ExtraHop Applies Machine Learning to Identify Anomalies in Real Time


There’s a lot of value in being able to analyze massive amounts of data to better identify anomalies across the enterprise. Being able to do that in real time might very well prove priceless.

ExtraHop today unveiled ExtraHop Addy, a cloud service that applies heuristic analysis and machine learning algorithms to data gathered at wire speed by ExtraHop appliances.

Bryce Hein, senior vice president of marketing for ExtraHop, says that while ExtraHop has been providing visibility into network traffic for years, the launch of ExtraHop Addy represents the first time that ExtraHop can apply machine learning algorithms to more efficiently identify anomalies that would be indicative of, for example, distributed denial of service (DDoS) attacks.

Armed with that data, Hein says, IT organizations can respond faster to changing network conditions identified in real time by ExtaHop Addy. In addition, IT organizations can train ExtraHop Addy to identify specific network conditions to over time reduce the number of false positives that might initially be generated using machine learning algorithms.

It is hosted on Amazon Web Services (AWS), and Hein says ExtraHop views this ExtraHop Addy as a complement to other Big Data analytics platforms such as Splunk. The difference is that ExtraHop Addy is designed to consume machine data generated at the network level in real time to identify potential security and application performance issues before they escalate.

“We see it as being complementary and additive,” says Hein.


It’s becoming more apparent with each passing day that machine learning algorithms are about to become a mainstay of enterprise IT environments. The only real question at this point is not whether those algorithms will simplify the management of IT, but rather how each individual IT organization will go about consuming them.