Download PDF

View Table of Contents

Product Requirements

All ExtraHop systems

Thank you! We will contact you soon to ask how we can improve our documentation. We appreciate your feedback.

Was this topic helpful?

Yes No

Thank you for your feedback. Can we contact you to ask follow up questions?

How can we improve?

Need more help?

Ask the Community

What's New

While release notes provide a comprehensive view of our release updates, here is a preview of our most exciting features in ExtraHop 9.8.

Enhanced Detection Notifications

Detections and detection notifications have been optimized for exporting granular detection data. Users can now configure notification rules to send a default or custom webhook payload for every detection update, or only send one notification for each detection.

Security Operations Report

You can now select the contents to include in a Security Operations Report that you generate from an Overview page.

New Files page

The Files page displays a table of files hashed according to filters that are configured and enabled from the File Analysis settings. File details enable you to further investigate the SHA-256 file hash in devices, records, detections, and VirusTotal Lookup, which is a third-party tool.

New RevealX 360 Integrations

Next Generation SIEM Integrations

Added integrations for CrowdStrike Falcon Next-Gen SIEM and Splunk Enterprise Security SIEM that leverage notification rules to export ExtraHop detection data to the target SIEM.

LevelBlue, Axonius, Cisco XDR Integrations

Added the following new integrations to help you investigate and respond to device and detection data:

LevelBlue offers managed detection and response (MDR).
Axonius is a cybersecurity asset management tool.
Cisco XDR is a cloud-based extended detection and response solution.

For Administrators

Packet Access Control: Administrators can now grant privileges that allow users to only download packet headers. RevealX 360 administrators can also set a global policy for packet slice size, and enable sensor access control to grant access to specific user groups.
File Extraction Password: A password is required to open .zip files extracted, or carved, from packets. Administrators can set the file extraction password from the Administration Settings on RevealX Enterprise or RevealX 360 and share the password with approved users.
Decryption for Multiple Domain Controllers: The ExtraHop system now supports connecting multiple domain controllers to a sensor to decrypt domain controller traffic. You can configure decryption on an individual sensor on RevealX Enterprise or through an integration on RevealX 360.

For API Developers

Trigger API: You can now store metrics and access properties for SOCKS and NMF traffic with new SOCKS and NMF classes.
REST API: Added the /appliances/sensortags endpoint to the RevealX 360 REST API, which enables you to view and manage sensor tags.

Last modified 2024-10-18

Documentation

Products

Differentiation

Solutions

Security Operations

Cloud-Native Security

Application Analytics

Network Performance

Customers

Community

Partners

Support

Training

Resources

More Resources

Company

Events and Information