AI-Hunter™ prioritizes and color codes your systems to identify which ones are most likely compromised. Simply start at the top of the list.
AI-Hunter detects malware by targeting its network communications. Rather than analyzing the host itself, where malware writers can leverage a wide range of evasion techniques, AI-Hunter scrutinizes your network traffic for tell tale signs of a compromised system. It does not matter if the data is encrypted or using non-standard communication ports. It does not matter if the compromised system is running Windows, Mac OSX, Linux or is running on an appliance. AI-Hunter can sort through millions of network connections and produce an action item list of the systems most likely to be compromised.
Want to dig into the details of the communication session to understand what makes it suspicious? AI-Hunter provides a wealth of information to support your threat hunting activities. For example, one tell tale sign of a compromise is a system that frequently communicates out to an attacker’s command and control (C&C) server. AI-Hunter produces easy to read graphs to make this activity stand out from your normal network traffic.
A system frequently calling home to a command and control server is a clear indication of a compromise.
AI-Hunter analyzes a number of communication traits in order to score the likelihood that a system has been compromised.
AI-Hunter™ analyzes a number of timing and data size characteristics to segregate normal communications from malicious communications. If you choose, you can manually review these data points as well. Note that this is not a requirement. AI-Hunter will automatically show you which of your systems are behaving badly. This data is included for those who want to do a deep dive and achieve a better understanding of the suspicious traffic.
There are times when suspicious activity is actually “a feature”. For example you may configure your systems to regularly check in with a patching server to see if new security patches need to be installed. AI-Hunter™ makes it easy to setup exceptions for these systems so they no longer appear in the final report.
AI-Hunter lets you quickly whitelist know to be safe communications.
Ready to take the next step and be ACTIVE?
One-time purchase of current software
Note: Must be purchased alongside subscription
Support & Update Subscription Add-on
Includes: Support, Threat Hunting Tips & Tricks, Software Updates & Improvement