SlideShare a Scribd company logo

The Power of Wire Data Analytics in the Heartbleed Episode

Download as PPTX, PDF
ExtraHop Networks
ExtraHop Networks

The ExtraHop wire data analytics platform enables IT teams to answer questions they hadn't known to ask before, such as "Which SSL servers are receiving heartbeats?" and "Where are heartbeat messages coming from?"

Technology
1 of 6
1 The Power of Wire Data Analytics in the Heartbleed Episode Answering Questions You Didn’t Know to Ask April 17, 2014
2 CONFIDENTIA What Is Heartbleed? • Heartbleed allows anyone to steal data in working memory (including encryption keys) from any server that uses vulnerable versions of OpenSSL • Enterprise IT orgs run hundreds of these services and applications Web servers Mail servers Network appliances VPN servers FTP servers Client-side applications
3 PACKET CAPTURE NETWORK SCANS ¤ Can take days to complete in a large environment ¤ Adds overhead to servers and consumes bandwidth Legacy Solutions Are Ineffective SERVER LOGS ¤ Cannot detect Heartbleed, which leaves no trace in logs ¤ Expensive: 100+ TBs each day for enterprise environments ¤ Requires highly skilled network engineers to parse the data ¤ Does not work in real time
4 ExtraHop ExtraHop: Comprehensive Visibility  Analyzes all SSL transaction metrics, including heartbeats  Provides context: historical data, contextual communications, geolocation, etc.  Easily understood by all teams Click on SSL Server activity group 1 Click to see all servers receiving heartbeat requests 2 Drill down to device views for SSL servers 3
5 ExtraHop: Valuable Visualizations Where are heartbeat messages coming from? In Kiev, which IP addresses are sending heartbeat messages? Are there requests coming from China?
6 The Power of Wire Data • Wire data is an immensely rich source of data and insight – All L2-L7 communications between systems, including full bidirectional transaction payloads • ExtraHop is the platform for wire data analytics – Up to a sustained 20Gbps – 2,500+ metrics available out-of-the- box – Programmable interface for custom analysis • ExtraHop offers unprecedented IT visibility for risk mitigation and much more Application Inspection Triggers Full-Stream Reassembly L2-L7 Content Analysis Intelligent Protocol Framework Device & Application Auto-Discovery & Classification Streaming Datastore Historical Trending & Alerting Engine SybaseEMCInformixNetAppCitrixSQL Server VMwareIBM DB2OracleSharePointIBM MQSAP SSL Decryption TCP State Assembly Sessions Flows Transactions Heartbleed detection is just one example!

Recommended

Clinical and Business Analytics - HIMSS 2015
Clinical and Business Analytics - HIMSS 2015Clinical and Business Analytics - HIMSS 2015
Clinical and Business Analytics - HIMSS 2015ExtraHop Networks
 
Stream Analytics for Data in Motion
Stream Analytics for Data in MotionStream Analytics for Data in Motion
Stream Analytics for Data in MotionExtraHop Networks
 
How to Use Big Data to Transform IT Operations
How to Use Big Data to Transform IT OperationsHow to Use Big Data to Transform IT Operations
How to Use Big Data to Transform IT OperationsExtraHop Networks
 
Fast 360 assessment sample report
Fast 360 assessment sample reportFast 360 assessment sample report
Fast 360 assessment sample reportExtraHop Networks
 
EMA Presentation: Driving Business Value with Continuous Operational Intellig...
EMA Presentation: Driving Business Value with Continuous Operational Intellig...EMA Presentation: Driving Business Value with Continuous Operational Intellig...
EMA Presentation: Driving Business Value with Continuous Operational Intellig...ExtraHop Networks
 
Democratising Security: Update Your Policies or Update Your CV
Democratising Security: Update Your Policies or Update Your CVDemocratising Security: Update Your Policies or Update Your CV
Democratising Security: Update Your Policies or Update Your CVExtraHop Networks
 
Hl7 Analytics for IT and Clinical Insights
Hl7 Analytics for IT and Clinical InsightsHl7 Analytics for IT and Clinical Insights
Hl7 Analytics for IT and Clinical InsightsExtraHop Networks
 
Ransomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsRansomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsExtraHop Networks
 

Recommended

Clinical and Business Analytics - HIMSS 2015
Clinical and Business Analytics - HIMSS 2015Clinical and Business Analytics - HIMSS 2015
Clinical and Business Analytics - HIMSS 2015ExtraHop Networks
 
Stream Analytics for Data in Motion
Stream Analytics for Data in MotionStream Analytics for Data in Motion
Stream Analytics for Data in MotionExtraHop Networks
 
How to Use Big Data to Transform IT Operations
How to Use Big Data to Transform IT OperationsHow to Use Big Data to Transform IT Operations
How to Use Big Data to Transform IT OperationsExtraHop Networks
 
Fast 360 assessment sample report
Fast 360 assessment sample reportFast 360 assessment sample report
Fast 360 assessment sample reportExtraHop Networks
 
EMA Presentation: Driving Business Value with Continuous Operational Intellig...
EMA Presentation: Driving Business Value with Continuous Operational Intellig...EMA Presentation: Driving Business Value with Continuous Operational Intellig...
EMA Presentation: Driving Business Value with Continuous Operational Intellig...ExtraHop Networks
 
Democratising Security: Update Your Policies or Update Your CV
Democratising Security: Update Your Policies or Update Your CVDemocratising Security: Update Your Policies or Update Your CV
Democratising Security: Update Your Policies or Update Your CVExtraHop Networks
 
Hl7 Analytics for IT and Clinical Insights
Hl7 Analytics for IT and Clinical InsightsHl7 Analytics for IT and Clinical Insights
Hl7 Analytics for IT and Clinical InsightsExtraHop Networks
 
Ransomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsRansomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsExtraHop Networks
 
ExtraHop Splunk datasheet
ExtraHop Splunk datasheetExtraHop Splunk datasheet
ExtraHop Splunk datasheetExtraHop Networks
 
ExtraHop Product Overview Datasheet
ExtraHop Product Overview DatasheetExtraHop Product Overview Datasheet
ExtraHop Product Overview DatasheetExtraHop Networks
 
SplunkLive! Utrecht 2016 - NXP
SplunkLive! Utrecht 2016 - NXPSplunkLive! Utrecht 2016 - NXP
SplunkLive! Utrecht 2016 - NXPSplunk
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkSplunk
 
Atlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleAtlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleExtraHop Networks
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer PresentationSplunk
 
Taking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout SessionTaking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout SessionSplunk
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session Splunk
 
Getting Started with IT Service Intelligence
Getting Started with IT Service IntelligenceGetting Started with IT Service Intelligence
Getting Started with IT Service IntelligenceSplunk
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer PresentationSplunk
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkSplunk
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT OperationsSplunk
 
Affecto Informatica World Tour 2015: The Age of Engagement
Affecto Informatica World Tour 2015: The Age of EngagementAffecto Informatica World Tour 2015: The Age of Engagement
Affecto Informatica World Tour 2015: The Age of EngagementAffecto
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer PresentationSplunk
 
SplunkLive! Austin Customer Presentation - Dell
SplunkLive! Austin Customer Presentation - DellSplunkLive! Austin Customer Presentation - Dell
SplunkLive! Austin Customer Presentation - DellSplunk
 
Make Streaming IoT Analytics Work for You
Make Streaming IoT Analytics Work for YouMake Streaming IoT Analytics Work for You
Make Streaming IoT Analytics Work for YouHortonworks
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT OperationsSplunk
 
Power of Splunk Search Processing Language (SPL)
Power of Splunk Search Processing Language (SPL)Power of Splunk Search Processing Language (SPL)
Power of Splunk Search Processing Language (SPL)Splunk
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkSplunk
 
SplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - XeroxSplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - XeroxSplunk
 
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)Gabriella Davis
 
The Evolving Data Center Network: Open and Software-Defined
The Evolving Data Center Network: Open and Software-DefinedThe Evolving Data Center Network: Open and Software-Defined
The Evolving Data Center Network: Open and Software-DefinedDell World
 

More Related Content

What's hot

ExtraHop Product Overview Datasheet
ExtraHop Product Overview DatasheetExtraHop Product Overview Datasheet
ExtraHop Product Overview DatasheetExtraHop Networks
 
SplunkLive! Utrecht 2016 - NXP
SplunkLive! Utrecht 2016 - NXPSplunkLive! Utrecht 2016 - NXP
SplunkLive! Utrecht 2016 - NXPSplunk
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkSplunk
 
Atlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleAtlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleExtraHop Networks
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer PresentationSplunk
 
Taking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout SessionTaking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout SessionSplunk
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session Splunk
 
Getting Started with IT Service Intelligence
Getting Started with IT Service IntelligenceGetting Started with IT Service Intelligence
Getting Started with IT Service IntelligenceSplunk
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer PresentationSplunk
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkSplunk
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT OperationsSplunk
 
Affecto Informatica World Tour 2015: The Age of Engagement
Affecto Informatica World Tour 2015: The Age of EngagementAffecto Informatica World Tour 2015: The Age of Engagement
Affecto Informatica World Tour 2015: The Age of EngagementAffecto
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer PresentationSplunk
 
SplunkLive! Austin Customer Presentation - Dell
SplunkLive! Austin Customer Presentation - DellSplunkLive! Austin Customer Presentation - Dell
SplunkLive! Austin Customer Presentation - DellSplunk
 
Make Streaming IoT Analytics Work for You
Make Streaming IoT Analytics Work for YouMake Streaming IoT Analytics Work for You
Make Streaming IoT Analytics Work for YouHortonworks
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT OperationsSplunk
 
Power of Splunk Search Processing Language (SPL)
Power of Splunk Search Processing Language (SPL)Power of Splunk Search Processing Language (SPL)
Power of Splunk Search Processing Language (SPL)Splunk
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkSplunk
 
SplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - XeroxSplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - XeroxSplunk
 

What's hot (20)

ExtraHop Splunk datasheet
ExtraHop Splunk datasheetExtraHop Splunk datasheet
ExtraHop Splunk datasheet
 
ExtraHop Product Overview Datasheet
ExtraHop Product Overview DatasheetExtraHop Product Overview Datasheet
ExtraHop Product Overview Datasheet
 
SplunkLive! Utrecht 2016 - NXP
SplunkLive! Utrecht 2016 - NXPSplunkLive! Utrecht 2016 - NXP
SplunkLive! Utrecht 2016 - NXP
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in Splunk
 
Atlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleAtlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report Sample
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer Presentation
 
Taking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout SessionTaking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout Session
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
 
Getting Started with IT Service Intelligence
Getting Started with IT Service IntelligenceGetting Started with IT Service Intelligence
Getting Started with IT Service Intelligence
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer Presentation
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in Splunk
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT Operations
 
Affecto Informatica World Tour 2015: The Age of Engagement
Affecto Informatica World Tour 2015: The Age of EngagementAffecto Informatica World Tour 2015: The Age of Engagement
Affecto Informatica World Tour 2015: The Age of Engagement
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer Presentation
 
SplunkLive! Austin Customer Presentation - Dell
SplunkLive! Austin Customer Presentation - DellSplunkLive! Austin Customer Presentation - Dell
SplunkLive! Austin Customer Presentation - Dell
 
Make Streaming IoT Analytics Work for You
Make Streaming IoT Analytics Work for YouMake Streaming IoT Analytics Work for You
Make Streaming IoT Analytics Work for You
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT Operations
 
Power of Splunk Search Processing Language (SPL)
Power of Splunk Search Processing Language (SPL)Power of Splunk Search Processing Language (SPL)
Power of Splunk Search Processing Language (SPL)
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in Splunk
 
SplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - XeroxSplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - Xerox
 

Similar to The Power of Wire Data Analytics in the Heartbleed Episode

1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)Gabriella Davis
 
The Evolving Data Center Network: Open and Software-Defined
The Evolving Data Center Network: Open and Software-DefinedThe Evolving Data Center Network: Open and Software-Defined
The Evolving Data Center Network: Open and Software-DefinedDell World
 
Technical and Business Considerations for DNSSEC Deployment
Technical and Business Considerations for DNSSEC DeploymentTechnical and Business Considerations for DNSSEC Deployment
Technical and Business Considerations for DNSSEC DeploymentAPNIC
 
RapidScale CloudServer
RapidScale CloudServerRapidScale CloudServer
RapidScale CloudServerRapidScale
 
Debugging Microservices - key challenges and techniques - Microservices Odesa...
Debugging Microservices - key challenges and techniques - Microservices Odesa...Debugging Microservices - key challenges and techniques - Microservices Odesa...
Debugging Microservices - key challenges and techniques - Microservices Odesa...Lohika_Odessa_TechTalks
 
Tech talk microservices debugging
Tech talk microservices debuggingTech talk microservices debugging
Tech talk microservices debuggingAndrey Kolodnitsky
 
Big Data Approaches to Cloud Security
Big Data Approaches to Cloud SecurityBig Data Approaches to Cloud Security
Big Data Approaches to Cloud SecurityPaul Morse
 
Start Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best PraticesStart Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best PraticesAmazon Web Services
 
Secure360 - Attack All the Layers! Again!
Secure360 - Attack All the Layers! Again!Secure360 - Attack All the Layers! Again!
Secure360 - Attack All the Layers! Again!Scott Sutherland
 
Operations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your CompanyOperations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your CompanyAmazon Web Services
 
CNIT 152: 9 Network Evidence
CNIT 152: 9 Network Evidence CNIT 152: 9 Network Evidence
CNIT 152: 9 Network Evidence Sam Bowne
 
TTL Alfresco Product Security and Best Practices 2017
TTL Alfresco Product Security and Best Practices 2017TTL Alfresco Product Security and Best Practices 2017
TTL Alfresco Product Security and Best Practices 2017Toni de la Fuente
 
Introduction DNSSec
Introduction DNSSecIntroduction DNSSec
Introduction DNSSecAFRINIC
 
Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021Mouaz Alnouri
 
Netdruid Presentation
Netdruid PresentationNetdruid Presentation
Netdruid Presentationdineshmisal
 

Similar to The Power of Wire Data Analytics in the Heartbleed Episode (20)

1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
 
The Evolving Data Center Network: Open and Software-Defined
The Evolving Data Center Network: Open and Software-DefinedThe Evolving Data Center Network: Open and Software-Defined
The Evolving Data Center Network: Open and Software-Defined
 
Technical and Business Considerations for DNSSEC Deployment
Technical and Business Considerations for DNSSEC DeploymentTechnical and Business Considerations for DNSSEC Deployment
Technical and Business Considerations for DNSSEC Deployment
 
RapidScale CloudServer
RapidScale CloudServerRapidScale CloudServer
RapidScale CloudServer
 
Debugging Microservices - key challenges and techniques - Microservices Odesa...
Debugging Microservices - key challenges and techniques - Microservices Odesa...Debugging Microservices - key challenges and techniques - Microservices Odesa...
Debugging Microservices - key challenges and techniques - Microservices Odesa...
 
Tech talk microservices debugging
Tech talk microservices debuggingTech talk microservices debugging
Tech talk microservices debugging
 
Big Data Approaches to Cloud Security
Big Data Approaches to Cloud SecurityBig Data Approaches to Cloud Security
Big Data Approaches to Cloud Security
 
Start Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best PraticesStart Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best Pratices
 
Operations: Security
Operations: SecurityOperations: Security
Operations: Security
 
Spotify: Data center & Backend buildout
Spotify: Data center & Backend buildoutSpotify: Data center & Backend buildout
Spotify: Data center & Backend buildout
 
Secure360 - Attack All the Layers! Again!
Secure360 - Attack All the Layers! Again!Secure360 - Attack All the Layers! Again!
Secure360 - Attack All the Layers! Again!
 
Operations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your CompanyOperations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your Company
 
CNIT 152: 9 Network Evidence
CNIT 152: 9 Network Evidence CNIT 152: 9 Network Evidence
CNIT 152: 9 Network Evidence
 
TTL Alfresco Product Security and Best Practices 2017
TTL Alfresco Product Security and Best Practices 2017TTL Alfresco Product Security and Best Practices 2017
TTL Alfresco Product Security and Best Practices 2017
 
Network Testing ques
Network Testing quesNetwork Testing ques
Network Testing ques
 
Let's Encrypt + DANE
Let's Encrypt + DANELet's Encrypt + DANE
Let's Encrypt + DANE
 
Introduction DNSSec
Introduction DNSSecIntroduction DNSSec
Introduction DNSSec
 
Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021Network security monitoring elastic webinar - 16 june 2021
Network security monitoring elastic webinar - 16 june 2021
 
Netdruid Presentation
Netdruid PresentationNetdruid Presentation
Netdruid Presentation
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
 

More from ExtraHop Networks

ExtraHop for Virtualization Datasheet
ExtraHop for Virtualization DatasheetExtraHop for Virtualization Datasheet
ExtraHop for Virtualization DatasheetExtraHop Networks
 
Managed Services Provider Serves Customers Better with Wire Data
Managed Services Provider Serves Customers Better with Wire DataManaged Services Provider Serves Customers Better with Wire Data
Managed Services Provider Serves Customers Better with Wire DataExtraHop Networks
 
Conga case study: Application visibility in AWS with ExtraHop
Conga case study: Application visibility in AWS with ExtraHopConga case study: Application visibility in AWS with ExtraHop
Conga case study: Application visibility in AWS with ExtraHopExtraHop Networks
 
ExtraHop Atlas Services Operational Excellence datasheet
ExtraHop Atlas Services Operational Excellence datasheetExtraHop Atlas Services Operational Excellence datasheet
ExtraHop Atlas Services Operational Excellence datasheetExtraHop Networks
 
ExtraHop Atlas Services QuickStart datasheet
ExtraHop Atlas Services QuickStart datasheetExtraHop Atlas Services QuickStart datasheet
ExtraHop Atlas Services QuickStart datasheetExtraHop Networks
 
Web Application Troubleshooting Guide
Web Application Troubleshooting GuideWeb Application Troubleshooting Guide
Web Application Troubleshooting GuideExtraHop Networks
 

More from ExtraHop Networks (8)

ExtraHop for Virtualization Datasheet
ExtraHop for Virtualization DatasheetExtraHop for Virtualization Datasheet
ExtraHop for Virtualization Datasheet
 
City of Geel Case Study
City of Geel Case StudyCity of Geel Case Study
City of Geel Case Study
 
Zonar Case Study
Zonar Case StudyZonar Case Study
Zonar Case Study
 
Managed Services Provider Serves Customers Better with Wire Data
Managed Services Provider Serves Customers Better with Wire DataManaged Services Provider Serves Customers Better with Wire Data
Managed Services Provider Serves Customers Better with Wire Data
 
Conga case study: Application visibility in AWS with ExtraHop
Conga case study: Application visibility in AWS with ExtraHopConga case study: Application visibility in AWS with ExtraHop
Conga case study: Application visibility in AWS with ExtraHop
 
ExtraHop Atlas Services Operational Excellence datasheet
ExtraHop Atlas Services Operational Excellence datasheetExtraHop Atlas Services Operational Excellence datasheet
ExtraHop Atlas Services Operational Excellence datasheet
 
ExtraHop Atlas Services QuickStart datasheet
ExtraHop Atlas Services QuickStart datasheetExtraHop Atlas Services QuickStart datasheet
ExtraHop Atlas Services QuickStart datasheet
 
Web Application Troubleshooting Guide
Web Application Troubleshooting GuideWeb Application Troubleshooting Guide
Web Application Troubleshooting Guide
 

Recently uploaded

FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 

Recently uploaded (20)

FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 

The Power of Wire Data Analytics in the Heartbleed Episode

  • 1. 1 The Power of Wire Data Analytics in the Heartbleed Episode Answering Questions You Didn’t Know to Ask April 17, 2014
  • 2. 2 CONFIDENTIA What Is Heartbleed? • Heartbleed allows anyone to steal data in working memory (including encryption keys) from any server that uses vulnerable versions of OpenSSL • Enterprise IT orgs run hundreds of these services and applications Web servers Mail servers Network appliances VPN servers FTP servers Client-side applications
  • 3. 3 PACKET CAPTURE NETWORK SCANS ¤ Can take days to complete in a large environment ¤ Adds overhead to servers and consumes bandwidth Legacy Solutions Are Ineffective SERVER LOGS ¤ Cannot detect Heartbleed, which leaves no trace in logs ¤ Expensive: 100+ TBs each day for enterprise environments ¤ Requires highly skilled network engineers to parse the data ¤ Does not work in real time
  • 4. 4 ExtraHop ExtraHop: Comprehensive Visibility  Analyzes all SSL transaction metrics, including heartbeats  Provides context: historical data, contextual communications, geolocation, etc.  Easily understood by all teams Click on SSL Server activity group 1 Click to see all servers receiving heartbeat requests 2 Drill down to device views for SSL servers 3
  • 5. 5 ExtraHop: Valuable Visualizations Where are heartbeat messages coming from? In Kiev, which IP addresses are sending heartbeat messages? Are there requests coming from China?
  • 6. 6 The Power of Wire Data • Wire data is an immensely rich source of data and insight – All L2-L7 communications between systems, including full bidirectional transaction payloads • ExtraHop is the platform for wire data analytics – Up to a sustained 20Gbps – 2,500+ metrics available out-of-the- box – Programmable interface for custom analysis • ExtraHop offers unprecedented IT visibility for risk mitigation and much more Application Inspection Triggers Full-Stream Reassembly L2-L7 Content Analysis Intelligent Protocol Framework Device & Application Auto-Discovery & Classification Streaming Datastore Historical Trending & Alerting Engine SybaseEMCInformixNetAppCitrixSQL Server VMwareIBM DB2OracleSharePointIBM MQSAP SSL Decryption TCP State Assembly Sessions Flows Transactions Heartbleed detection is just one example!