AC-Hunter Primary Features
Dashboard
Dashboard
Visualize your network hosts sorted by Threat Severity to quickly identify suspect systems.
Beacons
Beacons
AC-Hunter detects consistencies and patterns in the behavior of communications and utilizes a mixture of detection techniques.
Long Conns
Long Conns
One way attackers attempt to evade beacon analysis is by creating persistent connections. These will display as long connections.
DNS
DNS
DNS can be used by attackers as both a covert communication channel, as well as a way to exfiltrate data out of a network.
Strobes
Strobes
Strobes are similar to beacons, however, Strobes are rapidly repeated connections between two hosts.
Safelisting
Safelisting
Safelists can be created based on IP address, fully qualified domain name (FQDN), autonomous system numbers (ASN) or company name.
Alerting
Alerting
AC-Hunter can send threat alerts to any Syslog compatible system (Splunk, Arcsight, QRadar, Sumo Logic, etc).