AI-Hunter™ is a solution that Threat Hunts your network to identify which of your systems have been compromised.


There are no agents to install — AI-Hunter verifies all devices, including IoT, IIoT and BYOD regardless of operating system or hardware.


The simple-to-use interface is focused on enabling threat hunting success for everyone from junior analysts to seasoned professionals.

0 New Malware Specimens Found Daily

0 Data Breaches YTD 2020

0 Records Exposed YTD 2020

0 Average Detection Time of a Compromise in Months

Protect your network from being part of these statistics with AI-Hunter.

Take the Fight to the Enemy

Today’s adversaries are getting better and better at hiding their backdoor command and control traffic, and the data they’re sneaking out of your network. The skills gap to ramp up new SOC personnel is getting more and more difficult to bridge.

Active Countermeasures offers you tools almost any IT professional can use to detect these malicious backdoors.


We are passionate about creating simple to use tools that quickly solve complex security problems. We’ve automated and streamlined the techniques used by the best pentesters and threat hunters in the industry.


The result is AI-Hunter a Network Threat Hunting solution that can identify compromised hosts on your network regardless of the operating system, hardware or network link speed. With AI-Hunter you can quickly analyze millions of connection requests and easily identify which systems or IoT devices have been compromised.

The AI-Hunter Dashboard

Start focusing your valuable time on the systems that need your expertise with AI-Hunter.


You no longer need to dig through millions of log entries to identify suspect systems. We are now doing the first pass of the threat hunt for you and providing a threat score for each of your internal systems. The higher the score, the more likely the system has been compromised. All in a single easy-to-read dashboard.


We also identify what specific threat activity was observed that generated the score. Any of these flagged systems can be researched in depth using other modules within AI-Hunter.

AI-Hunter Prioritizes and Color Codes Your Systems to Identify Which Ones Are Most Likely Compromised.

Simply Start at the Top of the List.

AI-Hunter detects malware by targeting its network communications. Rather than analyzing the host itself, where malware writers can leverage a wide range of evasion techniques.


AI-Hunter scrutinizes your network traffic for signs of a compromised system. It does not matter if the data is encrypted or using non-standard communication ports nor does it matter if the compromised system is running Windows, Mac OSX, Linux or running on an appliance.


AI-Hunter can sort through millions of network connections and produce an action item list of the system most likely to be compromised.

A System Frequently Calling Home to a Command and Control Server Is a Clear Indication of a Compromise.

Want to dig into the details of the communication session to understand what makes it suspicious? AI-Hunter provides a wealth of information to support your threat hunting activities. For example, one telltale sign of a compromise is a system that frequently communicates out to an attacker’s command and control (C&C) server.


AI-Hunter produces easy to read graphs to make this activity stand out from your normal network traffic.

AI-Hunter Analyzes a Number of Communication Traits in Order to Score the Likelihood That a System Has Been Compromised.

AI-Hunter uses 24 patented processes to analyze timing and data size characteristics.


AI-Hunter will quickly segregate normal communications from malicious communications. If you choose, you can manually review the data. This is not a requirement, as AI-Hunter will automatically show you which of your systems are behaving badly.


This data is included for those who want to deep dive and achieve a better understanding of the suspicious traffic.

AI-Hunter Lets You Quickly Whitelist Known-To-Be-Safe Communications.

There may be times AI-Hunter flags a communication as suspicious, which you actually know is legitimate. For example, you may have your systems configured to verify their time to a customized time server.


AI-Hunter makes it easy to set up exceptions for these systems so they no longer appear in the final report. Whitelists can be created based on IP address, autonomous system numbers (ASN) or company name.



We have made purchasing and implementing the AI-Hunter Network Threat Hunting Tool as easy as possible. Choose your method of payment, download the AI-Hunter software package and start threat hunting your network. And you won’t be alone in your combat against network adversaries. Our support team is available to assist you along the way.


Shine a light into the shadows with AI-Hunter. You can be up and running in less than an hour. Let’s get started!


Active Countermeasures is recognized by Enterprise Security Magazine as among an annual listing of 10 companies that are at the forefront of providing security analytics solutions and transforming businesses.

``If you are happy not knowing if you are breached or not, do not use this product.``

Cliff Janzen - rSolutions

``At last, let the hunt begin!``

``We have been working with top right Gartner quadrant tools for years, yet AI-Hunter delivered more critical actionable intelligence in 24 hours than the other tools did combined in 2 years. At last, let the hunt begin!``

Sam Ainscow - Barrett Steel Limited

``What kind of Black Magic is this?``

CERT Team - Europe

``Well done Active Countermeasures!``

``This is the only tool we have that detects X backdoor.``

Finance Sector Customer

``Great Stuff!``

``This tool is exactly what I want when doing a hunt.``

John Strand

Sign up for email notifications of our new blog posts, threat hunting training, webcasts and other relevant information.

We are not spammy and you can unsubscribe at any time :)

* indicates required