ExtraHop RevealX NDR is a network detection and response solution that ingests and analyzes network traffic to detect suspicious activity and understand security risks. The product uses network or virtual taps rather than agents to monitor east-west and north-south network traffic across on-premises and cloud workloads. The solution combines machine learning-powered detections, behavioral analysis, and signature-based detections for known indicators of compromise. It includes decryption capabilities and protocol decoding to uncover threats hiding in encrypted traffic. The platform provides packet-level context for investigation and analysis. RevealX NDR addresses coverage gaps left by endpoint detection and response (EDR), security information and event management (SIEM), and intrusion detection systems (IDS). Unlike EDR which requires agents on each endpoint, RevealX monitors network traffic without deploying agents. The solution provides visibility into unmanaged devices, IoT devices, and personal devices that cannot support agents. The platform supports zero trust initiatives by providing visibility and analytics for all users, devices, applications, and workloads communicating on the network. It includes automatic asset discovery and classification capabilities, as well as vulnerability identification features. RevealX NDR enables security teams to investigate incidents with streamlined workflows and respond to threats with network intelligence derived from continuous monitoring of network telemetry.