Customer Story

Closing the Visibility Gap with Network Detection and Response with ExtraHop

Implemented continuous packet capture to log network data

Seamlessly integrated with existing SOAR and SIEM products

Gained increased visibility and higher fidelity of detection

The Story

Reducing Time to Detect with Limited Staff Using Network Detection and Response Tools

Asante Health is a southern-Oregon-based health care provider, with 200,000 customers and 6,500 employees across six hospitals. With such a wide range, maintaining a strong security posture is a big challenge. It's not just laptops and sensitive data—medical devices are also active on their production networks. These devices are hard to secure because the vendor configuration and installation standards leave Asante with the task of closing the gaps in their security.

The company's initial security control framework didn't have many solutions in place. Like many healthcare businesses, a major threat they were looking to mitigate was ransomware. ExtraHop Reveal(x) network detection and response (NDR) proved to be the final piece to put into their security orchestration automation response (SOAR) architecture.

ExtraHop provided Asante Health the data to make a good determination of whether an alert is a false positive or a legitimate incident based on the behavior of what it sees. The increased visibility and the higher fidelity of detections with Reveal(x) also allowed Asante Health's small security team to pinpoint and disrupt attacks before they could cause any damage.

Quote Icon

One member of our team investigated a weird web request that Reveal(x) reported going on in an application. Based on further investigation and research—and doing some testing—we were able to find a serious SQL injection vulnerability in a product we were using. That points out that the tool is valuable for both threat hunting and vulnerability assessment.

Alfonso Powers
Director and Chief Information Security Officer, Asante Health