AC-Hunter How It Works

See How it Works

In the clips below, John Strand explains how AC-Hunter can help your company detect threats from malicious malware.

AC-Hunter Overview

A seven minute overview of the problem AC-Hunter solves and how it does it. John discusses how modern backdoors communicate with their command and control (C&C) servers. He discusses the challenges faced with identifying backdoor traffic using classic security tools and techniques. He then dives into the unique way AC-Hunter shines a spotlight on this traffic.


It is common for attackers to use DNS as a backdoor command and control channel. However, it is very hard to detect with traditional IDP/IPS technologies.

Why? Because the data in DNS isn’t consistent enough to write a signature and the servers used are usually trusted DNS servers. See how AC-Hunter can easily detect these troublesome backdoors.

Beaconing Backdoor (VSAgent)

In this video, we walk through a proof of concept backdoor which almost all traditional IDS/IPS systems will not detect. It will introduce you to the difficulty of detecting beaconing backdoors and it will show how AC-Hunter can easily detect these implants.

Social Media Backdoor

Attackers are hiding even deeper in the websites you use every day – sites like Gmail, Tumblr, and Dropbox can be used as command and control servers for malware.

In this video, we show how AC-Hunter can be used to easily detect these backdoors with beaconing data size analysis.

Sign up for email notifications of our new blog posts, threat hunting training, webcasts and other relevant information.

We are not spammy and you can unsubscribe at any time :)

* indicates required