AI-Hunter™ prioritizes and color codes your systems to identify which ones are most likely compromised. Simply start at the top of the list.
AI-Hunter detects malware by targeting its network communications. Rather than analyzing the host itself, where malware writers can leverage a wide range of evasion techniques, AI-Hunter scrutinizes your network traffic for tell tale signs of a compromised system. It does not matter if the data is encrypted or using non-standard communication ports. It does not matter if the compromised system is running Windows, Mac OSX, Linux or is running on an appliance. AI-Hunter can sort through millions of network connections and produce an action item list of the systems most likely to be compromised.
Want to dig into the details of the communication session to understand what makes it suspicious? AI-Hunter provides a wealth of information to support your threat hunting activities. For example, one tell tale sign of a compromise is a system that frequently communicates out to an attacker’s command and control (C&C) server. AI-Hunter produces easy to read graphs to make this activity stand out from your normal network traffic.
A system frequently calling home to a command and control server is a clear indication of a compromise.
AI-Hunter analyzes a number of communication traits in order to score the likelihood that a system has been compromised.
AI-Hunter™ uses 24 patented processes to analyze timing and data size characteristics. The result is that we quickly segregate normal from malicious communications. If you choose, you can manually review the data. This is not a requirement, as AI-Hunter™ will automatically show you which of your systems are behaving badly. This data is included for those who want to deep dive and achieve a better understanding of the suspicious traffic.
AI-Hunter lets you quickly whitelist know to be safe communications.
No tool is perfect. There may be times AI-Hunter™ flags a communication as suspicious, which you actually know is legitimate. For example, you may have your systems configured to verify their time to a customized time server. AI-Hunter™ makes it easy to setup exceptions for these systems so they no longer appear in the final report. Whitelists can be created based on IP address, autonomous system numbers (ASN) or company name.
Ready to take the next step and be ACTIVE?
– The Initial download of the Software
– Customer Support
– Updates and Feature Improvements
– Patches and Fixes
– Access to Threat Hunting Tricks and Tips
Subscription – Year 2+
– Continued access to Customer Support
– Continued access to Updates and Improvements
– Continued access to Patches and Fixes
– Continued access to Threat Hunting Tricks and Tips