Bridges the critical intelligence gap to stop threats at machine speed

ExtraHop^®, a leader in modern network detection and response (NDR), today announced new visibility and forensic capabilities that provide the highly contextual insights essential to powering the agentic SOC with autonomous defense against sophisticated and evasive threats actors.

As AI-assisted attacks grow in scale and operational demands grow, SOCs are increasingly relying on AI agents to act as a force multiplier. Yet, without a foundation of clear, actionable insights on anomalous and malicious activity, these agents cannot operate autonomously.

To address this, ExtraHop is delivering the network intelligence that serves as the ultimate fuel for enterprise agentic operations. Through deep protocol analysis, ExtraHop delivers rich network telemetry that correlates activity across devices, users, applications, and identities, providing the essential context for AI agents to reason and autonomously triage, enrich, and respond to cyberthreats at machine speed.

"The perceived advancement of the agentic SOC is an illusion for most, as a lack of high fidelity, contextual data silently undermines the system's efficacy and prevents enterprises from realizing any actual benefit from their agents,” said Kanaiya Vasani, Chief Product Officer, ExtraHop. "The network remains the immutable source of truth for the modern enterprise and ExtraHop unlocks that potential for the agentic SOC, driving agentic operations with robust and highly contextual insights. ExtraHop is providing holistic visibility into the most complex segments of the modern attack surface to help enterprises stop advanced threats with unprecedented speed and precision."

Unified identity and network insights

To power autonomous AI agents within the agentic SOC, enterprises need more than just visibility; they need strong network telemetry that tracks what is happening across the network and who is behind those actions. Without this layer of context, autonomous agents will lack the necessary information to operate securely and effectively, leaving them paralyzed by ambiguity or prone to disrupting critical workflows.

ExtraHop has added integrations with market-leading identity systems (Entra ID, Active Directory (AD), and Okta) that fuse robust identity attributes and network telemetry into a single data set. By adding enriched user data into dashboards, detections and response actions, agents are empowered to investigate complex incidents with richer context and reduced Mean-time-to-Response (MTTR).

Visibility into Kubernetes environments

ExtraHop now delivers full visibility into the Kubernetes environments powering today’s modern cloud-native applications and agentic workflows. The platform natively captures and decrypts Kubernetes traffic and analyzes key resource metadata to provide the rich, integrated telemetry SOC agents need to make accelerated, deterministic decisions.

The unified intelligence stream for the agentic SOC

ExtraHop is introducing new ways for AI agents to securely and accurately access network intelligence. With the ExtraHop Query Language (EQL), agents can selectively query massive volumes of network telemetry to extract the exact context they need at machine speed. Agents can securely consume enriched network metadata and detections to automate threat detection, investigation, and response through APIs and Model Context Protocol (MCP) servers.

"AI tools are only as good as the insights powering them and while creating the agentic SOC is a leading initiative for a number of enterprises, a lackluster source of data is holding them back from success,” said Chris Kissel, Research Vice President, Security & Trust Products, IDC. "ExtraHop is solving this by doubling down on context and further closing the visibility gaps impacted by unobserved Kubernetes environments and user identities. Having this level of insight is critical for organizations deploying AI agents and allows adoption of autonomous operations to continue without sacrificing the pace of innovation."

To learn about the latest updates to the ExtraHop NDR platform, click here.

Additional resources:

• Demo the ExtraHop platform today.
• Learn how ExtraHop stops identity-based attacks.
• Read why NDR maximizes AI’s impact.

About ExtraHop^®

ExtraHop turns the network - the enterprise’s ultimate source of truth - into actionable insight to power security, performance, and resilience. Delivering superior data by design, we ensure superior defense by default.

The ExtraHop modern network detection and response (NDR) platform provides visibility that thinks, analyzing behavior to intercept evasive risks before they cause damage. We transform network noise into definitive context, enabling security teams to make faster decisions and operate at uncompromised scale.

Whether securing cloud modernization or de-risking AI adoption, ExtraHop gives global enterprises the ground truth they need to thrive.

To learn more, visit www.extrahop.com or follow us on LinkedIn.

© 2026 ExtraHop Networks, Inc., RevealX, RevealX 360, RevealX Enterprise, and ExtraHop are registered trademarks or trademarks of ExtraHop Networks, Inc.

View source version on businesswire.com: https://www.businesswire.com/news/home/20260212253385/en/