Installation of AC-Hunter™
AC-Hunter leverages RITA and Zeek to collect packet information from your network and analyze the results. Zeek (previously known as Bro) runs on a single system and connects to a span port just inside your firewall. The AC-Hunter/RITA system can be located anywhere on your internal network provided it has connectivity to the Zeek system.
If you have multiple connections to the Internet, you can run multiple Zeek systems or sensors all feeding data back to the same AC-Hunter/RITA instance.
Does your environment need more than the default configuration? Active Countermeasures is teamed up with Black Hills Information Security (BHIS) to offer professional threat hunting sessions and/or threat assessment training for your analysts. BHIS can offer a package deal which includes:
- Architecture support in deploying AC-Hunter to your environment
- Installation and configuration of AC-Hunter per your specific needs
- A professional threat detection assessment of your network
- Threat hunting training for your security analysts