Newsroom - HUNTERS

Enhanced Hunters SOC Platform streamlines security operations workflows, advances threat detection and investigation effectiveness

Written by Hunters Research Team | May 25, 2022 5:01:00 AM
Hunters SOC Platform:
  • The first platform to inject automation throughout the security operations workflow
  • Includes new Risk Score for risk-based threat prioritization
  • Provides seamless data ingestion and normalization
  • Supports consumption of unlimited data for better security while eliminating noise

NEWTON, Mass. and TEL AVIV, Israel, May 25, 2022 – Hunters announced today new capabilities in the Hunters SOC Platform to enhance and accelerate security operations workflows for data ingestion and normalization, threat detection, investigation and response. The advances free up data engineers, security engineers and analysts in Security Operations Centers (SOC) to focus on higher value work, such as dealing with threats and challenges unique to their organizations.

 

Security operations have long focused on response-based automation to orchestrate mitigation measures, using solutions like SOAR – efforts that only address the final phase of the security workflow – leaving significant opportunities for improvement earlier in the threat management process. SOC reliance on SIEM tools forces them to operate manual, labor-intensive tasks, such as data ingestion, cross-correlation of suspicious activities, detection rules maintenance, and more. These challenges open an opportunity to streamline and automate common SOC tasks - including data engineering, detection management, cross correlation, incident investigation, and response, and to free up the security practitioners to focus on threats that are unique to their environment.

 

The newest version of the Hunters SOC Platform fills these gaps with powerful capabilities:

  • Unlimited data ingestion, retention and schema mapping, removing data engineering efforts from the security teams
  • Automatic calculation of risk level for each threat lead with Hunters Risk Score to determine a Confidence score and Severity score and rapidly identify the most pressing threats
  • A Detection Engine to offload the never-ending task of building and maintaining detection queries, replacing it with MITRE ATT&CK-based automated threat detection across the entire attack surface (including cloud, email, endpoint, identity, etc.)
  • Human-readable Attack Stories, where response and reporting are streamlined as analysts receive a complete contextual view of each real incident

 

“With our traditional SIEM, we would run canned searches to manually contextualize IP addresses, machines, and events, relying on manual efforts to tell the narrative of the incident. But Hunters is laid out in a chronological sequence that is human readable, and not simply epoch timestamps going from earliest to latest. Hunters’ investigation results are presented in a report designed for a human to consume, which was incredibly helpful for my team and our leadership team to immediately understand and make informed decisions with,” said John Fung, Director of Cybersecurity Operations at MorganFranklin and former deputy CISO at Cimpress, a Hunters’ customer.

 

 

Hunters Risk Score - Deep Dive

 

Hunters’ new Risk Score runs multiple scoring models to calculate the risk level of each threat lead, examining multiple characteristics to determine a Confidence score and Severity score of the lead. Confidence and Severity scores are then combined to determine a Risk Score to prioritize the top incidents for analysts to focus on. Risk Score enables security analysts to:

  • Assess the risk of a specific threat in the organization
  • Clearly understand the necessary urgency of response based on the risk assessment
  • Allow analysts to prioritize incidents based on their urgency
  • Customize scoring to fit the risk profile of the organization
  • Add business context to increase precision and reduce the noise

Alerts in the SOC Queue Risk Score breakdown and explainability

 

“The Hunters Risk Score is a culmination of integrated automation steps that reduce the noise that SOCs are struggling with and point the analysts to the efforts where they can best leverage their expertise to secure their environments,” said Ofer Gayer, VP Product at Hunters. “The security market has been conditioned to expect that more data means more people, time, and costs to address threats. Hunters shifts that paradigm by enabling cross-stream correlation, built-in detection, and auto-investigation to cull the noise and false positives, and to allow analysts to focus on the appropriate response measures.”

 

Security operations teams seeking to break away from the data dilemma that burdens engineers and analysts increasingly look to Hunters to modernize their SOCs with a platform that provides automation that enables their people to better focus on threat detection and response. Read the Risk Score blog here to learn more.

 

 

 

Meet Hunters at RSA Conference

Hunters will have a strong presence at RSA event happening at the Moscone Center in San Francisco June 6th-9th, featuring a speaking session, a cocktail event and ongoing demonstrations of its SOC platform in the North Expo, booth #5887. Read more about it here: https://go.hunters.ai/rsa-2022

 

Meet Hunters at the Gartner Security & Risk Summit

Hunters is excited to be a part of the Gartner Security & Risk Management Summit in National Harbor, Maryland June 7-9. We will be speaking on: SOC Renovation - 3 Principles to Adapt to Detection & Response at the Scale of Threats. Visit us at booth #417.

 

 

About Hunters

Hunters SOC Platform empowers security teams to automatically identify and respond to security incidents across their entire attack surface. We enable vendor-agnostic data ingestion and normalization at a predictable cost. Our built-in detection engineering, data correlation, and automatic investigation helps teams overcome volume, complexity, and false positives. Hunters mitigates real threats faster and more reliably than SIEMs, ultimately reducing customers' overall security risk. Learn how enterprises like Booking.com, Snowflake, Netgear and Cimpress leverage Hunters SOC Platform to empower their security teams at https://hunters.ai.

 

Hunters is backed by leading VCs and strategic investors including Stripes, YL Ventures, DTCP, Cisco Investments, Bessemer Venture Partners, U.S. Venture Partners (USVP), Microsoft’s venture fund M12, Blumberg Capital, Snowflake, Databricks, and Okta.

 

Hunters was recognized as the SC Media 2021 Trust Award Finalist for Best Threat Detection Technology and winner of the CISO Choice Awards: Security Analytics and Security Operations.

 

Media Contact:

Deb Montner

Montner Tech PR

dmontner@montner.com