AI-Hunter v3.6.0 Is in the Wild!

I’m excited to announce that version 3.6.0 of AI-Hunter has been released! Thank you to all of our awesome partners that participated in beta testing and provided feedback. This really helps us to make a product that both simplifies and expedites the threat hunting process.

One of my favorite new features is that we’ve expanded the external research capability. For example, when you click on an external Ip address, you’ll see this:

You can now quickly jump to any of these investigation sources to help you determine if an IP address is a threat. Don’t see a resource that you like to use? We’ve also included the ability to add in your own. For example, Carbon Black Response users can add CBR to the investigation screen. This is a powerful feature, as it lets you quickly investigate which application on the internal system creates the connection being investigated. We will be building even more functionality info this feature over the next few months.

We’ve also made a major change to the way we do whitelisting. In the past, whitelisting was applied to modules but not to the score shown on the main screen. This was done to ensure that you would not miss something that was whitelisted accidentally. However, customers found this a little confusing so we updated whitelisting to keep it consistent across all screens.

Speaking of consistency, we’ve done a refresh of all of the modules to ensure consistency in reporting. In the past, some screens (like beacons) would display more data about the IP addresses under review than others (like long connections). As of this update, we now present consistent info across all modules.

All current customers can access the new version via their Portal account. Please be sure to check the release notes for install instructions. If you have any problems, do not hesitate to reach out to our support team.

Not an AI-Hunter user yet? See a rundown of how AI-Hunter works, watch our demo video for more info, or check out AI-Hunter purchase details here.

 

 

Interested in threat hunting tools? Check out AC-Hunter

Active Countermeasures is passionate about providing quality, educational content for the Infosec and Threat Hunting community. We appreciate your feedback so we can keep providing the type of content the community wants to see. Please feel free to Email Us with your ideas!

Share this:
AC-Hunter Datasheet
AC-Hunter Personal Demo
What We’re up To
Archives

We're always up to cool threat hunting stuff at Active Countermeasures. Sometimes we want to share our cool stuff and we'll mail it to this list. We are not spammy, and no salesy junk!

* indicates required



Choose the Email Categories You Want to Receive:

(un-check any you don't want)


We're always up to cool threat hunting stuff at Active Countermeasures. Sometimes we want to share our cool stuff and we'll mail it to this list. We are not spammy, and no salesy junk!

* indicates required



Choose the Email Categories You Want to Receive:

(un-check any you don't want)