Reveal(x) 360 uses AI and machine learning to give security teams real-time information on cyberattacks. Credit: metamorworks / Getty Images A cloud-native security provider announced Wednesday that it has added heat-mapping capabilities to its Amazon Web Service (AWS) flagship product. The new tier of service for ExtraHop Reveal(x) 360 uses artificial intelligence (AI) and machine learning to give security teams a visual means for identifying, investigating, and mitigating hotspots of malicious activity in their cloud environments without interfering with developer activity.“We’re able to passively analyze network traffic data within a virtual private cloud and provide broad visibility and core detection capabilities across all AWS environments,” Bryan Lares, vice president of product management at ExtraHop, tells CSO.“Unlike monitoring cloud workloads or agent-based approaches, our passive network monitoring does not slow down DevOps activity and development of cloud-based workloads,” Lares says. “Developers are deploying assets at a breakneck pace, so as adversaries continue to evolve their attacks on mission-critical applications and workloads, organizations need this kind of high fidelity, low friction approach to defend against these attacks, post-compromise.” ExtraHop’s new offering uses real-time analysis of VPC flow logs, packets and protocols to create a unified interface that allows security teams to rapidly get to the root of security threats. The approach, according to ExtraHop, reduces false positives and keeps security teams focused on the highest-priority threats, maximizing and scaling scarce analyst resources. “Most organizations are already gathering VPC flow logs and moving them into their SIEMs for compliance purposes, so this is taking something they’re already doing and providing extra value with it,” Lares says. Security versus application performanceExtraHop claims its new offering is easier to deploy than solutions that use agents and provides broader coverage than those products. Reveal(x) 360 collects and analyzes flow log and packet metrics to create a real-time view of all cloud workloads, while AI behavioral detection surfaces the highest priority threats for investigation and remediation in a single management pane.“Agents consume resources on workloads and can produce false positives that can prevent some workload activity from going on in the environment,” Lares says. “Every security solution produces false positives, but since we’re not an inline protection solution, we’re not going to interfere with workload activity.” “Cloud application developers have zero tolerance for security measures that impinge [on] application performance or slow code development velocity,” Frank Dickson, program vice president for security and trust at IDC, said in a statement. “Pair this with the complexity of microservices-based applications that are easilyaccessed via APIs and you start to understand the challenges of securing the cloud. ExtraHop’s ability to ingest both VPC flow logs and packets in a single UI for cloud security coverage is a no-brainer. Security teams can illuminate and investigate malicious activity in near real-time without requiring developers to make adjustments to code development.” Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe