Hunters Automatic Investigation
Eliminate long, manual investigations with automation and context
.png?width=1787&height=1586&name=Frame%20(2).png)
Eliminate long, manual investigations with automation and context
Leverage automation to offload manual analyst work and shorten investigations and triage processes
Move beyond chasing alerts, manual inspection, and association of potential malicious indicators – all of which can fatigue analysts and delay necessary mitigation actions.
The Hunters SOC Platform ingests, normalizes, and detects at the breadth and scale of modern attacks. With Hunters, automated investigations can now be applied to replace manual and repetitive actions that run down analysts. Analysts are provided with a complete and interactive Attack Story to easily understand, triage, and initiate response at a dramatically accelerated pace.
85% REDUCTION
IN INVESTIGATION TIME
85% REDUCTION
IN INVESTIGATION TIME
Focus on real incidents and slash attacker dwell time


Data Interrogation and Labeling
An exhaustive set of queries ‘interrogates’ each data point and attributes relevant traits to link them to malicious activity
Graph-based Correlation
As entities and activities are identified, graph-based correlation forms and continues to evolve into relevant data cluster connecting related elements into a single view
Machine Learning
ML algorithms are applied to detected leads and entities to investigate, score and prioritize signals, correlating and connecting them together into Attack Stories
Risk Score and Prioritization
Risk Score runs multiple scoring models to calculate the risk level of each threat lead, provide explainability, and determine incident priority according to severity and confidence scoring
Attack Story
Analysts interact with a complete, connected map of all involved entities, addressing questions of who, what, when and where of the incident, and their associated scoring
What does the Hunters Investigation Engine do for you?
Automates investigation and presents incident detail to the analyst
Graphed-based correlation dynamically connects relevant malicious activity over time
Infuses context into attack data
Simplifies and accelerates triage process with dynamic scoring and prioritization
Packages complete incident picture into an easy to understand Attack Story
VALUE PILLARS
our-solution
Helping security teams mitgate real threats faster and more reliably than SIEMs

SIEM Replacement
Using cloud connectors to pipe into existing security tools, or directly connecting to SIEM, Hunters XDR ingests logs, events and telemetry from dozens of data sources on-premises and in the cloud.

Security Analytics | XDR
Hunters XDR extracts both raw data and alerts from existing security data using a stream processing analytics technology which enables near real-time processing and complex analytics.

Security Data Lake
Using cloud connectors to pipe into existing security tools, or directly connecting to SIEM, Hunters XDR ingests logs, events and telemetry from dozens of data sources on-premises and in the cloud.

Automated Threat Hunting
Using cloud connectors to pipe into existing security tools, or directly connecting to SIEM, Hunters XDR ingests logs, events and telemetry from dozens of data sources on-premises and in the cloud.