Bridges the critical intelligence gap to stop threats at machine speed
ExtraHop®, a leader in modern network detection and response (NDR), announced new visibility and forensic capabilities that provide the highly contextual insights essential to powering the agentic SOC with autonomous defense against sophisticated and evasive threats actors.
Also Read: CIO Influence Interview With Jake Mosey, Chief Product Officer at Recast
As AI-assisted attacks grow in scale and operational demands grow, SOCs are increasingly relying on AI agents to act as a force multiplier. Yet, without a foundation of clear, actionable insights on anomalous and malicious activity, these agents cannot operate autonomously.
To address this, ExtraHop is delivering the network intelligence that serves as the ultimate fuel for enterprise agentic operations. Through deep protocol analysis, ExtraHop delivers rich network telemetry that correlates activity across devices, users, applications, and identities, providing the essential context for AI agents to reason and autonomously triage, enrich, and respond to cyberthreats at machine speed.
“The perceived advancement of the agentic SOC is an illusion for most, as a lack of high fidelity, contextual data silently undermines the system’s efficacy and prevents enterprises from realizing any actual benefit from their agents,” said Kanaiya Vasani, Chief Product Officer, ExtraHop. “The network remains the immutable source of truth for the modern enterprise and ExtraHop unlocks that potential for the agentic SOC, driving agentic operations with robust and highly contextual insights. ExtraHop is providing holistic visibility into the most complex segments of the modern attack surface to help enterprises stop advanced threats with unprecedented speed and precision.”
Unified identity and network insights
To power autonomous AI agents within the agentic SOC, enterprises need more than just visibility; they need strong network telemetry that tracks what is happening across the network and who is behind those actions. Without this layer of context, autonomous agents will lack the necessary information to operate securely and effectively, leaving them paralyzed by ambiguity or prone to disrupting critical workflows.
ExtraHop has added integrations with market-leading identity systems (Entra ID, Active Directory (AD), and Okta) that fuse robust identity attributes and network telemetry into a single data set. By adding enriched user data into dashboards, detections and response actions, agents are empowered to investigate complex incidents with richer context and reduced Mean-time-to-Response (MTTR).
Visibility into Kubernetes environments
ExtraHop now delivers full visibility into the Kubernetes environments powering modern cloud-native applications and agentic workflows. The platform natively captures and decrypts Kubernetes traffic and analyzes key resource metadata to provide the rich, integrated telemetry SOC agents need to make accelerated, deterministic decisions.
The unified intelligence stream for the agentic SOC
ExtraHop is introducing new ways for AI agents to securely and accurately access network intelligence. With the ExtraHop Query Language (EQL), agents can selectively query massive volumes of network telemetry to extract the exact context they need at machine speed. Agents can securely consume enriched network metadata and detections to automate threat detection, investigation, and response through APIs and Model Context Protocol (MCP) servers.
“AI tools are only as good as the insights powering them and while creating the agentic SOC is a leading initiative for a number of enterprises, a lackluster source of data is holding them back from success,” said Chris Kissel, Research Vice President, Security & Trust Products, IDC. “ExtraHop is solving this by doubling down on context and further closing the visibility gaps impacted by unobserved Kubernetes environments and user identities. Having this level of insight is critical for organizations deploying AI agents and allows adoption of autonomous operations to continue without sacrificing the pace of innovation.”
Catch more CIO Insights: Why CIOs are becoming chief risk orchestrators?
[To share your insights with us, please write to psen@itechseries.com ]
