<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

Datashield's Resource Library

Read all of our news, articles, reviews, and more in our company blog

All Posts

ExtraHop Reveal(x) Deployment on Amazon Web Services (AWS)

extrahop reveal(x) deployment on AWS

As business operations expand and move to the cloud, so does security. ExtraHop’s Reveal(x) platform can be deployed on a variety of cloud infrastructures. It makes sense for ExtraHop, leader in Network Detection and Response, to partner with tech giant Amazon Web Services (AWS).

ExtraHop Reveal(x) Cloud offers a turnkey, zero-infrastructure solution to AWS customers.

Use Reveal(x)’s deep insights and transaction fluency with event data from AWS CloudWatch to deliver complete visibility at cloud scale. Discover anomalies including rogue instances, disabled log systems, and suspicious file execution.



Complete Visibility

Organizations need continuous visibility and situational intelligence across hybrid, multi-cloud, IoT and remote work environments from a single management source. Reveal(x) provides the ability to see into all of these sources as well as SSL/TLS encrypted traffic.

Real-Time Detection

Immediately detect anomalous behaviors and malicious activity, including unauthorized access, misconfigurations, and insecure APIs. Reveal(x) uses machine learning to utilize over 5,000 wire data features.

Intelligent Response

Work smarter, not harder. Raise efficiency of response time and investigative workflows with Reveal(x). Integrations with AWS include EC2, S3, Amazon CloudWatch and CloudTrail, Amazon VPC Flow Logs, and Lambda.



Reveal(x) can be deployed in two ways. The first is through Reveal(x) 360 and the second is by Reveal(x) AMI for AWS. Both provide a unified security platform across on-premises and cloud environments with a low management burden.

Reveal(x) AMI for AWS sensors offer the option to conduct machine learning analysis and threat detection from inside an Amazon Virtual Private Cloud (VPC).


Extrahop lists the following differences between Reveal(x) 360 and Reveal(x) AMI for AWS:

  Reveal(x) 360 Reveal(x) AMI for AWS
SaaS-based deployment  X  
Self-managed sensor    X
On-demand sensors billed hourly  X  
Simplified sensor deployment via Cloud Console  X  
Cloud-scale ML  X  X
ExtraHop-managed record warehouse  X  
Control plane for unified visibility (hybrid and multicloud)  X  
Amazon VPC Traffic Mirroring integration X X



ExtraHop is also a member of the AWS Consulting Partner Private Offer (CPPO) Program. The CPPO program enables ExtraHop to resell AWS enterprise contracts and their products through the marketplace.

Datashield is also able to package ExtraHop, AWS, and managed security services in a single bill. Contact us to receive a quote.


The Datashield Advantage

Datashield has helped our clients implement ExtraHop using our proprietary orchestration tool, SHIELDVision. Our security engineers can architect and deploy Reveal(x) in multiple cloud and hybrid environments.

Take your security to the next level with managed security services, provided by Datashield and backed by security leader ADT. Our US-based SOC has eyes on glass 24x7x365, providing clients with world-class results and white-glove service.

Learn more about our cloud-native managed detection and response (MDR) service here.

If your organization is considering Reveal(x), contact us for a no-cost consultation to see if Datashield is right for you.

Topics from this Article

SIEM, Amazon AWS, Cloud Security, Cloud SIEM, NDR, Network Detection and Response, ExtraHop

Cassidy Trowbridge
Cassidy Trowbridge
Cassidy is a marketing specialist at Datashield. She manages Datashield's content and social marketing strategies.

Related Posts

How to Celebrate National Day of Unplugging

Did you know that March 5, 2021 is the National Day of Unplugging?

Job Openings at Datashield and Partner Companies

To go alongside our upcoming webinar, How to Get a Job in IT, Datashield is sharing open job positions within our company and our partners RSA, SentinelOne, Google Chronicle, ExtraHop, Microsoft, Proofpoint, Digital Shadows, and Vmware Carbon Black.

What is Penetration Testing?

A penetration test or pen test is a simulated cyber-attack against computer systems, application systems, and IT infrastructure to discover loopholes. These simulated cyber-attacks come in diverse forms with the intent of breaching a system through its servers, web or mobile applications, and other endpoints. The purpose of pen testing is to discover exploitable vulnerabilities in a controlled setting before cybercriminals take advantage of them.