, insecure behaviors before they become problems. Using ExtraHop as the primary source, we have detected devices behaving badly that would never have been seen before.
NIDS like no other
What do you like best about the product?
ExtraHop gives you insight into your network like no other. This tool provides you with actionable information without the noise. The threat briefs allow you to see if your exposure to current significant threats quickly.
What do you dislike about the product?
Not much that I do not like about the tool, the issues that I have experienced with it were dealing with engineers deploying the tool and not the tool itself.
What problems is the product solving and how is that benefiting you?
Significantly enhanced network visibility, asset inventory.
key to success in monitoring and response
What do you like best about the product?
this tool gives me key insight into my network and helps me identify unknown assets and compromises in real time where i have gaps in my edr coverage. it also provides more data when pivoting from my edr tool. i deploy this tool at every company i work at.
What do you dislike about the product?
i love everything about this tool, great alerts, easy to tune and great interface.
What problems is the product solving and how is that benefiting you?
unknown assets, provide extra network data when investigating any alerts.
Security Analyst
What do you like best about the product?
Simplicity. It was very easy and fast to get Reveal(x) and trace up and running. All you need to get right is the feed. Dashboards are easy to use and follow up on alerts.
What do you dislike about the product?
false positives are sometimes hard to filter out.
What problems is the product solving and how is that benefiting you?
Visibility into network activity and forensics.
showing 41 - 50