SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
87% reduction in time to resolve threats with ExtraHop
Thu, 26th Jan 2023
FYI, this story is more than a year old

Cloud-native network detection and response company ExtraHop has announced the results of its Total Economic Impact Of ExtraHop Reveal(x) 360 report. The study, conducted by Forrester Consulting and commissioned by ExtraHop, reveals that a composite organisation made up of ExtraHop customers benefited from an 87% decrease in time to threat resolution, more than $590,000 savings in threat detection and resolution over three years, and a three-year 193% return on investment (ROI).

According to the study, ExtraHop provides measurable benefits for businesses including faster threat detection and resolution, faster response to unplanned outages, reduced downtime from outages, and significant savings from retiring legacy security solutions. Forrester's analysis of the benefits concluded that "Reveal(x)360 decreases time to threat detection by 83% and time to threat resolution by 87%".

Since the Russian invasion of Ukraine, governments and security experts around the world have noticed a significant increase in cyberattack activity. The Cybersecurity and Infrastructure Security Agency (CISA) and other government agencies such as ENISA, CERT-EU, ACSC, and SingCERT have strongly encouraged enterprises to focus on strengthening their overall security postures, starting with reducing the likelihood of a damaging cyber intrusion. One key recommendation made by these agencies is that organisations disable all unnecessary or insecure ports and protocols.

In the new report, ExtraHop conducted an analysis of enterprise IT environments to benchmark the cybersecurity posture of organisations based on open ports and sensitive protocol exposure so that security and IT leaders can assess their risk posture and attack surface visibility relative to other organisations.

Findings from the study include:

  • Improved time to threat detection, resolution and remediation: Reveal(x) 360 decreases time to threat detection by 83%, time to remediate security threats by 86% and time to threat resolution by 87%.
  • Faster response to unplanned outages: After implementing Reveal(x) 360, unexpected outages decrease by 66%, the time needed to solve unplanned outages decreases 92%, and the number of IT professionals involved in researching an outage decreases by 50%.
  • Reduced cost of existing security solutions: After improving network visibility with Reveal(x) 360, organizations are able to retire pre-existing security solutions that they no longer needed. Retiring legacy security solutions saved nearly US $373,000.
  • Improved communication: Customers interviewed for the study reported Reveal(x) 360 helped drive alignment and collaboration across IT and security teams.
  • Reduced risk of security breaches: Reveal(x) 360 helped bolster customer security environments, potentially preventing costly security breaches.

For the purposes of this study, Forrester interviewed ExtraHop Reveal(x) 360 customers across four industries and aggregated their experiences to create a composite organisation. Prior to using Reveal(x) 360, the customers were using a combination of firewalls, endpoint detection and response (EDR) products, security information and event management (SIEM) solutions, and packet capture tools.

"We did a comparison, and ExtraHop outperformed everybody," says a technical director of cybersecurity operations in the communications industry interviewed for the study.

"They had the scaling capabilities we needed and the alert accuracy, granularity, and AI analytics capabilities we wanted.

"Reveal(x) 360 allows us to get complete visibility of the ground truth for our full network environment and make the right call when it comes to identifying and removing bad traffic." 

In a crowded cybersecurity market, the study notes ExtraHop customers reported "significant improvement in visibility into their network environment," to gain "immediate insight into their network status across all environments," allowing them to "detect and respond to security threats at a much faster rate."