Joint customers can now leverage Prophet AI to autonomously investigate ExtraHop RevealX alerts and incorporate network context for every investigation
Prophet Security, the pioneer in Agentic AI for Security Operations, today announced a partnership with ExtraHop, a leader in modern network detection and response (NDR), bringing ExtraHop’s protocol-level network telemetry directly into Prophet’s Agentic AI SOC Platform. As a result, security teams can now autonomously investigate every ExtraHop network detection end-to-end, and incorporate network context in investigations from any alert source — endpoint, identity, cloud, email, insider threat, DLP or SIEM — at no additional cost to customers.
Why complete context changes what AI agents can do
An AI agent’s conclusions are only as reliable as the context it reasons over. Endpoint and identity telemetry alone leave material blind spots — particularly for lateral movement, unmanaged devices (IoT, OT, legacy systems), and east-west traffic inside the perimeter. Agents working from partial evidence can reach confident but inaccurate conclusions.
Also Read: CIO Influence Interview with Kyle Wickert, Field CTO at AlgoSec
“Agents reasoning over partial context can reach confident but inaccurate conclusions — endpoint and identity data might tell you about initial access, but not the lateral movement that follows,” said Kanaiya Vasani, Chief Product Officer of ExtraHop. “Our partnership means that Prophet AI agents can reason with pre-correlated, protocol-aware network signals from ExtraHop in every investigation. Complete context is what makes accurate, autonomous investigations possible.”
“Our customers have been telling us the same thing: As they expand the use of agentic AI in the SOC, the value of network context goes up, not down,” said Vibhav Sreekanti, CTO, Prophet Security. “ExtraHop gives us a category of evidence — decrypted, protocol-aware, real-time network telemetry — that our agents can reason over with low noise and low cost. It’s a natural fit for how Prophet AI investigates.”
What the integration does
The Prophet–ExtraHop integration launches with two capabilities:
1. Autonomous investigation of RevealX detections. Prophet ingests RevealX network and identity detections and investigates each one end-to-end. Prophet’s AI agents pull additional context from RevealX on demand — device and asset information, identity activity, behavioral detections, transaction records, and packet captures — and combine it with telemetry from the customer’s other security tools to reach a final determination.
2. Network context for investigations from any source. RevealX is also an investigation data source for non-network security alerts — a suspicious sign-in from the identity provider, a malware alert from EDR, an API abuse alert from a CSPM. Prophet AI queries ExtraHop to answer critical questions: what else the host was communicating with, what protocols it used, what data left the environment, and whether the activity is consistent with historical behavior.
Catch more CIO Insights: The CIO as a Value Creator: Moving Beyond Cost Centers to Revenue Drivers
[To share your insights with us, please write to psen@itechseries.com ]
