0 New Malware specimens found daily
0 Data Breaches in 2018
0 Million Records Exposed in 2018
Take the Fight to the Enemy
Today’s adversaries are getting better and better at hiding their backdoor command and control traffic, and the data they’re sneaking out of your network. The skills gap to ramp up new SOC personnel is getting more and more difficult to bridge.
Active Countermeasures offers you tools almost any IT pro can use to detect these malicious backdoors.
We are passionate about creating simple to use tools that quickly solve complex security problems. We’ve automated and streamlined the techniques used by the best pentesters and threat hunters in the industry.
The result is AI-Hunter™ a Network Threat Hunting solution that can identify compromised hosts on your network regardless of the operating system, hardware or network link speed. With AI-Hunter you can quickly analyze millions of connection requests and easily identify which systems or IoT devices have been compromised.
A quick overview of AI-Hunter™
AI-Hunter prioritizes and color codes your systems to identify which ones are most likely compromised.
Simply start at the top of the list.
AI-Hunter detects malware by targeting its network communications. Rather than analyzing the host itself, where malware writers can leverage a wide range of evasion techniques.
AI-Hunter scrutinizes your network traffic for signs of a compromised system. It does not matter if the data is encrypted or using non-standard communication ports nor does it matter if the compromised system is running Windows, Mac OSX, Linux or running on an appliance.
AI-Hunter can sort through millions of network connections and produce an action item list of the system most likely to be compromised.
Want to dig into the details of the communication session to understand what makes it suspicious? AI-Hunter provides a wealth of information to support your threat hunting activities. For example, one telltale sign of a compromise is a system that frequently communicates out to an attacker’s command and control (C&C) server.
AI-Hunter produces easy to read graphs to make this activity stand out from your normal network traffic.
A system frequently calling home to a command and control server is a clear indication of a compromise.
AI-Hunter analyzes a number of communication traits in order to score the likelihood that a system has been compromised.
AI-Hunter uses 24 patented processes to analyze timing and data size characteristics.
AI-Hunter will quickly segregate normal communications from malicious communications. If you choose, you can manually review the data. This is not a requirement, as AI-Hunter will automatically show you which of your systems are behaving badly.
This data is included for those who want to deep dive and achieve a better understanding of the suspicious traffic.
There may be times AI-Hunter flags a communication as suspicious, which you actually know is legitimate. For example, you may have your systems configured to verify their time to a customized time server.
AI-Hunter makes it easy to set up exceptions for these systems so they no longer appear in the final report. Whitelists can be created based on IP address, autonomous system numbers (ASN) or company name.