AI-Hunter v1.2.1 Has Been Released!
We are proud to say that version 1.2.1 of AI-Hunter has just been released! You can access this latest version via your Portal account.
The primary focus of this release was speed and scalability. You should notice that screens run faster and AI-Hunter can process even larger datasets and whitelists. We’ve also reduced the size of the install file by a bit over 25%.
Some of you have noticed during your threat hunts that malicious beacons tend to generate thousands of beacon sessions. As requested, you can now sort the results on the beacon screen by the total number of beacon sessions so active connection pairs are quickly visible.
We’ve also added a new module called “useragent”. This allows you to quickly identify unique user agents on your network, which may be an indication of systems running unexpected software. The most interesting user agents will automatically show up at the top of the list.
Finally, we’ve made quite a few UI tweaks designed to optimize the interface and improve workflow. For example the dataset you are working with will be displayed in the top left of the screen. The destination IP details in the beacons screen is expanded by default. We’ve also added a number of style changes and tool tips.
We have another update in the works, so please stay tuned. The next one will be pretty major as we will be incorporating support for Netflow and IPFIX.
Chris has been a leader in the IT and security industry for over 20 years. He’s a published author of multiple security books and the primary author of the Cloud Security Alliance’s online training material. As a Fellow Instructor, Chris developed and delivered multiple courses for the SANS Institute. As an alumni of Y-Combinator, Chris has assisted multiple startups, helping them to improve their product security through continuous development and identifying their product market fit.