AI-Hunter™ is a solution that Threat Hunts your network to identify which of your systems have been compromised.


There are no agents to install — AI-Hunter verifies all devices, including IoT, IIoT and BYOD regardless of operating system or hardware.


The simple-to-use interface is focused on enabling threat hunting success for everyone from junior analysts to seasoned professionals.


``At last, let the hunt begin!``

``We have been working with top right Gartner quadrant tools for years, yet AI-Hunter delivered more critical actionable intelligence in 24 hours than the other tools did combined in 2 years. At last, let the hunt begin!``

Sam Ainscow - Barrett Steel Limited

``What kind of Black Magic is this?``

CERT Team - Europe

``Amazing Tool!``

“AI Hunter’s ability to analyze network traffic & identify likely patterns of malicious activity over a period of time is something that flies under the radar of many traffic analysis tools. This approach to discovering malicious network traffic is a great addition to our monitoring capabilities.”

Lance Honer - Day & Zimmermann

``Well done Active Countermeasures!``

``This is the only tool we have that detects X backdoor.``

Finance Sector Customer

``If you are happy not knowing if you are breached or not, do not use this product.``

Cliff Janzen - rSolutions

``Great Stuff!``

``This tool is exactly what I want when doing a hunt.``

John Strand

AI-Hunter Now Protects Over A Half Million Endpoints!

What Problem Do We Solve, and How Do We Help You Better Secure Your Network?

When you look at existing security solutions, they fall into one of two categories. They are either protection based, which is focused on keeping the bad guys out. Firewalls, intrusion detection, two-factor authentication fall into that category. Or they are response based and designed to be implemented once we know the bad guys are in the network. Incident handling is a great example of that. The problem is tying these two together.


AI-Hunter bridges this gap by answering the important question “when have protections failed, and it is time to go into response mode?”

How? AI-Hunter will analyze the previous 24 hours of your network traffic to identify if there are any indications of an internal system that’s been calling out to the internet and creating a command and control channel (C2). That’s our core focus, that’s what we go after – C2 beaconing.


We have a unique solution. To begin with, we’re low touch — we need to monitor traffic going in and out of the internet and that’s it. There are no agents that need to be installed and we can protect everything, including Internet of Things devices that you can’t install software on. If the attackers are encrypting data, we can still spot those command and control channels.


We’ve also created a tool that’s very simple and easy to use. So, it’s not just the smartest person in your Security Operations Center that can do the threat hunting, this can go all the way to the junior analyst level.

Giving Back — Free Training and Tools for the Community

Active Countermeasures is a group of like-minded geeks that believe in giving back to the community. We are passionate about providing quality, educational content for those in the security field. Whether you’re an IT security rookie or a seasoned leader, rest assured we have something for you.


Our free security training is a convenient way for you to acquire new technology expertise. This online training is always available. We’re constantly adding to our vendor-neutral security education to keep ourselves (and you) one step ahead of the curve.


We not only offer free training; we also have open source tools. Including RITA for ingesting Bro/Zeek Logs and Active Defense Harbinger Distribution (ADHD).

Sign up for email notifications of our new blog posts, threat hunting training, webcasts and other relevant information.

We are not spammy and you can unsubscribe at any time :)

* indicates required