ExtraHop CEO Arif Kareem has a very specific goal for the company. “Our eyes are set on becoming a half-billion-dollar security company,” he said. He’s also positioning the software provider for an initial public offering, likely in the “next 24 months.” But he’s quick to add, “that’s not our end goal.”
It’s a shift for the startup, which spent its first 10 years as a network performance monitoring company before “doubling down” on security two years ago and launching its first pure-play security product last year. And it looks like Kareem’s bet paid off.
ExtraHop claims it “far surpassed” $100 million in bookings in 2018. “We beat that target and we grew our security biz by 10x,” Kareem said.
The company released its first security product, Reveal(x) in January 2018, followed by Reveal(x) for Azure in September 2018. More than 20 customers across industry verticals invested more than $1 million with ExtraHop last year, and its software now protects more than 5 million devices across more than 800 enterprise customers worldwide, Kareem said. The company has about 400 employees today and plans to add 150 more this year, he added.
Moving into the security space was a natural evolution. For the past several years, security has been ExtraHop’s customers’ top use case for its real-time analytics software.
When Kareem joined the company about a two and a half years ago, and would talk with customers about how they used the platform, “there was always a security person sitting in the room,” he said. “That clicked in our mind to use our foundational technology to develop a purpose-built product for cybersecurity. The perimeter is becoming boundary-less with cloud coming into force, and we have a very good foundational technology, which provides insights into your network and infrastructure and applications.”
4 Key Differentiators
ExtraHop offers four things that customers want in a network security product, Kareem says. The first is visibility across all of their assets. It spans public and private clouds, data center environments, and branch offices.
No. 2 is machine learning. The company honed both of these technologies long before entering the security space, he adds.
“And then the whole investigation piece, how something happened and why it happened. Because our core business is performance monitoring no one can do that better than we can,” he said.
Finally, ExtraHop boasts a number of integrations with third-party vendors to further bolster customers’ real-time visibility and security posture. This includes Amazon Web Services (AWS), Microsoft Azure, Splunk, Palo Alto Networks, ForeScout, and ServiceNow. In 2017, Cisco partnered with ExtraHop to boost the analytics capabilities of Tetration, Cisco’s data center analytics platform.
“The legacy companies perhaps can do more forensic investigation. But because they don’t have machine learning they can’t do detection as well,” Kareem said. “The newcomers can do detection, but don’t have the capabilities to develop that deep investigation and response. We can do complete real-time visibility and do detection and response better than anybody else. And we believe that is our differentiator.”
More Cloud Tools In Store
Looking ahead to 2019, ExtraHop plans to add new security capabilities like rules-based detection and bringing in new external threat intelligence feeds. It will also pump more money into its machine learning technology and cloud product line. “We will be spending more investment in the cloud side of things,” Kareem said.
Enterprises are developing multi-cloud strategies, and they want to use the same set of security tools in their public cloud environments as they do in their data centers, adds Eric Thomas, director of cloud products at ExtraHop. “We hear about the swivel-chair effect,” he said. “That’s a huge pain point and one of the core advantages of our technology.”