filmov
tv
Jesse Rothstein, ExtraHop | AWS re:Inforce 2019
Показать описание
Jesse Rothstein, CTO & Co-Founder, ExtraHop, talks with Dave Vellante & John Furrier at AWS re:Inforce 2019 in Boston, MA.
#ExtraHop #reInvent #theCUBE @siliconangle @amazonwebservices
Q&A: ExtraHop makes sure companies don’t get caught napping on cloud-security watch
Billions have been sunk into the data security market, and cloud leader Amazon Web Services Inc. continues to reassure its customers that cloud security is “the highest priority.” It offers services such as Security Hub. But despite the extreme focus on protection, no one is relaxing on security watch just yet.
“I can assure you that cloud security is not solved,” said Jesse Rothstein (pictured), co-founder and chief technology officer of ExtraHop Networks Inc. “Despite record spend year after year after year, we still continue to see record numbers of compromises and data breaches that are published. I think cloud security in particular remains a challenge.”
[Editor’s note: The following content has been condensed for clarity.]
Miniman: You can’t remove security from the discussion of cloud. It is one of the top issues. What’s your take on the current situation?
Rothstein: There’s a lot of energy there and I think a lot of attention; people recognize it’s a problem. But we’re dealing with massive cybersecurity skill shortages. It’s very hard to find people with the expertise needed to really secure these workloads. We’re dealing with more sophisticated attackers. I think in many cases, attackers with nation state sponsorship, which is scary.
ExtraHop’s right in the mix here, and we focus on network detection and response. And, of course, it wouldn’t be a modern-day security offering if we didn’t leverage very sophisticated machine learning to detect suspicious behaviors and potential threats. This is something I think we do better than anybody else in the world.
Warren: Can you walk us through what the machine learning aspect of ExtraHop actually does?
Rothstein: Machine learning allows us to recognize behaviors. And behaviors are very important, because we’re looking for post-breach behaviors and indicators of compromise. The attack surface is absolutely enormous, and there are a million ways that you can be breached. But there’s actually a relatively tractable set of post-breach behaviors that attackers will do once you’re compromised.
So, what we’ve done is we’ve built the machine-learning behavioral model so that we can detect these suspicious behaviors. And because detections alone are completely insufficient, ExtraHop is built on top of an entire analytics platform so that you’re always one or two clicks away from being able to determine if something requires an incident-response scenario.
Warren: One of the themes that we had from the keynote yesterday was transformation. Do customers need to just transform the way they think about security?
Rothstein: Yes and no. Customers who are used to a certain set of on-prem toolset, tool chain can’t necessarily just shoehorn that into their public-cloud workloads. But on the other hand, I think that public-cloud workloads have really suffered from an opacity problem; it’s very difficult to see what’s going on. It’s hard to sift through all those logs; it’s hard to get the visibility that you expect. And I think that the cybersecurity toolset, tool chain, has been pretty fragmented. There are a lot of vulnerability scanners, there are a lot of, kind of like, API inspectors and recommendation engines.
But I think the industry is still really trying to figure out what this means. So, I’m seeing a lot of innovation, and I’m seeing a rapid maturing of that cloud-security ecosystem.
Miniman: So, the last question: What would you like to educate the marketplace on that maybe goes against the common perception when it comes to security in general, maybe network security specifically?
...
#ExtraHop #reInvent #theCUBE @siliconangle @amazonwebservices
Q&A: ExtraHop makes sure companies don’t get caught napping on cloud-security watch
Billions have been sunk into the data security market, and cloud leader Amazon Web Services Inc. continues to reassure its customers that cloud security is “the highest priority.” It offers services such as Security Hub. But despite the extreme focus on protection, no one is relaxing on security watch just yet.
“I can assure you that cloud security is not solved,” said Jesse Rothstein (pictured), co-founder and chief technology officer of ExtraHop Networks Inc. “Despite record spend year after year after year, we still continue to see record numbers of compromises and data breaches that are published. I think cloud security in particular remains a challenge.”
[Editor’s note: The following content has been condensed for clarity.]
Miniman: You can’t remove security from the discussion of cloud. It is one of the top issues. What’s your take on the current situation?
Rothstein: There’s a lot of energy there and I think a lot of attention; people recognize it’s a problem. But we’re dealing with massive cybersecurity skill shortages. It’s very hard to find people with the expertise needed to really secure these workloads. We’re dealing with more sophisticated attackers. I think in many cases, attackers with nation state sponsorship, which is scary.
ExtraHop’s right in the mix here, and we focus on network detection and response. And, of course, it wouldn’t be a modern-day security offering if we didn’t leverage very sophisticated machine learning to detect suspicious behaviors and potential threats. This is something I think we do better than anybody else in the world.
Warren: Can you walk us through what the machine learning aspect of ExtraHop actually does?
Rothstein: Machine learning allows us to recognize behaviors. And behaviors are very important, because we’re looking for post-breach behaviors and indicators of compromise. The attack surface is absolutely enormous, and there are a million ways that you can be breached. But there’s actually a relatively tractable set of post-breach behaviors that attackers will do once you’re compromised.
So, what we’ve done is we’ve built the machine-learning behavioral model so that we can detect these suspicious behaviors. And because detections alone are completely insufficient, ExtraHop is built on top of an entire analytics platform so that you’re always one or two clicks away from being able to determine if something requires an incident-response scenario.
Warren: One of the themes that we had from the keynote yesterday was transformation. Do customers need to just transform the way they think about security?
Rothstein: Yes and no. Customers who are used to a certain set of on-prem toolset, tool chain can’t necessarily just shoehorn that into their public-cloud workloads. But on the other hand, I think that public-cloud workloads have really suffered from an opacity problem; it’s very difficult to see what’s going on. It’s hard to sift through all those logs; it’s hard to get the visibility that you expect. And I think that the cybersecurity toolset, tool chain, has been pretty fragmented. There are a lot of vulnerability scanners, there are a lot of, kind of like, API inspectors and recommendation engines.
But I think the industry is still really trying to figure out what this means. So, I’m seeing a lot of innovation, and I’m seeing a rapid maturing of that cloud-security ecosystem.
Miniman: So, the last question: What would you like to educate the marketplace on that maybe goes against the common perception when it comes to security in general, maybe network security specifically?
...
0:20:36
0:11:32
0:16:13
0:02:51
0:12:29
0:04:56
0:01:43
0:06:31
0:01:49
0:25:10
0:03:24
0:17:37
0:02:47
0:36:06
0:03:55
0:11:05
0:01:32
0:02:39
0:02:47
0:58:11
0:25:44
0:38:11
0:26:58
1:09:40