ExtraHop Urges Organizations to Adopt Shields Up Guidance, Offers Complimentary Readiness Assessment

ExtraHop Urges Organizations to Adopt Shields Up Guidance, Offers Complimentary Readiness Assessment

April 5, 2022 Off By David

ExtraHop announced that it will offer a complimentary Shields Up assessment for qualified organizations. The Russian invasion of Ukraine has put the world on high alert for retaliatory cyberattacks. Government agencies around the world have issued cybersecurity guidance to help organizations stay secure. The assessment will help enterprises align with and effectively implement the guidance from organizations such as CISA, ENISA, CERT-EU, ACSC, and SingCERT, providing real-time insight into readiness gaps such as insecure protocols, vulnerable devices, and cloud misconfigurations, as well as AI and behavior-based detection of attack patterns and lateral movement. Armed with this intelligence, security teams can zero in on, investigate, and respond to malicious activity before it results in significant impact for their organization.

The use of outdated protocols is still rampant even within sophisticated organizations. A recent ExtraHop survey revealed that 64% of organizations admit that half (or more) of their cybersecurity incidents are the result of their own outdated IT security postures while 68% are still running SMBv1, the protocol exploited in major attacks like WannaCry and NotPetya. At the same time, adversaries are actively avoiding detection with the use of increasingly sophisticated attack tactics, including hiding within encrypted protocols, to mask the exploitation of known but unpatched vulnerabilities such as Spring4Shell.

The Shields Up assessment will allow organizations to:

  • Discover all ports and protocols in use and identify insecure protocols and weak encryption,
  • Find all internet-facing assets inside firewalls accepting external connections,
  • Identify all cloud and SaaS services sending and receiving traffic,
  • Locate instances of unpatched devices with known vulnerabilities, including Spring4Shell, Log4Shell, and PrintNightmare.

Interested organizations are invited to sign up for their complimentary assessment today.