Use Cases for Extrahop



So I was asked recently about how I use Extrahop\Revealx. it made me start thinking about all the things we use it for. And the list continued for a long time. I would be interested in hearing use cases that other people are using it for. But here is a list of some that we use it for.

DNS Monitoring
DNS trouble shooting
Application Time out trouble shooting
Vendor Trouble shooting
SMTP Trouble shooting
Change verification
Certificate Expiration management
Brute force detection
Lateral Movement detection
ransomware detection
SMB version detection
SMB version removal
SSL Suite Verification and removal
SSL Version verfication and removal
SQL query performance
Active sync metrics
Active directory trouble shooting
Password failed logon detection and trouble shooting
Web analytics
Web error detection
Web site error detections
File write and read failures
Citrix performance detection
OWA failures
Exchange EWS failures
ICMP port unreachable detection
Working on PMTUD detection
File deletes and renames
FTP Monitoring
DHCP monitoring
VIOP Monitoring and alerting
There are many more things we use this for but this is a start. I want to know what others are doing.