Main Menu



Threat Hunting
Framework

A unified proprietary platform of intelligent detection technologies to allow for effective response and mitigation.

In This Section

Highly Effective Monitoring Tool

  • Detection of previously unknown threats based on Threat Intelligence & Attribution data. Proactive search for anomalies, hidden tunnels, and signs of communications with C&C servers.
  • Automated correlation of events and alerts, and subsequent attribution to malware type and/or threat actor
  • Global proactive threat hunting that exposes adversaries’ external infrastructure, TTPs, intent, and plans
  • Proprietary tools – Network graph analysis and malware detonation platform provide data enrichment, correlations, and analysis
  • Full overview of the attack, in-depth management of incidents (up to Mutex/Pipes/Registry/Files)

Detection of Attacker Infrastructure on a Global Scale

Technology conceived to collect a large amount of data and unique search algorithms designed to find connections and help detect infrastructure that hackers intend to use in future attacks

4.2 billion

IP addresses — daily scan of the entire IPv4 address range

211 million

domains and archived data from the past 17 years

145 million

SSH keys

1.6 billion

SSL-certificates

Modules

The complete Threat Hunting Framework (THF) solution includes the following modules:

Managed Detection & Response 24/7

CERT-GIB

  • Alert monitoring
  • Remote response
  • Anomaly analysis
  • Incident management
  • Threat Hunting
  • Critical threat analysis

Detecting Infrastructure Management & Data Analysis

Huntbox

Collaborative Hunting & Response Platform

  • External Threat Hunting
  • Correlation & attribution
  • Data storage
  • Event analysis
  • Internal Threat Hunting
  • Retrospective analysis
  • Module management
  • Single interface

Attacks Detection & Prevention

Sensor

Network Research & Protection

Polygon

Malware Detonation & Research

Huntpoint

Behaviour Inspection & Host Forensics

  • Traffic analysis
  • File extraction
  • Anomaly detection
  • Isolated environment
  • File analysis
  • Link analysis
  • Event logging
  • Retrospective analysis
  • Threat detection
  • Response at hosts

Sensor Industrial

Analysis of industrial control systems

  • Traffic analysis
  • Support for industrial protocols
  • Collection of information on firmware versioning
  • Software integrity control

Decryptor

  • Decrypting TLS/SSL traffic in the protected infrastructure