Active Countermeasures News & Events
- Sun31Mar2019South Euclid, OH
Active Countermeasures, Inc. latest release of AI-Hunter network threat hunting software, has been picked up by the Journal of Cyber Policy.
- Tue26Mar2019Spearfish, SD
Active Countermeasures COO Chris Brenton and AI-Hunter have been featured in the following article:
- Tue26Mar2019Spearfish, SD
Version 3 is in the wild! Although specifically, its version 3.1.4159 for all you Pi fans. 😉
This is a huge update that includes a lot of changes! We would very much like to thank our customers who were kind enough to submit feature requests, as well as the folks that helped out with beta testing. You’ve really made this a team effort.
- Thu07Mar2019San Francisco, CA
Speaking at RSA Conference 2019, Black Hills Information Security owner John Strand discussed threat hunting and how this can be done on a small budget.
- Mon04Mar2019San Francisco, CA
At the newly completed Moscone Center. Active Countermeasures will be at booth #3116 (South Expo). Stop by to visit some of our team in person and get a close-up "touch and feel" of AI-Hunter. We will have a live demo of AI-Hunter running, so you can witness streamlined network threat hunting in action! We will also have a table at the IoT Village area of the RSA Sandbox where we will have a RITA Lab and a SDR Lab. This is a big event and we hope to see you there!
- Wed27Feb2019San Francisco, CA
From Security Boulevard, Home of the Security Bloggers Network:
"John is the owner of Black Hills Information Security and a speaker at RSA Conference 2019. We reached out to John to ask him a few questions as a past RSAC attendee, so read on for his thoughts on what to do at RSAC, and who and what you can’t miss:"
Presented by Chris Brenton & John Strand. We all know what threat hunting is in general terms; its when we actively search our network for compromised systems. But what does that mean exactly and what process should we be following? Can I simply check network traffic to see if the evil bit is set, or is there a bit more to it than that? In this webcast we walk you through the methodology of doing a network threat hunt. Watch the Webcast here.
We are proud to announce that we have released major updates to both RITA, our open source product, and AI-Hunter, our commercial offering. RITA is now up to v2.0.0-beta1 and AI-Hunter is up to v2.1.0. We have made some huge performance improvements in this release! AI-Hunter is now orders of magnitude faster and can handle much larger datasets. We’ve also reorganized the UI to make analysis much easier. You can find more info in the release announcement posted here.
We are proud to be awarded by Enterprise Security Magazine as Top 10 Security Analytics Solution Providers of 2018! Chris Brenton was interviewed for an article about threat hunting that you can read here.
The focus of this release is simplifying the threat hunting process. As of this release, AI-Hunter takes the first pass at threat hunting the network for you. We identify which characteristics could be indicators of a compromise, and assign a “threat score” from zero to 100 to each of your hosts. You can find more info in the release announcement posted here.
- Thu25Oct2018Deadwood, SD
The primary focus of this release was speed and scalability. You should notice that screens run faster and AI-Hunter can process even larger datasets and whitelists. We’ve also reduced the size of the install file by a bit over 25%. We’ve also added a new module called “useragent”. This allows you to quickly identify unique user agents on your network, which may be an indication of systems running unexpected software. The most interesting user agents will automatically show up at the top of the list. You can find more info in the release announcement posted here.
- Tue25Sep2018Las Vegas, NV
Join Chris Brenton, COO of Active Countermeasures, as he discusses the anatomy of beacons and why you need to be looking for them during a threat hunt. He also talks through the challenges of detecting beacons, and some tricks you can use. Watch the Webcast here.
In this release we focused on reducing the time it takes to perform a successful threat hunt. You’ll notice a lot of tweaks that are designed to minimize the need to jump to other tools to collect evidence. We also have a new deep dive module which is one stop shopping to review all suspect activity associated with a specific internal IP address. You can find more info in the release announcement posted here.
- Wed08Aug2018Las Vegas, NV